Change ts to only support one second precision.

RFC 3631 allows for sub second ASN1 GENERALIZED times, if you choose to support sub second time precison. It does not indicate that an implementation must support them. Supporting sub second timestamps is just silly and unrealistic, so set our maximum to one second of precision. We then simplify this code by removing some nasty eye-bleed that made artisinally hand crafted strings and jammed them into an ASN1_GENERALIZEDTIME. ok tb@, jsing@, with one second precision tested by kn@
author: beck <> 2024-03-26 00:39:22 +0000
committer: beck <> 2024-03-26 00:39:22 +0000
commit: 3604a06d3b1412f3b3b3959a358b2c8e2a07836a (patch)
tree: 6dd26637f37e838317ca1c60102598aac9f0db14 /src/lib/libcrypto/ts/ts.h
parent: e45e73d8f6ec2c8e3433199494319c6045bc2ae5 (diff)
download: openbsd-3604a06d3b1412f3b3b3959a358b2c8e2a07836a.tar.gz
openbsd-3604a06d3b1412f3b3b3959a358b2c8e2a07836a.tar.bz2
openbsd-3604a06d3b1412f3b3b3959a358b2c8e2a07836a.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libcrypto/ts/ts.h b/src/lib/libcrypto/ts/ts.h
index 5215fc0583..c2b2a9ed3d 100644
--- a/src/lib/libcrypto/ts/ts.h
+++ b/src/lib/libcrypto/ts/ts.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts.h,v 1.23 2023/11/19 15:46:10 tb Exp $ */
+/* $OpenBSD: ts.h,v 1.24 2024/03/26 00:39:22 beck Exp $ */
 /* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL
 * project 2002, 2003, 2004.
 */
@@ -389,8 +389,8 @@ int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
   '0' means sec, '3' msec, '6' usec, and so on. Default is 0. */
 int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
    unsigned clock_precision_digits);
-/* At most we accept usec precision. */
+/* At most we accept sec precision. */
-#define TS_MAX_CLOCK_PRECISION_DIGITS   6
+#define TS_MAX_CLOCK_PRECISION_DIGITS 0
 /* No flags are set by default. */
 void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);
author	beck <>	2024-03-26 00:39:22 +0000
committer	beck <>	2024-03-26 00:39:22 +0000
commit	3604a06d3b1412f3b3b3959a358b2c8e2a07836a (patch)
tree	6dd26637f37e838317ca1c60102598aac9f0db14 /src/lib/libcrypto/ts/ts.h
parent	e45e73d8f6ec2c8e3433199494319c6045bc2ae5 (diff)
download	openbsd-3604a06d3b1412f3b3b3959a358b2c8e2a07836a.tar.gz openbsd-3604a06d3b1412f3b3b3959a358b2c8e2a07836a.tar.bz2 openbsd-3604a06d3b1412f3b3b3959a358b2c8e2a07836a.zip

diff --git a/src/lib/libcrypto/ts/ts.h b/src/lib/libcrypto/ts/ts.h index 5215fc0583..c2b2a9ed3d 100644 --- a/src/lib/libcrypto/ts/ts.h +++ b/src/lib/libcrypto/ts/ts.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ts.h,v 1.23 2023/11/19 15:46:10 tb Exp $ */	1	/* $OpenBSD: ts.h,v 1.24 2024/03/26 00:39:22 beck Exp $ */
2	/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL	2	/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL
3	* project 2002, 2003, 2004.	3	* project 2002, 2003, 2004.
4	*/	4	*/
@@ -389,8 +389,8 @@ int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
389	'0' means sec, '3' msec, '6' usec, and so on. Default is 0. */	389	'0' means sec, '3' msec, '6' usec, and so on. Default is 0. */
390	int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,	390	int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
391	unsigned clock_precision_digits);	391	unsigned clock_precision_digits);
392	/* At most we accept usec precision. */	392	/* At most we accept sec precision. */
393	#define TS_MAX_CLOCK_PRECISION_DIGITS 6	393	#define TS_MAX_CLOCK_PRECISION_DIGITS 0
394		394
395	/* No flags are set by default. */	395	/* No flags are set by default. */
396	void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);	396	void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);