time_t time_sec = (time_t) sec;
struct tm *tm = NULL;
char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS];
- char *p = genTime_str;
- char *p_end = genTime_str + sizeof(genTime_str);
+ char *p;
+ int rv;
if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
goto err;
* meet the rfc3161 requirement: "GeneralizedTime syntax can include
* fraction-of-second details".
*/
- p += BIO_snprintf(p, p_end - p,
- "%04d%02d%02d%02d%02d%02d",
+ if (precision > 0) {
+ rv = snprintf(genTime_str, sizeof(genTime_str),
+ "%04d%02d%02d%02d%02d%02d.%ldZ",
tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
- tm->tm_hour, tm->tm_min, tm->tm_sec);
- if (precision > 0)
- {
- /* Add fraction of seconds (leave space for dot and null). */
- BIO_snprintf(p, 2 + precision, ".%ld", usec);
- /* We cannot use the snprintf return value,
- because it might have been truncated. */
- p += strlen(p);
-
+ tm->tm_hour, tm->tm_min, tm->tm_sec, usec);
+ if (rv == -1 || rv >= sizeof(genTime_str))
+ goto err;
/* To make things a bit harder, X.690 | ISO/IEC 8825-1 provides
the following restrictions for a DER-encoding, which OpenSSL
(specifically ASN1_GENERALIZEDTIME_check() function) doesn't
omitted." */
/* Remove trailing zeros. The dot guarantees the exit
condition of this loop even if all the digits are zero. */
- while (*--p == '0')
- /* empty */;
- /* p points to either the dot or the last non-zero digit. */
- if (*p != '.') ++p;
- }
- /* Add the trailing Z and the terminating null. */
- *p++ = 'Z';
- *p++ = '\0';
+ p = strchr(genTime_str, 'Z');
+ p--; /* move back in front of Z */
+ /* pass over 0s */
+ while (*p == '0')
+ p--;
+ /* if we're not at . we're at an interesting digit */
+ if (*p != '.')
+ p++;
+ *p++ = 'Z';
+ *p = 0;
+ } else {
+ rv = snprintf(genTime_str, sizeof(genTime_str),
+ "%04d%02d%02d%02d%02d%02dZ",
+ tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
+ tm->tm_hour, tm->tm_min, tm->tm_sec);
+ if (rv == -1 || rv >= sizeof(genTime_str))
+ goto err;
+ }
/* Now call OpenSSL to check and set our genTime value */
if (!asn1_time && !(asn1_time = M_ASN1_GENERALIZEDTIME_new()))
time_t time_sec = (time_t) sec;
struct tm *tm = NULL;
char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS];
- char *p = genTime_str;
- char *p_end = genTime_str + sizeof(genTime_str);
+ char *p;
+ int rv;
if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
goto err;
* meet the rfc3161 requirement: "GeneralizedTime syntax can include
* fraction-of-second details".
*/
- p += BIO_snprintf(p, p_end - p,
- "%04d%02d%02d%02d%02d%02d",
+ if (precision > 0) {
+ rv = snprintf(genTime_str, sizeof(genTime_str),
+ "%04d%02d%02d%02d%02d%02d.%ldZ",
tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
- tm->tm_hour, tm->tm_min, tm->tm_sec);
- if (precision > 0)
- {
- /* Add fraction of seconds (leave space for dot and null). */
- BIO_snprintf(p, 2 + precision, ".%ld", usec);
- /* We cannot use the snprintf return value,
- because it might have been truncated. */
- p += strlen(p);
-
+ tm->tm_hour, tm->tm_min, tm->tm_sec, usec);
+ if (rv == -1 || rv >= sizeof(genTime_str))
+ goto err;
/* To make things a bit harder, X.690 | ISO/IEC 8825-1 provides
the following restrictions for a DER-encoding, which OpenSSL
(specifically ASN1_GENERALIZEDTIME_check() function) doesn't
omitted." */
/* Remove trailing zeros. The dot guarantees the exit
condition of this loop even if all the digits are zero. */
- while (*--p == '0')
- /* empty */;
- /* p points to either the dot or the last non-zero digit. */
- if (*p != '.') ++p;
- }
- /* Add the trailing Z and the terminating null. */
- *p++ = 'Z';
- *p++ = '\0';
+ p = strchr(genTime_str, 'Z');
+ p--; /* move back in front of Z */
+ /* pass over 0s */
+ while (*p == '0')
+ p--;
+ /* if we're not at . we're at an interesting digit */
+ if (*p != '.')
+ p++;
+ *p++ = 'Z';
+ *p = 0;
+ } else {
+ rv = snprintf(genTime_str, sizeof(genTime_str),
+ "%04d%02d%02d%02d%02d%02dZ",
+ tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
+ tm->tm_hour, tm->tm_min, tm->tm_sec);
+ if (rv == -1 || rv >= sizeof(genTime_str))
+ goto err;
+ }
/* Now call OpenSSL to check and set our genTime value */
if (!asn1_time && !(asn1_time = M_ASN1_GENERALIZEDTIME_new()))
projects / openbsd / commitdiff