artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 104c0a8) | patch
Use x509_get_time() to get the Manifest thisUpdate / nextUpdate
authorjob <job@openbsd.org>
Sun, 4 Feb 2024 00:53:27 +0000 (00:53 +0000)
committerjob <job@openbsd.org>
Sun, 4 Feb 2024 00:53:27 +0000 (00:53 +0000)
commit851cae3d0655c5e6b044d9ebbf0b19fea2600f56
treee55d5343990de47aa9d0b0420c960801a07dfe68tree | snapshot
parent104c0a839baf7bd73dd7cb6df3321bb307c53da5commit | diff
Use x509_get_time() to get the Manifest thisUpdate / nextUpdate

From the moment d2i_Manifest() was introduced, it was automatically
checked whether the thisUpdate/nextUpdate are ASN1_GENERALIZEDTIME.

Unfortunately, an additional check is needed, because OpenSSL doesn't
require RFC 5280 conformance for GeneralizedTime DER encoding.

OK tb@
usr.sbin/rpki-client/mft.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim