boringssl

Author SHA1 Message Date

Author	SHA1	Message	Date
Jesse Selover	b4810de60f	Make X509 time validation stricter. Copy of OpenSSL change `80770da39e`. This additionally fixes some bugs which causes time validation to fail when the current time and certificate timestamp are near the 2050 UTCTime/GeneralizedTime cut-off. Update-Note: Some invalid X.509 timestamps will be newly rejected. Change-Id: Ie131c61b6840c85bed974101f0a3188e7649059b Reviewed-on: https://boringssl-review.googlesource.com/29125 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	2018-06-25 17:54:33 +00:00

Jesse Selover

b4810de60f

Make X509 time validation stricter.

Copy of OpenSSL change
80770da39e.

This additionally fixes some bugs which causes time validation to
fail when the current time and certificate timestamp are near the
2050 UTCTime/GeneralizedTime cut-off.

Update-Note: Some invalid X.509 timestamps will be newly rejected.

Change-Id: Ie131c61b6840c85bed974101f0a3188e7649059b
Reviewed-on: https://boringssl-review.googlesource.com/29125
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

2018-06-25 17:54:33 +00:00

1 Commits