aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/asn1
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-04-12 11:25:38 -0400
committerJack Lloyd <[email protected]>2018-04-12 11:25:38 -0400
commit25de1f6a94983134e70b1cdbc5ceb226039623ae (patch)
treea9091b371f44b6835c5f5beccd8608809cdf341e /src/lib/asn1
parent6a9557cc5528ec01737e77b67959cba8778f1265 (diff)
Allow year up to 2200 in ASN1 time objects
Also tighten up checking of days Fixes GH #1536
Diffstat (limited to 'src/lib/asn1')
-rw-r--r--src/lib/asn1/asn1_time.cpp21
-rw-r--r--src/lib/asn1/asn1_time.h2
2 files changed, 19 insertions, 4 deletions
diff --git a/src/lib/asn1/asn1_time.cpp b/src/lib/asn1/asn1_time.cpp
index e64fd57c7..863a064f0 100644
--- a/src/lib/asn1/asn1_time.cpp
+++ b/src/lib/asn1/asn1_time.cpp
@@ -213,7 +213,7 @@ void X509_Time::set_to(const std::string& t_spec, ASN1_Tag spec_tag)
}
if(!passes_sanity_check())
- throw Invalid_Argument("Time did not pass sanity check: " + t_spec);
+ throw Invalid_Argument("Time " + t_spec + " does not seem to be valid");
}
/*
@@ -221,13 +221,26 @@ void X509_Time::set_to(const std::string& t_spec, ASN1_Tag spec_tag)
*/
bool X509_Time::passes_sanity_check() const
{
- if(m_year < 1950 || m_year > 2100)
+ if(m_year < 1950 || m_year > 2200)
return false;
if(m_month == 0 || m_month > 12)
return false;
- if(m_day == 0 || m_day > 31)
+
+ const uint32_t days_in_month[12] = { 31, 28+1, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 };
+
+ if(m_day == 0 || m_day > days_in_month[m_month-1])
return false;
- if(m_hour >= 24 || m_minute > 60 || m_second > 60)
+
+ if(m_month == 2 && m_day == 29)
+ {
+ if(m_year % 4 != 0)
+ return false; // not a leap year
+
+ if(m_year % 100 == 0 && m_year % 400 != 0)
+ return false;
+ }
+
+ if(m_hour >= 24 || m_minute >= 60 || m_second > 60)
return false;
if (m_tag == UTC_TIME)
diff --git a/src/lib/asn1/asn1_time.h b/src/lib/asn1/asn1_time.h
index 73bf2747f..717c58a7d 100644
--- a/src/lib/asn1/asn1_time.h
+++ b/src/lib/asn1/asn1_time.h
@@ -72,6 +72,8 @@ bool BOTAN_PUBLIC_API(2,0) operator>=(const X509_Time&, const X509_Time&);
bool BOTAN_PUBLIC_API(2,0) operator<(const X509_Time&, const X509_Time&);
bool BOTAN_PUBLIC_API(2,0) operator>(const X509_Time&, const X509_Time&);
+typedef X509_Time ASN1_Time;
+
}
#endif