hx509: replace time_t with int64_t for cert timestamps

On platforms with 32-bit time_t (e.g. Linux i386), certificates
with timestamps later than 03:14:07 UTC on 19 January 2038 fail
to be processed correctly.

Recent changes to include certificates in the test suite with
500 year lifetimes cause the test suite to fail on these platforms.

This change replaces all use of time_t with int64_t to permit
uniform processing of certificate timestamps on all platforms.

Change-Id: I8ada6392478f39862c62d5b6490682b026e49261

lib/hx509/ca.c

@@ -55,8 +55,8 @@ struct hx509_ca_tbs {
 	unsigned int domaincontroller:1;
 	unsigned int xUniqueID:1;
     } flags;
-    time_t notBefore;
-    time_t notAfter;
+    int64_t notBefore;
+    int64_t notAfter;
     int pathLenConstraint; /* both for CA and Proxy */
     CRLDistributionPoints crldp;
     heim_bit_string subjectUniqueID;
@@ -135,7 +135,7 @@ hx509_ca_tbs_free(hx509_ca_tbs *tbs)
 HX509_LIB_FUNCTION int HX509_LIB_CALL
 hx509_ca_tbs_set_notBefore(hx509_context context,
 			   hx509_ca_tbs tbs,
-			   time_t t)
+			   int64_t t)
 {
     tbs->notBefore = t;
     return 0;
@@ -156,7 +156,7 @@ hx509_ca_tbs_set_notBefore(hx509_context context,
 HX509_LIB_FUNCTION int HX509_LIB_CALL
 hx509_ca_tbs_set_notAfter(hx509_context context,
 			   hx509_ca_tbs tbs,
-			   time_t t)
+			   int64_t t)
 {
     tbs->notAfter = t;
     return 0;
@@ -177,7 +177,7 @@ hx509_ca_tbs_set_notAfter(hx509_context context,
 HX509_LIB_FUNCTION int HX509_LIB_CALL
 hx509_ca_tbs_set_notAfter_lifetime(hx509_context context,
 				   hx509_ca_tbs tbs,
-				   time_t delta)
+				   int64_t delta)
 {
     return hx509_ca_tbs_set_notAfter(context, tbs, time(NULL) + delta);
 }
@@ -991,7 +991,7 @@ static int
 build_proxy_prefix(hx509_context context, const Name *issuer, Name *subject)
 {
     char *tstr;
-    time_t t;
+    int64_t t;
     int ret;
 
     ret = copy_Name(issuer, subject);
@@ -1031,8 +1031,8 @@ ca_sign(hx509_context context,
     size_t size;
     int ret;
     const AlgorithmIdentifier *sigalg;
-    time_t notBefore;
-    time_t notAfter;
+    int64_t notBefore;
+    int64_t notAfter;
     unsigned key_usage;
 
     sigalg = tbs->sigalg;

lib/hx509/cert.c

@@ -59,7 +59,7 @@ struct hx509_verify_ctx_data {
 #define HX509_VERIFY_CTX_F_CHECK_TRUST_ANCHORS		8
 #define HX509_VERIFY_CTX_F_NO_DEFAULT_ANCHORS		16
 #define HX509_VERIFY_CTX_F_NO_BEST_BEFORE_CHECK		32
-    time_t time_now;
+    int64_t time_now;
     unsigned int max_depth;
 #define HX509_VERIFY_MAX_DEPTH 30
     hx509_revoke_ctx revoke_ctx;
@@ -500,13 +500,13 @@ hx509_verify_attach_revoke(hx509_verify_ctx ctx, hx509_revoke_ctx revoke_ctx)
  */
 
 HX509_LIB_FUNCTION void HX509_LIB_CALL
-hx509_verify_set_time(hx509_verify_ctx ctx, time_t t)
+hx509_verify_set_time(hx509_verify_ctx ctx, int64_t t)
 {
     ctx->flags |= HX509_VERIFY_CTX_F_TIME_SET;
     ctx->time_now = t;
 }
 
-HX509_LIB_FUNCTION time_t HX509_LIB_CALL
+HX509_LIB_FUNCTION int64_t HX509_LIB_CALL
 _hx509_verify_get_time(hx509_verify_ctx ctx)
 {
     return ctx->time_now;
@@ -1066,7 +1066,7 @@ subject_null_p(const Certificate *c)
 
 static int
 find_parent(hx509_context context,
-	    time_t time_now,
+	    int64_t time_now,
 	    hx509_certs trust_anchors,
 	    hx509_path *path,
 	    hx509_certs pool,
@@ -1252,7 +1252,7 @@ _hx509_path_free(hx509_path *path)
 HX509_LIB_FUNCTION int HX509_LIB_CALL
 _hx509_calculate_path(hx509_context context,
 		      int flags,
-		      time_t time_now,
+		      int64_t time_now,
 		      hx509_certs anchors,
 		      unsigned int max_depth,
 		      hx509_cert cert,
@@ -1457,10 +1457,10 @@ hx509_cert_get_serialnumber(hx509_cert p, heim_integer *i)
  * @ingroup hx509_cert
  */
 
-HX509_LIB_FUNCTION time_t HX509_LIB_CALL
+HX509_LIB_FUNCTION int64_t HX509_LIB_CALL
 hx509_cert_get_notBefore(hx509_cert p)
 {
-    return _hx509_Time2time_t(&p->data->tbsCertificate.validity.notBefore);
+    return _hx509_Time2int64_t(&p->data->tbsCertificate.validity.notBefore);
 }
 
 /**
@@ -1473,10 +1473,10 @@ hx509_cert_get_notBefore(hx509_cert p)
  * @ingroup hx509_cert
  */
 
-HX509_LIB_FUNCTION time_t HX509_LIB_CALL
+HX509_LIB_FUNCTION int64_t HX509_LIB_CALL
 hx509_cert_get_notAfter(hx509_cert p)
 {
-    return _hx509_Time2time_t(&p->data->tbsCertificate.validity.notAfter);
+    return _hx509_Time2int64_t(&p->data->tbsCertificate.validity.notAfter);
 }
 
 /**
@@ -1652,8 +1652,8 @@ hx509_cert_public_encrypt(hx509_context context,
  *
  */
 
-HX509_LIB_FUNCTION time_t HX509_LIB_CALL
-_hx509_Time2time_t(const Time *t)
+HX509_LIB_FUNCTION int64_t HX509_LIB_CALL
+_hx509_Time2int64_t(const Time *t)
 {
     switch(t->element) {
     case choice_Time_utcTime:
@@ -2063,7 +2063,7 @@ hx509_verify_path(hx509_context context,
 
     for (i = 0; i < path.len; i++) {
 	Certificate *c;
-	time_t t;
+	int64_t t;
 
 	c = _hx509_get_cert(path.val[i]);
 
@@ -2246,13 +2246,13 @@ hx509_verify_path(hx509_context context,
 	 */
 	if (i + 1 != path.len || CHECK_TA(ctx)) {
 
-	    t = _hx509_Time2time_t(&c->tbsCertificate.validity.notBefore);
+	    t = _hx509_Time2int64_t(&c->tbsCertificate.validity.notBefore);
 	    if (t > ctx->time_now) {
 		ret = HX509_CERT_USED_BEFORE_TIME;
 		hx509_clear_error_string(context);
 		goto out;
 	    }
-	    t = _hx509_Time2time_t(&c->tbsCertificate.validity.notAfter);
+	    t = _hx509_Time2int64_t(&c->tbsCertificate.validity.notAfter);
 	    if (t < ctx->time_now) {
 		ret = HX509_CERT_USED_AFTER_TIME;
 		hx509_clear_error_string(context);
@@ -3080,11 +3080,11 @@ _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert
     }
 
     if (q->match & HX509_QUERY_MATCH_TIME) {
-	time_t t;
-	t = _hx509_Time2time_t(&c->tbsCertificate.validity.notBefore);
+	int64_t t;
+	t = _hx509_Time2int64_t(&c->tbsCertificate.validity.notBefore);
 	if (t > q->timenow)
 	    return 0;
-	t = _hx509_Time2time_t(&c->tbsCertificate.validity.notAfter);
+	t = _hx509_Time2int64_t(&c->tbsCertificate.validity.notAfter);
 	if (t < q->timenow)
 	    return 0;
     }

lib/hx509/cms.c

@@ -263,7 +263,7 @@ static int
 find_CMSIdentifier(hx509_context context,
 		   CMSIdentifier *client,
 		   hx509_certs certs,
-		   time_t time_now,
+		   int64_t time_now,
 		   hx509_cert *signer_cert,
 		   int match)
 {
@@ -356,7 +356,7 @@ hx509_cms_unenvelope(hx509_context context,
 		     const void *data,
 		     size_t length,
 		     const heim_octet_string *encryptedContent,
-		     time_t time_now,
+		     int64_t time_now,
 		     heim_oid *contentType,
 		     heim_octet_string *content)
 {

lib/hx509/hx_locl.h

@@ -158,7 +158,7 @@ struct hx509_query_data {
     int (*cmp_func)(hx509_context, hx509_cert, void *);
     void *cmp_func_ctx;
     heim_octet_string *keyhash_sha1;
-    time_t timenow;
+    int64_t timenow;
     heim_oid *eku;
     struct hx_expr *expr;
 };
@@ -292,7 +292,7 @@ struct signature_alg {
 
 #define RA_RSA_USES_DIGEST_INFO 0x1000000
 
-    time_t best_before; /* refuse signature made after best before date */
+    int64_t best_before; /* refuse signature made after best before date */
     const EVP_MD *(*evp_md)(void);
     int (*verify_signature)(hx509_context context,
 			    const struct signature_alg *,

lib/hx509/hxtool.c

@@ -889,7 +889,7 @@ pcert_verify(struct verify_options *opt, int argc, char **argv)
     if (opt->time_string) {
 	const char *p;
 	struct tm tm;
-	time_t t;
+	int64_t t;
 
 	memset(&tm, 0, sizeof(tm));
 
@@ -1182,7 +1182,7 @@ static int HX509_LIB_CALL
 verify_o(hx509_context hxcontext, void *ctx, hx509_cert c)
 {
     heim_octet_string *os = ctx;
-    time_t expiration;
+    int64_t expiration;
     int ret;
 
     ret = hx509_ocsp_verify(context, 0, c, 0,

lib/hx509/print.c

@@ -64,12 +64,12 @@ struct cert_status {
 static int
 Time2string(const Time *T, char **str)
 {
-    time_t t;
+    int64_t t;
     char *s;
     struct tm *tm;
 
     *str = NULL;
-    t = _hx509_Time2time_t(T);
+    t = _hx509_Time2int64_t(T);
     tm = gmtime (&t);
     s = malloc(30);
     if (s == NULL)

lib/hx509/revoke.c

@@ -53,15 +53,15 @@
 
 struct revoke_crl {
     char *path;
-    time_t last_modfied;
+    int64_t last_modfied;
     CRLCertificateList crl;
     int verified;
     int failed_verify;
 };
 
 struct revoke_ocsp {
     char *path;
-    time_t last_modfied;
+    int64_t last_modfied;
     OCSPBasicOCSPResponse ocsp;
     hx509_certs certs;
     hx509_cert signer;
@@ -169,7 +169,7 @@ hx509_revoke_free(hx509_revoke_ctx *ctx)
 static int
 verify_ocsp(hx509_context context,
 	    struct revoke_ocsp *ocsp,
-	    time_t time_now,
+	    int64_t time_now,
 	    hx509_certs certs,
 	    hx509_cert parent)
 {
@@ -457,16 +457,16 @@ static int
 verify_crl(hx509_context context,
 	   hx509_revoke_ctx ctx,
 	   CRLCertificateList *crl,
-	   time_t time_now,
+	   int64_t time_now,
 	   hx509_certs certs,
 	   hx509_cert parent)
 {
     hx509_cert signer;
     hx509_query q;
-    time_t t;
+    int64_t t;
     int ret;
 
-    t = _hx509_Time2time_t(&crl->tbsCertList.thisUpdate);
+    t = _hx509_Time2int64_t(&crl->tbsCertList.thisUpdate);
     if (t > time_now) {
 	hx509_set_error_string(context, 0, HX509_CRL_USED_BEFORE_TIME,
 			       "CRL used before time");
@@ -479,7 +479,7 @@ verify_crl(hx509_context context,
 	return HX509_CRL_INVALID_FORMAT;
     }
 
-    t = _hx509_Time2time_t(crl->tbsCertList.nextUpdate);
+    t = _hx509_Time2int64_t(crl->tbsCertList.nextUpdate);
     if (t < time_now) {
 	hx509_set_error_string(context, 0, HX509_CRL_USED_AFTER_TIME,
 			       "CRL used after time");
@@ -588,7 +588,7 @@ crl_parser(hx509_context context, const char *type,
 }
 
 static int
-load_crl(hx509_context context, const char *path, time_t *t, CRLCertificateList *crl)
+load_crl(hx509_context context, const char *path, int64_t *t, CRLCertificateList *crl)
 {
     struct stat sb;
     size_t length;
@@ -710,7 +710,7 @@ HX509_LIB_FUNCTION int HX509_LIB_CALL
 hx509_revoke_verify(hx509_context context,
 		    hx509_revoke_ctx ctx,
 		    hx509_certs certs,
-		    time_t now,
+		    int64_t now,
 		    hx509_cert cert,
 		    hx509_cert parent_cert)
 {
@@ -849,14 +849,14 @@ hx509_revoke_verify(hx509_context context,
 
 	/* check if cert is in crl */
 	for (j = 0; j < crl->crl.tbsCertList.revokedCertificates->len; j++) {
-	    time_t t;
+	    int64_t t;
 
 	    ret = der_heim_integer_cmp(&crl->crl.tbsCertList.revokedCertificates->val[j].userCertificate,
 				       &c->tbsCertificate.serialNumber);
 	    if (ret != 0)
 		continue;
 
-	    t = _hx509_Time2time_t(&crl->crl.tbsCertList.revokedCertificates->val[j].revocationDate);
+	    t = _hx509_Time2int64_t(&crl->crl.tbsCertList.revokedCertificates->val[j].revocationDate);
 	    if (t > now)
 		continue;
 
@@ -1082,7 +1082,7 @@ hx509_ocsp_request(hx509_context context,
 }
 
 static char *
-printable_time(time_t t)
+printable_time(int64_t t)
 {
     static char s[128];
     char *p;
@@ -1184,7 +1184,7 @@ print_crl(hx509_context context, struct revoke_crl *crl, FILE *out)
     }
 
     fprintf(out, " thisUpdate: %s\n", 
-	    printable_time(_hx509_Time2time_t(&crl->crl.tbsCertList.thisUpdate)));
+	    printable_time(_hx509_Time2int64_t(&crl->crl.tbsCertList.thisUpdate)));
 
     return 0;
 }
@@ -1289,11 +1289,11 @@ hx509_revoke_ocsp_print(hx509_context context, const char *path, FILE *out)
 
 HX509_LIB_FUNCTION int HX509_LIB_CALL
 hx509_ocsp_verify(hx509_context context,
-		  time_t now,
+		  int64_t now,
 		  hx509_cert cert,
 		  int flags,
 		  const void *data, size_t length,
-		  time_t *expiration)
+		  int64_t *expiration)
 {
     const Certificate *c = _hx509_get_cert(cert);
     OCSPBasicOCSPResponse basic;
@@ -1382,7 +1382,7 @@ hx509_ocsp_verify(hx509_context context,
 
 struct hx509_crl {
     hx509_certs revoked;
-    time_t expire;
+    int64_t expire;
 };
 
 /**
@@ -1579,7 +1579,7 @@ hx509_crl_sign(hx509_context context,
     }
 
     {
-	time_t next = crl->expire;
+	int64_t next = crl->expire;
 	if (next == 0)
 	    next = time(NULL) + 24 * 3600 * 365;