From 2c52bf75f417e3f619da178ac0aa094d00e380b4 Mon Sep 17 00:00:00 2001
From: Steffen Jaeckel <s@jaeckel.eu>
Date: Fri, 31 Mar 2017 15:12:38 +0200
Subject: [PATCH] bugfixing

---
 .../der/generalizedtime/der_decode_generalizedtime.c | 12 +++++++++---
 .../der/generalizedtime/der_encode_generalizedtime.c |  2 +-
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c b/src/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c
index 1f0713e..f8997ee 100644
--- a/src/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c
+++ b/src/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c
@@ -76,7 +76,9 @@ int der_decode_generalizedtime(const unsigned char *in, unsigned long *inlen,
        if (y == -1) {
           return CRYPT_INVALID_PACKET;
        }
-       if (!((y >= '0' && y <= '9') || y == 'Z')) {
+       if (!((y >= '0' && y <= '9')
+            || y == 'Z' || y == '.'
+            || y == '+' || y == '-')) {
           return CRYPT_INVALID_PACKET;
        }
        buf[x] = y;
@@ -89,7 +91,11 @@ int der_decode_generalizedtime(const unsigned char *in, unsigned long *inlen,
 
    /* possible encodings are
 YYYYMMDDhhmmssZ
-YYYYMMDDhhmmss.[0-9]*Z
+YYYYMMDDhhmmss+hh'mm'
+YYYYMMDDhhmmss-hh'mm'
+YYYYMMDDhhmmss.fsZ
+YYYYMMDDhhmmss.fs+hh'mm'
+YYYYMMDDhhmmss.fs-hh'mm'
 
     So let's do a trivial decode upto [including] ss
    */
@@ -115,7 +121,7 @@ YYYYMMDDhhmmss.[0-9]*Z
           if (x >= sizeof(buf)) return CRYPT_INVALID_PACKET;
           out->fs *= 10;
           out->fs += char_to_int(buf[x]);
-          if (fs < out->fs) return CRYPT_OVERFLOW;
+          if (fs > out->fs) return CRYPT_OVERFLOW;
           x++;
        }
     }
diff --git a/src/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c b/src/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c
index 12b65e3..b2198d9 100644
--- a/src/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c
+++ b/src/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c
@@ -81,8 +81,8 @@ int der_encode_generalizedtime(ltc_generalizedtime *gtime,
           len++;
        } while(fs != 0);
        while (len-- > 1) {
-          out[x++] = der_ia5_char_encode(baseten[(gtime->fs/divisor) % 10]);
           divisor /= 10;
+          out[x++] = der_ia5_char_encode(baseten[(gtime->fs/divisor) % 10]);
        }
        out[x++] = der_ia5_char_encode(baseten[gtime->fs % 10]);
     }