mirror of
https://github.com/xcat2/xNBA.git
synced 2024-11-26 19:29:04 +00:00
[crypto] Allow signed timestamp error margin to be configured at build time
Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
parent
d90490578d
commit
7c7c957094
22
src/config/crypto.h
Normal file
22
src/config/crypto.h
Normal file
@ -0,0 +1,22 @@
|
||||
#ifndef CONFIG_CRYPTO_H
|
||||
#define CONFIG_CRYPTO_H
|
||||
|
||||
/** @file
|
||||
*
|
||||
* Cryptographic configuration
|
||||
*
|
||||
*/
|
||||
|
||||
FILE_LICENCE ( GPL2_OR_LATER );
|
||||
|
||||
/** Margin of error (in seconds) allowed in signed timestamps
|
||||
*
|
||||
* We default to allowing a reasonable margin of error: 12 hours to
|
||||
* allow for the local time zone being non-GMT, plus 30 minutes to
|
||||
* allow for general clock drift.
|
||||
*/
|
||||
#define TIMESTAMP_ERROR_MARGIN ( ( 12 * 60 + 30 ) * 60 )
|
||||
|
||||
#include <config/local/crypto.h>
|
||||
|
||||
#endif /* CONFIG_CRYPTO_H */
|
@ -30,6 +30,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
|
||||
#include <ipxe/base64.h>
|
||||
#include <ipxe/uri.h>
|
||||
#include <ipxe/ocsp.h>
|
||||
#include <config/crypto.h>
|
||||
|
||||
/** @file
|
||||
*
|
||||
@ -923,12 +924,12 @@ int ocsp_validate ( struct ocsp_check *ocsp, time_t time ) {
|
||||
/* Check OCSP response is valid at the specified time
|
||||
* (allowing for some margin of error).
|
||||
*/
|
||||
if ( response->this_update > ( time + X509_ERROR_MARGIN_TIME ) ) {
|
||||
if ( response->this_update > ( time + TIMESTAMP_ERROR_MARGIN ) ) {
|
||||
DBGC ( ocsp, "OCSP %p \"%s\" response is not yet valid (at "
|
||||
"time %lld)\n", ocsp, x509_name ( ocsp->cert ), time );
|
||||
return -EACCES_STALE;
|
||||
}
|
||||
if ( response->next_update < ( time - X509_ERROR_MARGIN_TIME ) ) {
|
||||
if ( response->next_update < ( time - TIMESTAMP_ERROR_MARGIN ) ) {
|
||||
DBGC ( ocsp, "OCSP %p \"%s\" response is stale (at time "
|
||||
"%lld)\n", ocsp, x509_name ( ocsp->cert ), time );
|
||||
return -EACCES_STALE;
|
||||
|
@ -34,6 +34,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
|
||||
#include <ipxe/rootcert.h>
|
||||
#include <ipxe/certstore.h>
|
||||
#include <ipxe/x509.h>
|
||||
#include <config/crypto.h>
|
||||
|
||||
/** @file
|
||||
*
|
||||
@ -1233,12 +1234,12 @@ int x509_check_time ( struct x509_certificate *cert, time_t time ) {
|
||||
struct x509_validity *validity = &cert->validity;
|
||||
|
||||
/* Check validity period */
|
||||
if ( validity->not_before.time > ( time + X509_ERROR_MARGIN_TIME ) ) {
|
||||
if ( validity->not_before.time > ( time + TIMESTAMP_ERROR_MARGIN ) ) {
|
||||
DBGC ( cert, "X509 %p \"%s\" is not yet valid (at time %lld)\n",
|
||||
cert, x509_name ( cert ), time );
|
||||
return -EACCES_EXPIRED;
|
||||
}
|
||||
if ( validity->not_after.time < ( time - X509_ERROR_MARGIN_TIME ) ) {
|
||||
if ( validity->not_after.time < ( time - TIMESTAMP_ERROR_MARGIN ) ) {
|
||||
DBGC ( cert, "X509 %p \"%s\" has expired (at time %lld)\n",
|
||||
cert, x509_name ( cert ), time );
|
||||
return -EACCES_EXPIRED;
|
||||
|
@ -42,14 +42,6 @@ struct x509_validity {
|
||||
struct x509_time not_after;
|
||||
};
|
||||
|
||||
/** Margin of error allowed in X.509 response times
|
||||
*
|
||||
* We allow a generous margin of error: 12 hours to allow for the
|
||||
* local time zone being non-GMT, plus 30 minutes to allow for general
|
||||
* clock drift.
|
||||
*/
|
||||
#define X509_ERROR_MARGIN_TIME ( ( 12 * 60 + 30 ) * 60 )
|
||||
|
||||
/** An X.509 certificate public key */
|
||||
struct x509_public_key {
|
||||
/** Raw public key information */
|
||||
|
Loading…
Reference in New Issue
Block a user