Use UTC to heck certificate validity
This commit is contained in:
parent
52c5af7d2d
commit
0776a43788
2 changed files with 3 additions and 2 deletions
|
@ -16,6 +16,7 @@ Changes
|
|||
* x509_crt_info() now prints information about parsed extensions as well
|
||||
* pk_verify() now returns a specific error code when the signature is valid
|
||||
but shorter than the supplied length.
|
||||
* Use UTC time to check certificate validity.
|
||||
|
||||
Security
|
||||
* Avoid potential timing leak in ecdsa_sign() by blinding modular division.
|
||||
|
|
|
@ -627,7 +627,7 @@ static void x509_get_current_time( x509_time *now )
|
|||
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
|
||||
SYSTEMTIME st;
|
||||
|
||||
GetLocalTime(&st);
|
||||
GetSystemTime(&st);
|
||||
|
||||
now->year = st.wYear;
|
||||
now->mon = st.wMonth;
|
||||
|
@ -640,7 +640,7 @@ static void x509_get_current_time( x509_time *now )
|
|||
time_t tt;
|
||||
|
||||
tt = time( NULL );
|
||||
localtime_r( &tt, < );
|
||||
gmtime_r( &tt, < );
|
||||
|
||||
now->year = lt.tm_year + 1900;
|
||||
now->mon = lt.tm_mon + 1;
|
||||
|
|
Loading…
Reference in a new issue