Commit 0776a437 authored by Manuel Pégourié-Gonnard's avatar Manuel Pégourié-Gonnard Committed by Paul Bakker
Browse files

Use UTC to heck certificate validity

parent 52c5af7d
......@@ -16,6 +16,7 @@ Changes
* x509_crt_info() now prints information about parsed extensions as well
* pk_verify() now returns a specific error code when the signature is valid
but shorter than the supplied length.
* Use UTC time to check certificate validity.
Security
* Avoid potential timing leak in ecdsa_sign() by blinding modular division.
......
......@@ -627,7 +627,7 @@ static void x509_get_current_time( x509_time *now )
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
SYSTEMTIME st;
GetLocalTime(&st);
GetSystemTime(&st);
now->year = st.wYear;
now->mon = st.wMonth;
......@@ -640,7 +640,7 @@ static void x509_get_current_time( x509_time *now )
time_t tt;
tt = time( NULL );
localtime_r( &tt, &lt );
gmtime_r( &tt, &lt );
now->year = lt.tm_year + 1900;
now->mon = lt.tm_mon + 1;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment