bugfixing

2017-03-31 15:12:38 +02:00 · 2017-03-31 15:12:38 +02:00 · 2c52bf75f4
commit 2c52bf75f4
parent 08503a02f5
2 changed files with 10 additions and 4 deletions
--- a/src/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c
+++ b/src/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c
@ -76,7 +76,9 @@ int der_decode_generalizedtime(const unsigned char *in, unsigned long *inlen,
       if (y == -1) {
          return CRYPT_INVALID_PACKET;
       }
-       if (!((y >= '0' && y <= '9') || y == 'Z')) {
+       if (!((y >= '0' && y <= '9')
+            || y == 'Z' || y == '.'
+            || y == '+' || y == '-')) {
          return CRYPT_INVALID_PACKET;
       }
       buf[x] = y;
@ -89,7 +91,11 @@ int der_decode_generalizedtime(const unsigned char *in, unsigned long *inlen,

   /* possible encodings are
 YYYYMMDDhhmmssZ
-YYYYMMDDhhmmss.[0-9]*Z
+YYYYMMDDhhmmss+hh'mm'
+YYYYMMDDhhmmss-hh'mm'
+YYYYMMDDhhmmss.fsZ
+YYYYMMDDhhmmss.fs+hh'mm'
+YYYYMMDDhhmmss.fs-hh'mm'

    So let's do a trivial decode upto [including] ss
   */
@ -115,7 +121,7 @@ YYYYMMDDhhmmss.[0-9]*Z
          if (x >= sizeof(buf)) return CRYPT_INVALID_PACKET;
          out->fs *= 10;
          out->fs += char_to_int(buf[x]);
-          if (fs < out->fs) return CRYPT_OVERFLOW;
+          if (fs > out->fs) return CRYPT_OVERFLOW;
          x++;
       }
    }
--- a/src/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c
+++ b/src/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c
@ -81,8 +81,8 @@ int der_encode_generalizedtime(ltc_generalizedtime *gtime,
          len++;
       } while(fs != 0);
       while (len-- > 1) {
-          out[x++] = der_ia5_char_encode(baseten[(gtime->fs/divisor) % 10]);
          divisor /= 10;
+          out[x++] = der_ia5_char_encode(baseten[(gtime->fs/divisor) % 10]);
       }
       out[x++] = der_ia5_char_encode(baseten[gtime->fs % 10]);
    }