From a1dca50231e6587b7c2fc0c36ac4d9b8ba2bbff5 Mon Sep 17 00:00:00 2001 From: "jpierre%netscape.com" Date: Fri, 26 Sep 2003 06:18:40 +0000 Subject: Fix for bug 219539 - support GeneralizedTime in NSS tools --- security/nss/cmd/dbck/dbck.c | 1 + security/nss/cmd/lib/secutil.c | 23 +++++++++++++++++++++++ security/nss/cmd/lib/secutil.h | 7 +++++++ security/nss/cmd/p7content/p7content.c | 2 +- security/nss/cmd/signver/pk7print.c | 21 ++++++++++----------- 5 files changed, 42 insertions(+), 12 deletions(-) diff --git a/security/nss/cmd/dbck/dbck.c b/security/nss/cmd/dbck/dbck.c index a3f1b9d54..66efd994f 100644 --- a/security/nss/cmd/dbck/dbck.c +++ b/security/nss/cmd/dbck/dbck.c @@ -265,6 +265,7 @@ dumpCertificate(CERTCertificate *cert, int num, PRFileDesc *outfile) int64 timeBefore, timeAfter; PRExplodedTime beforePrintable, afterPrintable; char *beforestr, *afterstr; + /* needs to be able to handle GeneralizedTime too */ DER_UTCTimeToTime(&timeBefore, &cert->validity.notBefore); DER_UTCTimeToTime(&timeAfter, &cert->validity.notAfter); PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable); diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c index 134efa4f5..d29b925c0 100644 --- a/security/nss/cmd/lib/secutil.c +++ b/security/nss/cmd/lib/secutil.c @@ -935,6 +935,29 @@ SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m, int level) secu_PrintTime(out, time, m, level); } +/* + * Format and print the UTC or Generalized Time "t". If the tag message + * "m" is not NULL, do indent formatting based on "level" and add a newline + * afterward; otherwise just print the formatted time string only. + */ +void +SECU_PrintTimeChoice(FILE *out, SECItem *t, char *m, int level) +{ + switch (t->type) { + case siUTCTime: + SECU_PrintUTCTime(out, t, m, level); + break; + + case siGeneralizedTime: + SECU_PrintGeneralizedTime(out, t, m, level); + break; + + default: + PORT_Assert(0); + break; + } +} + static void secu_PrintAny(FILE *out, SECItem *i, char *m, int level); void diff --git a/security/nss/cmd/lib/secutil.h b/security/nss/cmd/lib/secutil.h index cff334ab7..1e5dc345d 100644 --- a/security/nss/cmd/lib/secutil.h +++ b/security/nss/cmd/lib/secutil.h @@ -203,6 +203,13 @@ extern void SECU_PrintUTCTime(FILE *out, SECItem *t, char *m, int level); extern void SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m, int level); +/* + * Format and print the UTC or Generalized Time "t". If the tag message + * "m" is not NULL, do indent formatting based on "level" and add a newline + * afterward; otherwise just print the formatted time string only. + */ +extern void SECU_PrintTimeChoice(FILE *out, SECItem *t, char *m, int level); + /* callback for listing certs through pkcs11 */ extern SECStatus SECU_PrintCertNickname(CERTCertListNode* cert, void *data); diff --git a/security/nss/cmd/p7content/p7content.c b/security/nss/cmd/p7content/p7content.c index 8b5ad65ce..38466b337 100644 --- a/security/nss/cmd/p7content/p7content.c +++ b/security/nss/cmd/p7content/p7content.c @@ -175,7 +175,7 @@ DecodeAndPrintFile(FILE *out, PRFileDesc *in, char *progName) signing_time = SEC_PKCS7GetSigningTime(cinfo); if (signing_time != NULL) { - SECU_PrintUTCTime(out, signing_time, "Signing time", 0); + SECU_PrintTimeChoice(out, signing_time, "Signing time", 0); } else { fprintf(out, "No signing time included.\n"); } diff --git a/security/nss/cmd/signver/pk7print.c b/security/nss/cmd/signver/pk7print.c index 94d8e8f36..046a62c29 100644 --- a/security/nss/cmd/signver/pk7print.c +++ b/security/nss/cmd/signver/pk7print.c @@ -103,18 +103,18 @@ sv_PrintInteger(FILE *out, SECItem *i, char *m) int -sv_PrintUTCTime(FILE *out, SECItem *t, char *m) +sv_PrintTime(FILE *out, SECItem *t, char *m) { PRExplodedTime printableTime; int64 time; char *timeString; int rv; - rv = DER_UTCTimeToTime(&time, t); + rv = CERT_DecodeTimeChoice(&time, t); if (rv) return rv; - /* Converse to local time */ - PR_ExplodeTime(time, PR_GMTParameters, &printableTime); + /* Convert to local time */ + PR_ExplodeTime(time, PR_LocalTimeParameters, &printableTime); timeString = (char *)PORT_Alloc(100); @@ -127,17 +127,16 @@ sv_PrintUTCTime(FILE *out, SECItem *t, char *m) return SECFailure; } - int sv_PrintValidity(FILE *out, CERTValidity *v, char *m) { int rv; fprintf(out, m); - rv = sv_PrintUTCTime(out, &v->notBefore, "notBefore="); + rv = sv_PrintTime(out, &v->notBefore, "notBefore="); if (rv) return rv; fprintf(out, m); - sv_PrintUTCTime(out, &v->notAfter, "notAfter="); + sv_PrintTime(out, &v->notAfter, "notAfter="); return rv; } @@ -200,7 +199,7 @@ sv_PrintAttribute(FILE *out, SEC_PKCS7Attribute *attr, char *m) sv_PrintObjectID(out, value, om); break; case SEC_OID_PKCS9_SIGNING_TIME: - sv_PrintUTCTime(out, value, om); + sv_PrintTime(out, value, om); break; } } @@ -456,9 +455,9 @@ sv_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m) fprintf(out, m); sv_PrintName(out, &(crl->name), "name="); fprintf(out, m); - sv_PrintUTCTime(out, &(crl->lastUpdate), "lastUpdate="); + sv_PrintTime(out, &(crl->lastUpdate), "lastUpdate="); fprintf(out, m); - sv_PrintUTCTime(out, &(crl->nextUpdate), "nextUpdate="); + sv_PrintTime(out, &(crl->nextUpdate), "nextUpdate="); if (crl->entries != NULL) { iv = 0; @@ -466,7 +465,7 @@ sv_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m) fprintf(out, "%sentry[%d].", m, iv); sv_PrintInteger(out, &(entry->serialNumber), "serialNumber="); fprintf(out, "%sentry[%d].", m, iv); - sv_PrintUTCTime(out, &(entry->revocationDate), "revocationDate="); + sv_PrintTime(out, &(entry->revocationDate), "revocationDate="); sprintf(om, "%sentry[%d].signedCRLEntriesExtensions.", m, iv++); sv_PrintExtensions(out, entry->extensions, om); } -- cgit v1.2.1