Head

GCC Code Coverage Report

Directory:	./		Exec	Total	Coverage
File:	lib/libcrypto/asn1/a_time_tm.c	Lines:	143	199	71.9 %
Date:	2017-11-07	Branches:	93	152	61.2 %


/* $OpenBSD: a_time_tm.c,v 1.14 2017/08/28 17:42:47 jsing Exp $ */
/*
 * Copyright (c) 2015 Bob Beck <beck@openbsd.org>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */
#include <ctype.h>
#include <limits.h>
#include <stdio.h>
#include <string.h>
#include <time.h>

#include <openssl/asn1t.h>
#include <openssl/err.h>

#include "o_time.h"

#define RFC5280 0
#define GENTIME_LENGTH 15
#define UTCTIME_LENGTH 13

int
ASN1_time_tm_cmp(struct tm *tm1, struct tm *tm2)
{
	if (tm1->tm_year < tm2->tm_year)
		return (-1);
	if (tm1->tm_year > tm2->tm_year)
		return (1);
	if (tm1->tm_mon < tm2->tm_mon)
		return (-1);
	if (tm1->tm_mon > tm2->tm_mon)
		return (1);
	if (tm1->tm_mday < tm2->tm_mday)
		return (-1);
	if (tm1->tm_mday > tm2->tm_mday)
		return (1);
	if (tm1->tm_hour < tm2->tm_hour)
		return (-1);
	if (tm1->tm_hour > tm2->tm_hour)
		return (1);
	if (tm1->tm_min < tm2->tm_min)
		return (-1);
	if (tm1->tm_min > tm2->tm_min)
		return (1);
	if (tm1->tm_sec < tm2->tm_sec)
		return (-1);
	if (tm1->tm_sec > tm2->tm_sec)
		return (1);
	return 0;
}

int
ASN1_time_tm_clamp_notafter(struct tm *tm)
{
#ifdef SMALL_TIME_T
	struct tm broken_os_epoch_tm;
	time_t broken_os_epoch_time = INT_MAX;

	if (gmtime_r(&broken_os_epoch_time, &broken_os_epoch_tm) == NULL)
		return 0;

	if (ASN1_time_tm_cmp(tm, &broken_os_epoch_tm) == 1)
		memcpy(tm, &broken_os_epoch_tm, sizeof(*tm));
#endif
	return 1;
}

/* Format a time as an RFC 5280 format Generalized time */
char *
gentime_string_from_tm(struct tm *tm)
{
	char *ret = NULL;
	int year;

	year = tm->tm_year + 1900;
	if (year < 0 || year > 9999)
		return (NULL);

	if (asprintf(&ret, "%04u%02u%02u%02u%02u%02uZ", year,
	    tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min,
	    tm->tm_sec) == -1)
		ret = NULL;

	return (ret);
}

/* Format a time as an RFC 5280 format UTC time */
char *
utctime_string_from_tm(struct tm *tm)
{
	char *ret = NULL;

	if (tm->tm_year >= 150 || tm->tm_year < 50)
		return (NULL);

	if (asprintf(&ret, "%02u%02u%02u%02u%02u%02uZ",
	    tm->tm_year % 100,  tm->tm_mon + 1, tm->tm_mday,
	    tm->tm_hour, tm->tm_min, tm->tm_sec) == -1)
		ret = NULL;

	return (ret);
}

/* Format a time correctly for an X509 object as per RFC 5280 */
char *
rfc5280_string_from_tm(struct tm *tm)
{
	char *ret = NULL;
	int year;

	year = tm->tm_year + 1900;
	if (year < 1950 || year > 9999)
		return (NULL);

	if (year < 2050)
		ret = utctime_string_from_tm(tm);
	else
		ret = gentime_string_from_tm(tm);

	return (ret);
}

/*
 * Parse an RFC 5280 format ASN.1 time string.
 *
 * mode must be:
 * 0 if we expect to parse a time as specified in RFC 5280 for an X509 object.
 * V_ASN1_UTCTIME if we wish to parse an RFC5280 format UTC time.
 * V_ASN1_GENERALIZEDTIME if we wish to parse an RFC5280 format Generalized time.
 *
 * Returns:
 * -1 if the string was invalid.
 * V_ASN1_UTCTIME if the string validated as a UTC time string.
 * V_ASN1_GENERALIZEDTIME if the string validated as a Generalized time string.
 *
 * Fills in *tm with the corresponding time if tm is non NULL.
 */
#define	ATOI2(ar)	((ar) += 2, ((ar)[-2] - '0') * 10 + ((ar)[-1] - '0'))
int
ASN1_time_parse(const char *bytes, size_t len, struct tm *tm, int mode)
{
	size_t i;
	int type = 0;
	struct tm ltm;
	struct tm *lt;
	const char *p;

	if (bytes == NULL)
		return (-1);

	/* Constrain to valid lengths. */
	if (len != UTCTIME_LENGTH && len != GENTIME_LENGTH)
		return (-1);

	lt = tm;
	if (lt == NULL) {
		memset(&ltm, 0, sizeof(ltm));
		lt = &ltm;
	}

	/* Timezone is required and must be GMT (Zulu). */
	if (bytes[len - 1] != 'Z')
		return (-1);

	/* Make sure everything else is digits. */
	for (i = 0; i < len - 1; i++) {
		if (isdigit((unsigned char)bytes[i]))
			continue;
		return (-1);
	}

	/*
	 * Validate and convert the time
	 */
	p = bytes;
	switch (len) {
	case GENTIME_LENGTH:
		if (mode == V_ASN1_UTCTIME)
			return (-1);
		lt->tm_year = (ATOI2(p) * 100) - 1900;	/* cc */
		type = V_ASN1_GENERALIZEDTIME;
		/* FALLTHROUGH */
	case UTCTIME_LENGTH:
		if (type == 0) {
			if (mode == V_ASN1_GENERALIZEDTIME)
				return (-1);
			type = V_ASN1_UTCTIME;
		}
		lt->tm_year += ATOI2(p);		/* yy */
		if (type == V_ASN1_UTCTIME) {
			if (lt->tm_year < 50)
				lt->tm_year += 100;
		}
		lt->tm_mon = ATOI2(p) - 1;		/* mm */
		if (lt->tm_mon < 0 || lt->tm_mon > 11)
			return (-1);
		lt->tm_mday = ATOI2(p);			/* dd */
		if (lt->tm_mday < 1 || lt->tm_mday > 31)
			return (-1);
		lt->tm_hour = ATOI2(p);			/* HH */
		if (lt->tm_hour < 0 || lt->tm_hour > 23)
			return (-1);
		lt->tm_min = ATOI2(p);			/* MM */
		if (lt->tm_min < 0 || lt->tm_min > 59)
			return (-1);
		lt->tm_sec = ATOI2(p);			/* SS */
		/* Leap second 60 is not accepted. Reconsider later? */
		if (lt->tm_sec < 0 || lt->tm_sec > 59)
			return (-1);
		break;
	default:
		return (-1);
	}

	return (type);
}

/*
 * ASN1_TIME generic functions.
 */

static int
ASN1_TIME_set_string_internal(ASN1_TIME *s, const char *str, int mode)
{
	int type;
	char *tmp;

	if ((type = ASN1_time_parse(str, strlen(str), NULL, mode)) == -1)
		return (0);
	if (mode != 0 && mode != type)
		return (0);

	if (s == NULL)
		return (1);

	if ((tmp = strdup(str)) == NULL)
		return (0);
	free(s->data);
	s->data = tmp;
	s->length = strlen(tmp);
	s->type = type;

	return (1);
}

static ASN1_TIME *
ASN1_TIME_adj_internal(ASN1_TIME *s, time_t t, int offset_day, long offset_sec,
    int mode)
{
	int allocated = 0;
	struct tm tm;
	size_t len;
	char * p;

 	if (gmtime_r(&t, &tm) == NULL)
 		return (NULL);

	if (offset_day || offset_sec) {
		if (!OPENSSL_gmtime_adj(&tm, offset_day, offset_sec))
			return (NULL);
	}

	switch (mode) {
	case V_ASN1_UTCTIME:
		p = utctime_string_from_tm(&tm);
		break;
	case V_ASN1_GENERALIZEDTIME:
		p = gentime_string_from_tm(&tm);
		break;
	case RFC5280:
		p = rfc5280_string_from_tm(&tm);
		break;
	default:
		return (NULL);
	}
	if (p == NULL) {
		ASN1error(ASN1_R_ILLEGAL_TIME_VALUE);
		return (NULL);
	}

	if (s == NULL) {
		if ((s = ASN1_TIME_new()) == NULL)
			return (NULL);
		allocated = 1;
	}

	len = strlen(p);
	switch (len) {
	case GENTIME_LENGTH:
		s->type = V_ASN1_GENERALIZEDTIME;
		break;
 	case UTCTIME_LENGTH:
		s->type = V_ASN1_UTCTIME;
		break;
	default:
		if (allocated)
			ASN1_TIME_free(s);
		free(p);
		return (NULL);
	}
	free(s->data);
	s->data = p;
	s->length = len;
	return (s);
}

ASN1_TIME *
ASN1_TIME_set(ASN1_TIME *s, time_t t)
{
	return (ASN1_TIME_adj(s, t, 0, 0));
}

ASN1_TIME *
ASN1_TIME_set_tm(ASN1_TIME *s, struct tm *tm)
{
	time_t t;

	if ((t = timegm(tm)) == -1)
		return NULL;
	return (ASN1_TIME_adj(s, t, 0, 0));
}

ASN1_TIME *
ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, long offset_sec)
{
	return (ASN1_TIME_adj_internal(s, t, offset_day, offset_sec, RFC5280));
}

int
ASN1_TIME_check(ASN1_TIME *t)
{
	if (t->type != V_ASN1_GENERALIZEDTIME && t->type != V_ASN1_UTCTIME)
		return (0);
	return (t->type == ASN1_time_parse(t->data, t->length, NULL, t->type));
}

ASN1_GENERALIZEDTIME *
ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out)
{
	ASN1_GENERALIZEDTIME *tmp = NULL;
	struct tm tm;
	char *str;

	if (t->type != V_ASN1_GENERALIZEDTIME && t->type != V_ASN1_UTCTIME)
		return (NULL);

	memset(&tm, 0, sizeof(tm));
	if (t->type != ASN1_time_parse(t->data, t->length, &tm, t->type))
		return (NULL);
	if ((str = gentime_string_from_tm(&tm)) == NULL)
		return (NULL);

	if (out != NULL)
		tmp = *out;
	if (tmp == NULL && (tmp = ASN1_GENERALIZEDTIME_new()) == NULL) {
		free(str);
		return (NULL);
	}
	if (out != NULL)
		*out = tmp;

	free(tmp->data);
	tmp->data = str;
	tmp->length = strlen(str);
	return (tmp);
}

int
ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
{
	return (ASN1_TIME_set_string_internal(s, str, 0));
}

/*
 * ASN1_UTCTIME wrappers
 */

int
ASN1_UTCTIME_check(ASN1_UTCTIME *d)
{
	if (d->type != V_ASN1_UTCTIME)
		return (0);
	return (d->type == ASN1_time_parse(d->data, d->length, NULL, d->type));
}

int
ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str)
{
	if (s != NULL && s->type != V_ASN1_UTCTIME)
		return (0);
	return (ASN1_TIME_set_string_internal(s, str, V_ASN1_UTCTIME));
}

ASN1_UTCTIME *
ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
{
	return (ASN1_UTCTIME_adj(s, t, 0, 0));
}

ASN1_UTCTIME *
ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, int offset_day, long offset_sec)
{
	return (ASN1_TIME_adj_internal(s, t, offset_day, offset_sec,
	    V_ASN1_UTCTIME));
}

int
ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t2)
{
	struct tm tm1, tm2;

	/*
	 * This function has never handled failure conditions properly
	 * and should be deprecated. The OpenSSL version used to
	 * simply follow NULL pointers on failure. BoringSSL and
	 * OpenSSL now make it return -2 on failure.
	 *
	 * The danger is that users of this function will not
	 * differentiate the -2 failure case from t1 < t2.
	 */
	if (ASN1_time_parse(s->data, s->length, &tm1, V_ASN1_UTCTIME) == -1)
		return (-2); /* XXX */

	if (gmtime_r(&t2, &tm2) == NULL)
		return (-2); /* XXX */

	return ASN1_time_tm_cmp(&tm1, &tm2);
}

/*
 * ASN1_GENERALIZEDTIME wrappers
 */

int
ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
{
	if (d->type != V_ASN1_GENERALIZEDTIME)
		return (0);
	return (d->type == ASN1_time_parse(d->data, d->length, NULL, d->type));
}

int
ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str)
{
	if (s != NULL && s->type != V_ASN1_GENERALIZEDTIME)
		return (0);
	return (ASN1_TIME_set_string_internal(s, str, V_ASN1_GENERALIZEDTIME));
}

ASN1_GENERALIZEDTIME *
ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, time_t t)
{
	return (ASN1_GENERALIZEDTIME_adj(s, t, 0, 0));
}

ASN1_GENERALIZEDTIME *
ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, time_t t, int offset_day,
    long offset_sec)
{
	return (ASN1_TIME_adj_internal(s, t, offset_day, offset_sec,
	    V_ASN1_GENERALIZEDTIME));
}


Generated by: GCOVR (Version 3.3)

Line	Branch	Exec	Source
1			/* $OpenBSD: a_time_tm.c,v 1.14 2017/08/28 17:42:47 jsing Exp $ */
2			/*
3			* Copyright (c) 2015 Bob Beck <beck@openbsd.org>
4			*
5			* Permission to use, copy, modify, and distribute this software for any
6			* purpose with or without fee is hereby granted, provided that the above
7			* copyright notice and this permission notice appear in all copies.
8			*
9			* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10			* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11			* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12			* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13			* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14			* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15			* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16			*/
17			#include <ctype.h>
18			#include <limits.h>
19			#include <stdio.h>
20			#include <string.h>
21			#include <time.h>
22
23			#include <openssl/asn1t.h>
24			#include <openssl/err.h>
25
26			#include "o_time.h"
27
28			#define RFC5280 0
29			#define GENTIME_LENGTH 15
30			#define UTCTIME_LENGTH 13
31
32			int
33			ASN1_time_tm_cmp(struct tm tm1, struct tm tm2)
34			{
35	✓✓	17376	if (tm1->tm_year < tm2->tm_year)
36		780	return (-1);
37	✓✓	7908	if (tm1->tm_year > tm2->tm_year)
38		783	return (1);
39	✗✓	7125	if (tm1->tm_mon < tm2->tm_mon)
40			return (-1);
41	✗✓	7125	if (tm1->tm_mon > tm2->tm_mon)
42			return (1);
43	✗✓	7125	if (tm1->tm_mday < tm2->tm_mday)
44			return (-1);
45	✓✓	7125	if (tm1->tm_mday > tm2->tm_mday)
46		3550	return (1);
47	✗✓	3575	if (tm1->tm_hour < tm2->tm_hour)
48			return (-1);
49	✗✓	3575	if (tm1->tm_hour > tm2->tm_hour)
50			return (1);
51	✓✓	3575	if (tm1->tm_min < tm2->tm_min)
52		4	return (-1);
53	✓✓	3571	if (tm1->tm_min > tm2->tm_min)
54		3	return (1);
55	✓✓	3568	if (tm1->tm_sec < tm2->tm_sec)
56		3547	return (-1);
57	✓✓	21	if (tm1->tm_sec > tm2->tm_sec)
58		6	return (1);
59		15	return 0;
60		8688	}
61
62			int
63			ASN1_time_tm_clamp_notafter(struct tm *tm)
64			{
65			#ifdef SMALL_TIME_T
66			struct tm broken_os_epoch_tm;
67			time_t broken_os_epoch_time = INT_MAX;
68
69			if (gmtime_r(&broken_os_epoch_time, &broken_os_epoch_tm) == NULL)
70			return 0;
71
72			if (ASN1_time_tm_cmp(tm, &broken_os_epoch_tm) == 1)
73			memcpy(tm, &broken_os_epoch_tm, sizeof(*tm));
74			#endif
75		8692	return 1;
76			}
77
78			/* Format a time as an RFC 5280 format Generalized time */
79			char *
80			gentime_string_from_tm(struct tm *tm)
81			{
82		42	char *ret = NULL;
83			int year;
84
85		21	year = tm->tm_year + 1900;
86	✗✓	21	if (year < 0 \|\| year > 9999)
87			return (NULL);
88
89	✗✓	42	if (asprintf(&ret, "%04u%02u%02u%02u%02u%02uZ", year,
90		21	tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min,
91		42	tm->tm_sec) == -1)
92			ret = NULL;
93
94		21	return (ret);
95		21	}
96
97			/* Format a time as an RFC 5280 format UTC time */
98			char *
99			utctime_string_from_tm(struct tm *tm)
100			{
101		278	char *ret = NULL;
102
103	✓✗✗✓	278	if (tm->tm_year >= 150 \|\| tm->tm_year < 50)
104			return (NULL);
105
106	✗✓	278	if (asprintf(&ret, "%02u%02u%02u%02u%02u%02uZ",
107		139	tm->tm_year % 100, tm->tm_mon + 1, tm->tm_mday,
108		278	tm->tm_hour, tm->tm_min, tm->tm_sec) == -1)
109			ret = NULL;
110
111		139	return (ret);
112		139	}
113
114			/* Format a time correctly for an X509 object as per RFC 5280 */
115			char *
116			rfc5280_string_from_tm(struct tm *tm)
117			{
118			char *ret = NULL;
119			int year;
120
121		252	year = tm->tm_year + 1900;
122	✗✓	126	if (year < 1950 \|\| year > 9999)
123			return (NULL);
124
125	✓✗	126	if (year < 2050)
126		126	ret = utctime_string_from_tm(tm);
127			else
128			ret = gentime_string_from_tm(tm);
129
130		126	return (ret);
131		126	}
132
133			/*
134			* Parse an RFC 5280 format ASN.1 time string.
135			*
136			* mode must be:
137			* 0 if we expect to parse a time as specified in RFC 5280 for an X509 object.
138			* V_ASN1_UTCTIME if we wish to parse an RFC5280 format UTC time.
139			* V_ASN1_GENERALIZEDTIME if we wish to parse an RFC5280 format Generalized time.
140			*
141			* Returns:
142			* -1 if the string was invalid.
143			* V_ASN1_UTCTIME if the string validated as a UTC time string.
144			* V_ASN1_GENERALIZEDTIME if the string validated as a Generalized time string.
145			*
146			* Fills in *tm with the corresponding time if tm is non NULL.
147			*/
148			#define ATOI2(ar) ((ar) += 2, ((ar)[-2] - '0') * 10 + ((ar)[-1] - '0'))
149			int
150			ASN1_time_parse(const char bytes, size_t len, struct tm tm, int mode)
151			{
152			size_t i;
153			int type = 0;
154		17828	struct tm ltm;
155			struct tm *lt;
156			const char *p;
157
158	✗✓	8914	if (bytes == NULL)
159			return (-1);
160
161			/* Constrain to valid lengths. */
162	✓✓	8914	if (len != UTCTIME_LENGTH && len != GENTIME_LENGTH)
163		72	return (-1);
164
165			lt = tm;
166	✓✓	8842	if (lt == NULL) {
167		100	memset(&ltm, 0, sizeof(ltm));
168			lt = &ltm;
169		100	}
170
171			/* Timezone is required and must be GMT (Zulu). */
172	✗✓	8842	if (bytes[len - 1] != 'Z')
173			return (-1);
174
175			/* Make sure everything else is digits. */
176	✓✓	229940	for (i = 0; i < len - 1; i++) {
177	✓✓	106134	if (isdigit((unsigned char)bytes[i]))
178			continue;
179		6	return (-1);
180			}
181
182			/*
183			* Validate and convert the time
184			*/
185			p = bytes;
186	✓✓✗	8879	switch (len) {
187			case GENTIME_LENGTH:
188	✓✓	48	if (mode == V_ASN1_UTCTIME)
189		5	return (-1);
190		43	lt->tm_year = (ATOI2(p) * 100) - 1900; /* cc */
191		43	type = V_ASN1_GENERALIZEDTIME;
192			/* FALLTHROUGH */
193			case UTCTIME_LENGTH:
194	✓✓	8831	if (type == 0) {
195	✓✓	8788	if (mode == V_ASN1_GENERALIZEDTIME)
196		1	return (-1);
197			type = V_ASN1_UTCTIME;
198		8787	}
199		8830	lt->tm_year += ATOI2(p); /* yy */
200	✓✓	8830	if (type == V_ASN1_UTCTIME) {
201	✓✓	8787	if (lt->tm_year < 50)
202		8774	lt->tm_year += 100;
203			}
204		8830	lt->tm_mon = ATOI2(p) - 1; /* mm */
205	✓✗✓✓	17660	if (lt->tm_mon < 0 \|\| lt->tm_mon > 11)
206		2	return (-1);
207		8828	lt->tm_mday = ATOI2(p); /* dd */
208	✓✗✗✓	17656	if (lt->tm_mday < 1 \|\| lt->tm_mday > 31)
209			return (-1);
210		8828	lt->tm_hour = ATOI2(p); /* HH */
211	✓✗✗✓	17656	if (lt->tm_hour < 0 \|\| lt->tm_hour > 23)
212			return (-1);
213		8828	lt->tm_min = ATOI2(p); /* MM */
214	✓✗✗✓	17656	if (lt->tm_min < 0 \|\| lt->tm_min > 59)
215			return (-1);
216		8828	lt->tm_sec = ATOI2(p); /* SS */
217			/* Leap second 60 is not accepted. Reconsider later? */
218	✓✗✗✓	17656	if (lt->tm_sec < 0 \|\| lt->tm_sec > 59)
219			return (-1);
220			break;
221			default:
222			return (-1);
223			}
224
225		8828	return (type);
226		8914	}
227
228			/*
229			* ASN1_TIME generic functions.
230			*/
231
232			static int
233			ASN1_TIME_set_string_internal(ASN1_TIME s, const char str, int mode)
234			{
235			int type;
236			char *tmp;
237
238	✓✓	344	if ((type = ASN1_time_parse(str, strlen(str), NULL, mode)) == -1)
239		86	return (0);
240	✓✓✗✓	125	if (mode != 0 && mode != type)
241			return (0);
242
243	✓✓	86	if (s == NULL)
244		42	return (1);
245
246	✗✓	44	if ((tmp = strdup(str)) == NULL)
247			return (0);
248		44	free(s->data);
249		44	s->data = tmp;
250		44	s->length = strlen(tmp);
251		44	s->type = type;
252
253		44	return (1);
254		172	}
255
256			static ASN1_TIME *
257			ASN1_TIME_adj_internal(ASN1_TIME *s, time_t t, int offset_day, long offset_sec,
258			int mode)
259			{
260			int allocated = 0;
261		148	struct tm tm;
262			size_t len;
263			char * p;
264
265	✗✓	148	if (gmtime_r(&t, &tm) == NULL)
266			return (NULL);
267
268	✓✓	148	if (offset_day \|\| offset_sec) {
269	✗✓	52	if (!OPENSSL_gmtime_adj(&tm, offset_day, offset_sec))
270			return (NULL);
271			}
272
273	✓✓✓✗	148	switch (mode) {
274			case V_ASN1_UTCTIME:
275		13	p = utctime_string_from_tm(&tm);
276		13	break;
277			case V_ASN1_GENERALIZEDTIME:
278		9	p = gentime_string_from_tm(&tm);
279		9	break;
280			case RFC5280:
281		126	p = rfc5280_string_from_tm(&tm);
282		126	break;
283			default:
284			return (NULL);
285			}
286	✗✓	148	if (p == NULL) {
287			ASN1error(ASN1_R_ILLEGAL_TIME_VALUE);
288			return (NULL);
289			}
290
291	✓✓	148	if (s == NULL) {
292	✗✓	40	if ((s = ASN1_TIME_new()) == NULL)
293			return (NULL);
294			allocated = 1;
295		40	}
296
297		148	len = strlen(p);
298	✓✓✗	148	switch (len) {
299			case GENTIME_LENGTH:
300			s->type = V_ASN1_GENERALIZEDTIME;
301		9	break;
302			case UTCTIME_LENGTH:
303			s->type = V_ASN1_UTCTIME;
304		139	break;
305			default:
306			if (allocated)
307			ASN1_TIME_free(s);
308			free(p);
309			return (NULL);
310			}
311		148	free(s->data);
312		148	s->data = p;
313		148	s->length = len;
314		148	return (s);
315		148	}
316
317			ASN1_TIME *
318			ASN1_TIME_set(ASN1_TIME *s, time_t t)
319			{
320			return (ASN1_TIME_adj(s, t, 0, 0));
321			}
322
323			ASN1_TIME *
324			ASN1_TIME_set_tm(ASN1_TIME s, struct tm tm)
325			{
326			time_t t;
327
328			if ((t = timegm(tm)) == -1)
329			return NULL;
330			return (ASN1_TIME_adj(s, t, 0, 0));
331			}
332
333			ASN1_TIME *
334			ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, long offset_sec)
335			{
336		252	return (ASN1_TIME_adj_internal(s, t, offset_day, offset_sec, RFC5280));
337			}
338
339			int
340			ASN1_TIME_check(ASN1_TIME *t)
341			{
342			if (t->type != V_ASN1_GENERALIZEDTIME && t->type != V_ASN1_UTCTIME)
343			return (0);
344			return (t->type == ASN1_time_parse(t->data, t->length, NULL, t->type));
345			}
346
347			ASN1_GENERALIZEDTIME *
348			ASN1_TIME_to_generalizedtime(ASN1_TIME t, ASN1_GENERALIZEDTIME *out)
349			{
350			ASN1_GENERALIZEDTIME *tmp = NULL;
351		24	struct tm tm;
352			char *str;
353
354	✓✗✗✓	24	if (t->type != V_ASN1_GENERALIZEDTIME && t->type != V_ASN1_UTCTIME)
355			return (NULL);
356
357		12	memset(&tm, 0, sizeof(tm));
358	✗✓	12	if (t->type != ASN1_time_parse(t->data, t->length, &tm, t->type))
359			return (NULL);
360	✗✓	12	if ((str = gentime_string_from_tm(&tm)) == NULL)
361			return (NULL);
362
363	✓✗	12	if (out != NULL)
364		12	tmp = *out;
365	✗✓✗✗	12	if (tmp == NULL && (tmp = ASN1_GENERALIZEDTIME_new()) == NULL) {
366			free(str);
367			return (NULL);
368			}
369	✓✗	12	if (out != NULL)
370		12	*out = tmp;
371
372		12	free(tmp->data);
373		12	tmp->data = str;
374		12	tmp->length = strlen(str);
375		12	return (tmp);
376		12	}
377
378			int
379			ASN1_TIME_set_string(ASN1_TIME s, const char str)
380			{
381		148	return (ASN1_TIME_set_string_internal(s, str, 0));
382			}
383
384			/*
385			* ASN1_UTCTIME wrappers
386			*/
387
388			int
389			ASN1_UTCTIME_check(ASN1_UTCTIME *d)
390			{
391			if (d->type != V_ASN1_UTCTIME)
392			return (0);
393			return (d->type == ASN1_time_parse(d->data, d->length, NULL, d->type));
394			}
395
396			int
397			ASN1_UTCTIME_set_string(ASN1_UTCTIME s, const char str)
398			{
399	✓✓✗✓	167	if (s != NULL && s->type != V_ASN1_UTCTIME)
400			return (0);
401		57	return (ASN1_TIME_set_string_internal(s, str, V_ASN1_UTCTIME));
402		57	}
403
404			ASN1_UTCTIME *
405			ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
406			{
407		26	return (ASN1_UTCTIME_adj(s, t, 0, 0));
408			}
409
410			ASN1_UTCTIME *
411			ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, int offset_day, long offset_sec)
412			{
413		26	return (ASN1_TIME_adj_internal(s, t, offset_day, offset_sec,
414			V_ASN1_UTCTIME));
415			}
416
417			int
418			ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t2)
419			{
420			struct tm tm1, tm2;
421
422			/*
423			* This function has never handled failure conditions properly
424			* and should be deprecated. The OpenSSL version used to
425			* simply follow NULL pointers on failure. BoringSSL and
426			* OpenSSL now make it return -2 on failure.
427			*
428			* The danger is that users of this function will not
429			* differentiate the -2 failure case from t1 < t2.
430			*/
431			if (ASN1_time_parse(s->data, s->length, &tm1, V_ASN1_UTCTIME) == -1)
432			return (-2); /* XXX */
433
434			if (gmtime_r(&t2, &tm2) == NULL)
435			return (-2); /* XXX */
436
437			return ASN1_time_tm_cmp(&tm1, &tm2);
438			}
439
440			/*
441			* ASN1_GENERALIZEDTIME wrappers
442			*/
443
444			int
445			ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
446			{
447			if (d->type != V_ASN1_GENERALIZEDTIME)
448			return (0);
449			return (d->type == ASN1_time_parse(d->data, d->length, NULL, d->type));
450			}
451
452			int
453			ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME s, const char str)
454			{
455	✓✓✗✓	121	if (s != NULL && s->type != V_ASN1_GENERALIZEDTIME)
456			return (0);
457		41	return (ASN1_TIME_set_string_internal(s, str, V_ASN1_GENERALIZEDTIME));
458		41	}
459
460			ASN1_GENERALIZEDTIME *
461			ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, time_t t)
462			{
463		18	return (ASN1_GENERALIZEDTIME_adj(s, t, 0, 0));
464			}
465
466			ASN1_GENERALIZEDTIME *
467			ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, time_t t, int offset_day,
468			long offset_sec)
469			{
470		18	return (ASN1_TIME_adj_internal(s, t, offset_day, offset_sec,
471			V_ASN1_GENERALIZEDTIME));
472			}