Replace the old OpenSSL julian date stuff with BoringSSL's

OpenSSL dealt with time conversion using a classical julian
day scheme. BoringSSL got rid of it and uses only a julian
style calculation for seconds since the POSIX time epoch.

This changes libressl to use the seconds calculation exculusively
instead of a mix of the julian day based conversions and the
system time conversions to and from time_t to tm.

ok tb@ jsing@

7 files changed, 289 insertions, 326 deletions

diff --git a/src/lib/libcrypto/Makefile b/src/lib/libcrypto/Makefile
index a3091616a5..d3daf29970 100644
--- a/src/lib/libcrypto/Makefile
+++ b/src/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.79 2022/08/20 09:16:18 tb Exp $
+# $OpenBSD: Makefile,v 1.80 2022/11/08 12:56:00 beck Exp $
 
 LIB=    crypto
 LIBREBUILD=y
@@ -53,7 +53,7 @@ SYMBOL_LIST=	${.CURDIR}/Symbols.list
 
 # crypto/
 SRCS+= cryptlib.c malloc-wrapper.c mem_dbg.c cversion.c ex_data.c cpt_err.c
-SRCS+= o_time.c o_str.c o_init.c o_fips.c
+SRCS+= o_str.c o_init.c o_fips.c
 SRCS+= mem_clr.c crypto_init.c crypto_lock.c
 
 # aes/
@@ -72,7 +72,7 @@ SRCS+= tasn_prn.c ameth_lib.c
 SRCS+= x_pkey.c x_exten.c bio_asn1.c bio_ndef.c asn_mime.c
 SRCS+= asn1_gen.c asn1_par.c asn1_old_lib.c asn1_err.c a_strnid.c
 SRCS+= p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c
-SRCS+= a_time_tm.c asn1_item.c asn1_old.c asn1_types.c asn1_lib.c
+SRCS+= a_time_tm.c asn1_item.c asn1_old.c asn1_types.c asn1_lib.c a_time_posix.c
 
 # bf/
 SRCS+= bf_skey.c bf_ecb.c bf_cfb64.c bf_ofb64.c
diff --git a/src/lib/libcrypto/asn1/a_time.c b/src/lib/libcrypto/asn1/a_time.c
index 03311e1b7f..a951b32049 100644
--- a/src/lib/libcrypto/asn1/a_time.c
+++ b/src/lib/libcrypto/asn1/a_time.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_time.c,v 1.34 2022/06/27 13:54:57 beck Exp $ */
+/* $OpenBSD: a_time.c,v 1.35 2022/11/08 12:56:00 beck Exp $ */
 /* ====================================================================
  * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
@@ -67,7 +67,6 @@
 #include <openssl/asn1t.h>
 #include <openssl/err.h>
 
-#include "o_time.h"
 #include "asn1_locl.h"
 
 const ASN1_ITEM ASN1_TIME_it = {
@@ -103,7 +102,7 @@ ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm)
         time(&now);
         memset(tm, 0, sizeof(*tm));
 
-        return gmtime_r(&now, tm) != NULL;
+        return asn1_time_time_t_to_tm(&now, tm);
 }
 
 int
diff --git a/src/lib/libcrypto/asn1/a_time_posix.c b/src/lib/libcrypto/asn1/a_time_posix.c
new file mode 100644
index 0000000000..a2c9988575
--- /dev/null
+++ b/src/lib/libcrypto/asn1/a_time_posix.c
@@ -0,0 +1,272 @@
+/*
+ * Copyright (c) 2022, Google Inc.
+ * Copyright (c) 2022, Bob Beck <beck@obtuse.com>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * Time conversion to/from POSIX time_t and struct tm, with no support
+ * for time zones other than UTC
+ */
+
+#include <inttypes.h>
+#include <limits.h>
+#include <string.h>
+#include <time.h>
+
+#define SECS_PER_HOUR (int64_t)(60 * 60)
+#define SECS_PER_DAY (int64_t)(24 * SECS_PER_HOUR)
+
+/*
+ * Is a year/month/day combination valid, in the range from year 0000
+ * to 9999?
+ */
+static int
+is_valid_date(int year, int month, int day)
+{
+        int days_in_month;
+        if (day < 1 || month < 1 || year < 0 || year > 9999)
+                return 0;
+        switch (month) {
+        case 1:
+        case 3:
+        case 5:
+        case 7:
+        case 8:
+        case 10:
+        case 12:
+                days_in_month = 31;
+                break;
+        case 4:
+        case 6:
+        case 9:
+        case 11:
+                days_in_month = 30;
+                break;
+        case 2:
+                if ((year % 4 == 0 && year % 100 != 0) || year % 400 == 0)
+                        days_in_month = 29;
+                else
+                        days_in_month = 28;
+                break;
+        default:
+                return 0;
+        }
+        return day <= days_in_month;
+}
+
+/*
+ * Is a time valid? Leap seconds of 60 are not considered valid, as
+ * the POSIX time in seconds does not include them.
+ */
+static int
+is_valid_time(int hours, int minutes, int seconds)
+{
+        return hours >= 0 && minutes >= 0 && seconds >= 0 && hours <= 23 &&
+            minutes <= 59 && seconds <= 59;
+}
+
+/* Is a int64 time representing a time within our expected range? */
+static int
+is_valid_epoch_time(int64_t time)
+{
+        /* 0000-01-01 00:00:00 UTC to 9999-12-31 23:59:59 UTC */
+        return (int64_t)-62167219200 <= time && time <= (int64_t)253402300799;
+}
+
+/*
+ * Inspired by algorithms presented in
+ * https://howardhinnant.github.io/date_algorithms.html
+ * (Public Domain)
+ */
+static int
+posix_time_from_utc(int year, int month, int day, int hours,  int minutes,
+    int seconds, int64_t *out_time)
+{
+        int64_t era, year_of_era, day_of_year, day_of_era, posix_days;
+
+        if (!is_valid_date(year, month, day) ||
+            !is_valid_time(hours, minutes, seconds))
+                return 0;
+        if (month <= 2)
+                year--;  /* Start years on Mar 1, so leap days end a year. */
+
+        /* At this point year will be in the range -1 and 9999.*/
+        era = (year >= 0 ? year : year - 399) / 400;
+        year_of_era = year - era * 400;
+        day_of_year = (153 * (month > 2 ? month - 3 : month + 9) + 2) /
+            5 + day - 1;
+        day_of_era = year_of_era * 365 + year_of_era / 4 - year_of_era /
+            100 + day_of_year;
+        posix_days = era * 146097 + day_of_era - 719468;
+        *out_time = posix_days * SECS_PER_DAY + hours * SECS_PER_HOUR +
+            minutes * 60 + seconds;
+
+        return 1;
+}
+
+/*
+ * Inspired by algorithms presented in
+ * https://howardhinnant.github.io/date_algorithms.html
+ * (Public Domain)
+ */
+static int
+utc_from_posix_time(int64_t time, int *out_year, int *out_month, int *out_day,
+    int *out_hours, int *out_minutes, int *out_seconds)
+{
+        int64_t days, leftover_seconds, era, day_of_era, year_of_era,
+            day_of_year, month_of_year;
+
+        if (!is_valid_epoch_time(time))
+                return 0;
+
+        days = time / SECS_PER_DAY;
+        leftover_seconds = time % SECS_PER_DAY;
+        if (leftover_seconds < 0) {
+                days--;
+                leftover_seconds += SECS_PER_DAY;
+        }
+        days += 719468;  /*  Shift to starting epoch of Mar 1 0000. */
+
+        /* At this point, days will be in the range -61 and 3652364. */
+        era = (days > 0 ? days : days - 146096) / 146097;
+        day_of_era = days - era * 146097;
+        year_of_era = (day_of_era - day_of_era / 1460 + day_of_era / 36524 -
+            day_of_era / 146096) /
+            365;
+        *out_year = year_of_era + era * 400;  /* Year starts on Mar 1 */
+        day_of_year = day_of_era - (365 * year_of_era + year_of_era / 4 -
+            year_of_era / 100);
+        month_of_year = (5 * day_of_year + 2) / 153;
+        *out_month = (month_of_year < 10 ? month_of_year + 3 :
+            month_of_year - 9);
+        if (*out_month <= 2)
+                (*out_year)++;  /* Adjust year back to Jan 1 start of year. */
+
+        *out_day = day_of_year - (153 * month_of_year + 2) / 5 + 1;
+        *out_hours = leftover_seconds / SECS_PER_HOUR;
+        leftover_seconds %= SECS_PER_HOUR;
+        *out_minutes = leftover_seconds / 60;
+        *out_seconds = leftover_seconds % 60;
+
+        return 1;
+}
+
+static int
+asn1_time_tm_to_posix(const struct tm *tm, int64_t *out)
+{
+        /* Ensure additions below do not overflow */
+        if (tm->tm_year > 9999)
+                return 0;
+        if (tm->tm_mon > 12)
+                return 0;
+
+        return posix_time_from_utc(tm->tm_year + 1900, tm->tm_mon + 1,
+            tm->tm_mday, tm->tm_hour, tm->tm_min, tm->tm_sec, out);
+}
+
+static int
+asn1_time_posix_to_tm(int64_t time, struct tm *out_tm)
+{
+        memset(out_tm, 0, sizeof(struct tm));
+        if (!utc_from_posix_time(time, &out_tm->tm_year, &out_tm->tm_mon,
+            &out_tm->tm_mday, &out_tm->tm_hour, &out_tm->tm_min,
+            &out_tm->tm_sec))
+                return 0;
+
+        out_tm->tm_year -= 1900;
+        out_tm->tm_mon -= 1;
+
+        return 1;
+}
+
+int
+asn1_time_tm_to_time_t(const struct tm *tm, time_t *out)
+{
+        int64_t posix_time;
+
+        if (!asn1_time_tm_to_posix(tm, &posix_time))
+                return 0;
+
+#ifdef SMALL_TIME_T
+        /* For portable. */
+        if (sizeof(time_t) == sizeof(int32_t) &&
+            (posix_time > INT32_MAX || posix_time < INT32_MIN))
+                return 0;
+#endif
+
+        *out = posix_time;
+        return 1;
+}
+
+int
+asn1_time_time_t_to_tm(const time_t *time, struct tm *out_tm)
+{
+        int64_t posix_time = *time;
+
+        return asn1_time_posix_to_tm(posix_time, out_tm);
+}
+
+int
+OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec)
+{
+        int64_t posix_time;
+
+        /* Ensure additions below do not overflow */
+        if (tm->tm_year > 9999)
+                return 0;
+        if (tm->tm_mon > 12)
+                return 0;
+
+        if (!posix_time_from_utc(tm->tm_year + 1900, tm->tm_mon + 1,
+            tm->tm_mday, tm->tm_hour, tm->tm_min, tm->tm_sec, &posix_time))
+                return 0;
+
+        if (!utc_from_posix_time(posix_time + off_day * SECS_PER_DAY +
+            offset_sec, &tm->tm_year, &tm->tm_mon, &tm->tm_mday, &tm->tm_hour,
+            &tm->tm_min, &tm->tm_sec))
+                return 0;
+
+        tm->tm_year -= 1900;
+        tm->tm_mon -= 1;
+
+        return 1;
+}
+
+int
+OPENSSL_gmtime_diff(int *out_days, int *out_secs, const struct tm *from,
+    const struct tm *to)
+{
+        int64_t time_to, time_from, timediff, daydiff;
+
+        if (!posix_time_from_utc(to->tm_year + 1900, to->tm_mon + 1,
+            to->tm_mday, to->tm_hour, to->tm_min, to->tm_sec, &time_to))
+                return 0;
+
+        if (!posix_time_from_utc(from->tm_year + 1900, from->tm_mon + 1,
+            from->tm_mday, from->tm_hour, from->tm_min,
+            from->tm_sec, &time_from))
+                return 0;
+
+        timediff = time_to - time_from;
+        daydiff = timediff / SECS_PER_DAY;
+        timediff %= SECS_PER_DAY;
+        if (daydiff > INT_MAX || daydiff < INT_MIN)
+                return 0;
+
+        *out_secs = timediff;
+        *out_days = daydiff;
+
+        return 1;
+}
diff --git a/src/lib/libcrypto/asn1/a_time_tm.c b/src/lib/libcrypto/asn1/a_time_tm.c
index cb677ae93e..2ae8430a0d 100644
--- a/src/lib/libcrypto/asn1/a_time_tm.c
+++ b/src/lib/libcrypto/asn1/a_time_tm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_time_tm.c,v 1.24 2022/07/04 14:39:43 tb Exp $ */
+/* $OpenBSD: a_time_tm.c,v 1.25 2022/11/08 12:56:00 beck Exp $ */
 /*
  * Copyright (c) 2015 Bob Beck <beck@openbsd.org>
  *
@@ -25,7 +25,7 @@
 #include <openssl/err.h>
 
 #include "bytestring.h"
-#include "o_time.h"
+#include "asn1_locl.h"
 
 #define RFC5280 0
 #define GENTIME_LENGTH 15
@@ -68,7 +68,7 @@ ASN1_time_tm_clamp_notafter(struct tm *tm)
         struct tm broken_os_epoch_tm;
         time_t broken_os_epoch_time = INT_MAX;
 
-        if (gmtime_r(&broken_os_epoch_time, &broken_os_epoch_tm) == NULL)
+        if (!OPENSSL_gmtime(&broken_os_epoch_time, &broken_os_epoch_tm))
                 return 0;
 
         if (ASN1_time_tm_cmp(tm, &broken_os_epoch_tm) == 1)
@@ -379,7 +379,7 @@ ASN1_TIME_adj_internal(ASN1_TIME *s, time_t t, int offset_day, long offset_sec,
 {
         struct tm tm;
 
-        if (gmtime_r(&t, &tm) == NULL)
+        if (!asn1_time_time_t_to_tm(&t, &tm))
                 return (NULL);
 
         if (offset_day != 0 || offset_sec != 0) {
@@ -410,7 +410,7 @@ ASN1_TIME_set_tm(ASN1_TIME *s, struct tm *tm)
 {
         time_t t;
 
-        if ((t = timegm(tm)) == -1)
+        if (!asn1_time_tm_to_time_t(tm, &t))
                 return NULL;
         return (ASN1_TIME_adj(s, t, 0, 0));
 }
@@ -475,7 +475,7 @@ ASN1_TIME_cmp_time_t_internal(const ASN1_TIME *s, time_t t2, int mode)
         if (ASN1_time_parse(s->data, s->length, &tm1, mode) == -1)
                 return -2;
 
-        if (gmtime_r(&t2, &tm2) == NULL)
+        if (!asn1_time_time_t_to_tm(&t2, &tm2))
                 return -2;
 
         return ASN1_time_tm_cmp(&tm1, &tm2);
diff --git a/src/lib/libcrypto/asn1/asn1_locl.h b/src/lib/libcrypto/asn1/asn1_locl.h
index ca0b7d7d6e..e15b98b7c3 100644
--- a/src/lib/libcrypto/asn1/asn1_locl.h
+++ b/src/lib/libcrypto/asn1/asn1_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1_locl.h,v 1.39 2022/09/11 17:22:52 tb Exp $ */
+/* $OpenBSD: asn1_locl.h,v 1.40 2022/11/08 12:56:00 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -233,5 +233,10 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
 int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp);
 ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
     long length);
+int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
+int OPENSSL_gmtime_diff(int *pday, int *psec, const struct tm *from,
+    const struct tm *to);
+int asn1_time_time_t_to_tm(const time_t *time, struct tm *out_tm);
+int asn1_time_tm_to_time_t(const struct tm *tm, time_t *out);
 
 __END_HIDDEN_DECLS
diff --git a/src/lib/libcrypto/o_time.c b/src/lib/libcrypto/o_time.c
deleted file mode 100644
index 3f164c7fde..0000000000
--- a/src/lib/libcrypto/o_time.c
+++ /dev/null
@@ -1,242 +0,0 @@
-/* $OpenBSD: o_time.c,v 1.16 2021/10/27 09:50:56 beck Exp $ */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2008.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include "o_time.h"
-
-/* Take a tm structure and add an offset to it. This avoids any OS issues
- * with restricted date types and overflows which cause the year 2038
- * problem.
- */
-
-#define SECS_PER_DAY (24 * 60 * 60)
-
-static long date_to_julian(int y, int m, int d);
-static void julian_to_date(long jd, int *y, int *m, int *d);
-static int julian_adj(const struct tm *tm, int off_day, long offset_sec,
-    long *pday, int *psec);
-
-int
-OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec)
-{
-        int offset_hms, offset_day;
-        long time_jd;
-        int time_year, time_month, time_day;
-        /* split offset into days and day seconds */
-        offset_day = offset_sec / SECS_PER_DAY;
-        /* Avoid sign issues with % operator */
-        offset_hms = offset_sec - (offset_day * SECS_PER_DAY);
-        offset_day += off_day;
-        /* Add current time seconds to offset */
-        offset_hms += tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec;
-        /* Adjust day seconds if overflow */
-        if (offset_hms >= SECS_PER_DAY) {
-                offset_day++;
-                offset_hms -= SECS_PER_DAY;
-        } else if (offset_hms < 0) {
-                offset_day--;
-                offset_hms += SECS_PER_DAY;
-        }
-
-        /* Convert date of time structure into a Julian day number.
-         */
-
-        time_year = tm->tm_year + 1900;
-        time_month = tm->tm_mon + 1;
-        time_day = tm->tm_mday;
-
-        time_jd = date_to_julian(time_year, time_month, time_day);
-
-        /* Work out Julian day of new date */
-        time_jd += offset_day;
-
-        if (time_jd < 0)
-                return 0;
-
-        /* Convert Julian day back to date */
-
-        julian_to_date(time_jd, &time_year, &time_month, &time_day);
-
-        if (time_year < 1900 || time_year > 9999)
-                return 0;
-
-        /* Update tm structure */
-
-        tm->tm_year = time_year - 1900;
-        tm->tm_mon = time_month - 1;
-        tm->tm_mday = time_day;
-
-        tm->tm_hour = offset_hms / 3600;
-        tm->tm_min = (offset_hms / 60) % 60;
-        tm->tm_sec = offset_hms % 60;
-
-        return 1;
-
-}
-
-int
-OPENSSL_gmtime_diff(int *pday, int *psec, const struct tm *from,
-    const struct tm *to)
-{
-        int from_sec, to_sec, diff_sec;
-        long from_jd, to_jd, diff_day;
-
-        if (!julian_adj(from, 0, 0, &from_jd, &from_sec))
-                return 0;
-        if (!julian_adj(to, 0, 0, &to_jd, &to_sec))
-                return 0;
-        diff_day = to_jd - from_jd;
-        diff_sec = to_sec - from_sec;
-        /* Adjust differences so both positive or both negative */
-        if (diff_day > 0 && diff_sec < 0) {
-                diff_day--;
-                diff_sec += SECS_PER_DAY;
-        }
-        if (diff_day < 0 && diff_sec > 0) {
-                diff_day++;
-                diff_sec -= SECS_PER_DAY;
-        }
-
-        if (pday)
-                *pday = (int)diff_day;
-        if (psec)
-                *psec = diff_sec;
-
-        return 1;
-
-}
-
-/* Convert tm structure and offset into julian day and seconds */
-static int
-julian_adj(const struct tm *tm, int off_day, long offset_sec, long *pday,
-    int *psec)
-{
-        int time_year, time_month, time_day;
-        long offset_day, time_jd;
-        int offset_hms;
-
-        /* split offset into days and day seconds */
-        offset_day = offset_sec / SECS_PER_DAY;
-        /* Avoid sign issues with % operator */
-        offset_hms = offset_sec - (offset_day * SECS_PER_DAY);
-        offset_day += off_day;
-        /* Add current time seconds to offset */
-        offset_hms += tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec;
-        /* Adjust day seconds if overflow */
-        if (offset_hms >= SECS_PER_DAY) {
-                offset_day++;
-                offset_hms -= SECS_PER_DAY;
-        } else if (offset_hms < 0) {
-                offset_day--;
-                offset_hms += SECS_PER_DAY;
-        }
-
-        /*
-         * Convert date of time structure into a Julian day number.
-         */
-
-        time_year = tm->tm_year + 1900;
-        time_month = tm->tm_mon + 1;
-        time_day = tm->tm_mday;
-
-        time_jd = date_to_julian(time_year, time_month, time_day);
-
-        /* Work out Julian day of new date */
-        time_jd += offset_day;
-
-        if (time_jd < 0)
-                return 0;
-
-        *pday = time_jd;
-        *psec = offset_hms;
-
-        return 1;
-}
-
-/* Convert date to and from julian day
- * Uses Fliegel & Van Flandern algorithm
- */
-static long
-date_to_julian(int y, int m, int d)
-{
-        return (1461 * (y + 4800 + (m - 14) / 12)) / 4 +
-            (367 * (m - 2 - 12 * ((m - 14) / 12))) / 12 -
-            (3 * ((y + 4900 + (m - 14) / 12) / 100)) / 4 +
-            d - 32075;
-}
-
-static void
-julian_to_date(long jd, int *y, int *m, int *d)
-{
-        long  L = jd + 68569;
-        long  n = (4 * L) / 146097;
-        long  i, j;
-
-        L = L - (146097 * n + 3) / 4;
-        i = (4000 * (L + 1)) / 1461001;
-        L = L - (1461 * i) / 4 + 31;
-        j = (80 * L) / 2447;
-        *d = L - (2447 * j) / 80;
-        L = j / 11;
-        *m = j + 2 - (12 * L);
-        *y = 100 * (n - 49) + i + L;
-}
diff --git a/src/lib/libcrypto/o_time.h b/src/lib/libcrypto/o_time.h
deleted file mode 100644
index 064f2cc237..0000000000
--- a/src/lib/libcrypto/o_time.h
+++ /dev/null
@@ -1,71 +0,0 @@
-/* $OpenBSD: o_time.h,v 1.8 2021/10/27 09:50:56 beck Exp $ */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_O_TIME_H
-#define HEADER_O_TIME_H
-
-#include <time.h>
-
-__BEGIN_HIDDEN_DECLS
-
-int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
-int OPENSSL_gmtime_diff(int *pday, int *psec, const struct tm *from,
-    const struct tm *to);
-
-__END_HIDDEN_DECLS
-#endif