We only care about dates within years 0000 to 9999 for RFC5280. timegm() is only semi-standard. Some things require the setting awkward defines to get libc to give it to you. Other things let you have it but make it stop working at year 3000. Still other things have 32 bit time_t..... Let's just make our own that actually works. all the time, does everything with an int64_t, and fails if you want to send something out that would overflow a 32 bit time_t. In the process of doing this, we get rid of the old Julian date stuff from OpenSSL, which while functional was a bit awkward dealing only with days, and using the Julian calendar as the reference point instead of potentially something more useful. Julian seconds since Jan 1 1970 00:00:00 UCT are much more useful to us than Julian days since a Julian epoch. The OS implementations of timegm() and gmtime() also can be pretty complex, due to the nature of needing multiple timezone, daylight saving, day of week, and other stuff we simply do not need for doing things with certificate times. A small microbenchmark of 10000000 of each operation comparing this implementation to the system version on my M1 mac gives: bbe-macbookpro:tmp bbe$ time ./openssl_gmtime real 0m0.152s user 0m0.127s sys 0m0.018s bbe-macbookpro:tmp bbe$ time ./gmtime real 0m0.422s user 0m0.403s sys 0m0.014s bbe-macbookpro:tmp bbe$ time ./openssl_timegm real 0m0.041s user 0m0.015s sys 0m0.019s bbe-macbookpro:tmp bbe$ time ./timegm real 0m30.432s user 0m30.383s sys 0m0.040s Similarly On a glinux machine: bbe@bbe-glinux1:~$ time ./openssl_gmtime real 0m0.157s user 0m0.152s sys 0m0.008s bbe@bbe-glinux1:~$ time ./gmtime real 0m0.336s user 0m0.336s sys 0m0.002s bbe@bbe-glinux1:~$ time ./openssl_timegm real 0m0.018s user 0m0.019s sys 0m0.002s bbe@bbe-glinux1:~$ time ./timegm real 0m0.680s user 0m0.671s sys 0m0.011s bbe@bbe-glinux1:~$ Bug: 501 Change-Id: If445272d365f2c9673b5f3264d082af1a342e0a1 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/53245 Commit-Queue: Bob Beck <bbe@google.com> Reviewed-by: David Benjamin <davidben@google.com>chromium-5359
Bob Beck
3 years ago
committed by
Boringssl LUCI CQ
parent
5cb597e3ec
commit
ccd665d2aa
9 changed files with 365 additions and 288 deletions
@ -0,0 +1,227 @@ |
||||
/* Copyright (c) 2022, Google Inc.
|
||||
* |
||||
* Permission to use, copy, modify, and/or distribute this software for any |
||||
* purpose with or without fee is hereby granted, provided that the above |
||||
* copyright notice and this permission notice appear in all copies. |
||||
* |
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
||||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
||||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY |
||||
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
||||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION |
||||
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN |
||||
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ |
||||
|
||||
// Time conversion to/from POSIX time_t and struct tm, with no support
|
||||
// for time zones other than UTC
|
||||
|
||||
#include <assert.h> |
||||
#include <inttypes.h> |
||||
#include <limits.h> |
||||
#include <string.h> |
||||
#include <time.h> |
||||
|
||||
#include "internal.h" |
||||
|
||||
#define SECS_PER_HOUR (60 * 60) |
||||
#define SECS_PER_DAY (24 * SECS_PER_HOUR) |
||||
|
||||
|
||||
// Is a year/month/day combination valid, in the range from year 0000
|
||||
// to 9999?
|
||||
static int is_valid_date(int year, int month, int day) { |
||||
if (day < 1 || month < 1 || year < 0 || year > 9999) { |
||||
return 0; |
||||
} |
||||
switch (month) { |
||||
case 1: |
||||
case 3: |
||||
case 5: |
||||
case 7: |
||||
case 8: |
||||
case 10: |
||||
case 12: |
||||
return day > 0 && day <= 31; |
||||
case 4: |
||||
case 6: |
||||
case 9: |
||||
case 11: |
||||
return day > 0 && day <= 30; |
||||
case 2: |
||||
if ((year % 4 == 0 && year % 100 != 0) || year % 400 == 0) { |
||||
return day > 0 && day <= 29; |
||||
} else { |
||||
return day > 0 && day <= 28; |
||||
} |
||||
default: |
||||
return 0; |
||||
} |
||||
} |
||||
|
||||
// Is a time valid? Leap seconds of 60 are not considered valid, as
|
||||
// the POSIX time in seconds does not include them.
|
||||
static int is_valid_time(int hours, int minutes, int seconds) { |
||||
if (hours < 0 || minutes < 0 || seconds < 0 || hours > 23 || minutes > 59 || |
||||
seconds > 59) { |
||||
return 0; |
||||
} |
||||
return 1; |
||||
} |
||||
|
||||
// Is a int64 time representing a time within our expected range?
|
||||
static int is_valid_epoch_time(int64_t time) { |
||||
// 0000-01-01 00:00:00 UTC to 9999-12-31 23:59:59 UTC
|
||||
return (int64_t)-62167219200 <= time && time <= (int64_t)253402300799; |
||||
} |
||||
|
||||
// Inspired by algorithms presented in
|
||||
// https://howardhinnant.github.io/date_algorithms.html
|
||||
// (Public Domain)
|
||||
static int posix_time_from_utc(int year, int month, int day, int hours, |
||||
int minutes, int seconds, int64_t *out_time) { |
||||
if (!is_valid_date(year, month, day) || |
||||
!is_valid_time(hours, minutes, seconds)) { |
||||
return 0; |
||||
} |
||||
if (month <= 2) { |
||||
year--; // Start years on Mar 1, so leap days always finish a year.
|
||||
} |
||||
// At this point year will be in the range -1 and 9999.
|
||||
assert(-1 <= year && year <= 9999); |
||||
int64_t era = (year >= 0 ? year : year - 399) / 400; |
||||
int64_t year_of_era = year - era * 400; |
||||
int64_t day_of_year = |
||||
(153 * (month > 2 ? month - 3 : month + 9) + 2) / 5 + day - 1; |
||||
int64_t day_of_era = |
||||
year_of_era * 365 + year_of_era / 4 - year_of_era / 100 + day_of_year; |
||||
int64_t posix_days = era * 146097 + day_of_era - 719468; |
||||
*out_time = posix_days * SECS_PER_DAY + hours * SECS_PER_HOUR + minutes * 60 + |
||||
seconds; |
||||
return 1; |
||||
} |
||||
|
||||
// Inspired by algorithms presented in
|
||||
// https://howardhinnant.github.io/date_algorithms.html
|
||||
// (Public Domain)
|
||||
static int utc_from_posix_time(int64_t time, int *out_year, int *out_month, |
||||
int *out_day, int *out_hours, int *out_minutes, |
||||
int *out_seconds) { |
||||
if (!is_valid_epoch_time(time)) { |
||||
return 0; |
||||
} |
||||
int64_t days = time / SECS_PER_DAY; |
||||
int64_t leftover_seconds = time % SECS_PER_DAY; |
||||
if (leftover_seconds < 0) { |
||||
days--; |
||||
leftover_seconds += SECS_PER_DAY; |
||||
} |
||||
days += 719468; // Shift to starting epoch of Mar 1 0000.
|
||||
// At this point, days will be in the range -61 and 3652364.
|
||||
assert(-61 <= days && days <= 3652364); |
||||
int64_t era = (days > 0 ? days : days - 146096) / 146097; |
||||
int64_t day_of_era = days - era * 146097; |
||||
int64_t year_of_era = (day_of_era - day_of_era / 1460 + day_of_era / 36524 - |
||||
day_of_era / 146096) / |
||||
365; |
||||
*out_year = (int)(year_of_era + era * 400); // Year starting on Mar 1.
|
||||
int64_t day_of_year = |
||||
day_of_era - (365 * year_of_era + year_of_era / 4 - year_of_era / 100); |
||||
int64_t month_of_year = (5 * day_of_year + 2) / 153; |
||||
*out_month = |
||||
(int)(month_of_year < 10 ? month_of_year + 3 : month_of_year - 9); |
||||
if (*out_month <= 2) { |
||||
(*out_year)++; // Adjust year back to Jan 1 start of year.
|
||||
} |
||||
*out_day = (int)(day_of_year - (153 * month_of_year + 2) / 5 + 1); |
||||
*out_hours = (int)(leftover_seconds / SECS_PER_HOUR); |
||||
leftover_seconds %= SECS_PER_HOUR; |
||||
*out_minutes = (int)(leftover_seconds / 60); |
||||
*out_seconds = (int)(leftover_seconds % 60); |
||||
return 1; |
||||
} |
||||
|
||||
int OPENSSL_tm_to_posix(const struct tm *tm, int64_t *out) { |
||||
return posix_time_from_utc(tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, |
||||
tm->tm_hour, tm->tm_min, tm->tm_sec, out); |
||||
} |
||||
|
||||
int OPENSSL_posix_to_tm(int64_t time, struct tm *out_tm) { |
||||
memset(out_tm, 0, sizeof(struct tm)); |
||||
if (!utc_from_posix_time(time, &out_tm->tm_year, &out_tm->tm_mon, |
||||
&out_tm->tm_mday, &out_tm->tm_hour, &out_tm->tm_min, |
||||
&out_tm->tm_sec)) { |
||||
return 0; |
||||
} |
||||
out_tm->tm_year -= 1900; |
||||
out_tm->tm_mon -= 1; |
||||
|
||||
return 1; |
||||
} |
||||
|
||||
int OPENSSL_timegm(const struct tm *tm, time_t *out) { |
||||
static_assert( |
||||
sizeof(time_t) == sizeof(int32_t) || sizeof(time_t) == sizeof(int64_t), |
||||
"time_t is broken"); |
||||
int64_t posix_time; |
||||
if (!OPENSSL_tm_to_posix(tm, &posix_time)) { |
||||
return 0; |
||||
} |
||||
if (sizeof(time_t) == sizeof(int32_t) && |
||||
(posix_time > INT32_MAX || posix_time < INT32_MIN)) { |
||||
return 0; |
||||
} |
||||
*out = (time_t)posix_time; |
||||
return 1; |
||||
} |
||||
|
||||
struct tm *OPENSSL_gmtime(const time_t *time, struct tm *out_tm) { |
||||
static_assert( |
||||
sizeof(time_t) == sizeof(int32_t) || sizeof(time_t) == sizeof(int64_t), |
||||
"time_t is broken"); |
||||
int64_t posix_time = *time; |
||||
if (!OPENSSL_posix_to_tm(posix_time, out_tm)) { |
||||
return NULL; |
||||
} |
||||
return out_tm; |
||||
} |
||||
|
||||
int OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec) { |
||||
int64_t posix_time; |
||||
if (!posix_time_from_utc(tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, |
||||
tm->tm_hour, tm->tm_min, tm->tm_sec, &posix_time)) { |
||||
return 0; |
||||
} |
||||
if (!utc_from_posix_time(posix_time + off_day * SECS_PER_DAY + offset_sec, |
||||
&tm->tm_year, &tm->tm_mon, &tm->tm_mday, |
||||
&tm->tm_hour, &tm->tm_min, &tm->tm_sec)) { |
||||
return 0; |
||||
} |
||||
tm->tm_year -= 1900; |
||||
tm->tm_mon -= 1; |
||||
|
||||
return 1; |
||||
} |
||||
|
||||
int OPENSSL_gmtime_diff(int *out_days, int *out_secs, const struct tm *from, |
||||
const struct tm *to) { |
||||
int64_t time_to; |
||||
if (!posix_time_from_utc(to->tm_year + 1900, to->tm_mon + 1, to->tm_mday, |
||||
to->tm_hour, to->tm_min, to->tm_sec, &time_to)) { |
||||
return 0; |
||||
} |
||||
int64_t time_from; |
||||
if (!posix_time_from_utc(from->tm_year + 1900, from->tm_mon + 1, |
||||
from->tm_mday, from->tm_hour, from->tm_min, |
||||
from->tm_sec, &time_from)) { |
||||
return 0; |
||||
} |
||||
int64_t timediff = time_to - time_from; |
||||
int64_t daydiff = timediff / SECS_PER_DAY; |
||||
timediff %= SECS_PER_DAY; |
||||
if (daydiff > INT_MAX || daydiff < INT_MIN) { |
||||
return 0; |
||||
} |
||||
*out_secs = (int)timediff; |
||||
*out_days = (int)daydiff; |
||||
return 1; |
||||
} |
||||
@ -1,206 +0,0 @@ |
||||
/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
|
||||
* project 2001. |
||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
||||
* project 2008. |
||||
*/ |
||||
/* ====================================================================
|
||||
* Copyright (c) 2001 The OpenSSL Project. All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions |
||||
* are met: |
||||
* |
||||
* 1. Redistributions of source code must retain the above copyright |
||||
* notice, this list of conditions and the following disclaimer. |
||||
* |
||||
* 2. Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in |
||||
* the documentation and/or other materials provided with the |
||||
* distribution. |
||||
* |
||||
* 3. All advertising materials mentioning features or use of this |
||||
* software must display the following acknowledgment: |
||||
* "This product includes software developed by the OpenSSL Project |
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
* |
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
||||
* endorse or promote products derived from this software without |
||||
* prior written permission. For written permission, please contact |
||||
* licensing@OpenSSL.org. |
||||
* |
||||
* 5. Products derived from this software may not be called "OpenSSL" |
||||
* nor may "OpenSSL" appear in their names without prior written |
||||
* permission of the OpenSSL Project. |
||||
* |
||||
* 6. Redistributions of any form whatsoever must retain the following |
||||
* acknowledgment: |
||||
* "This product includes software developed by the OpenSSL Project |
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
* |
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
||||
* OF THE POSSIBILITY OF SUCH DAMAGE. |
||||
* ==================================================================== |
||||
* |
||||
* This product includes cryptographic software written by Eric Young |
||||
* (eay@cryptsoft.com). This product includes software written by Tim |
||||
* Hudson (tjh@cryptsoft.com). */ |
||||
|
||||
#if defined(__linux__) && !defined(_POSIX_C_SOURCE) |
||||
#define _POSIX_C_SOURCE 201410L // for gmtime_r
|
||||
#endif |
||||
|
||||
#include "internal.h" |
||||
|
||||
#include <time.h> |
||||
|
||||
|
||||
#define SECS_PER_DAY (24 * 60 * 60) |
||||
|
||||
struct tm *OPENSSL_gmtime(const time_t *time, struct tm *result) { |
||||
#if defined(OPENSSL_WINDOWS) |
||||
if (gmtime_s(result, time)) { |
||||
return NULL; |
||||
} |
||||
return result; |
||||
#else |
||||
return gmtime_r(time, result); |
||||
#endif |
||||
} |
||||
|
||||
// Convert date to and from julian day Uses Fliegel & Van Flandern algorithm
|
||||
static long date_to_julian(int y, int m, int d) { |
||||
return (1461 * (y + 4800 + (m - 14) / 12)) / 4 + |
||||
(367 * (m - 2 - 12 * ((m - 14) / 12))) / 12 - |
||||
(3 * ((y + 4900 + (m - 14) / 12) / 100)) / 4 + d - 32075; |
||||
} |
||||
|
||||
static void julian_to_date(long jd, int *y, int *m, int *d) { |
||||
long L = jd + 68569; |
||||
long n = (4 * L) / 146097; |
||||
long i, j; |
||||
|
||||
L = L - (146097 * n + 3) / 4; |
||||
i = (4000 * (L + 1)) / 1461001; |
||||
L = L - (1461 * i) / 4 + 31; |
||||
j = (80 * L) / 2447; |
||||
*d = L - (2447 * j) / 80; |
||||
L = j / 11; |
||||
*m = j + 2 - (12 * L); |
||||
*y = 100 * (n - 49) + i + L; |
||||
} |
||||
|
||||
// Convert tm structure and offset into julian day and seconds
|
||||
static int julian_adj(const struct tm *tm, int off_day, long offset_sec, |
||||
long *pday, int *psec) { |
||||
int offset_hms, offset_day; |
||||
long time_jd; |
||||
int time_year, time_month, time_day; |
||||
// split offset into days and day seconds
|
||||
offset_day = offset_sec / SECS_PER_DAY; |
||||
// Avoid sign issues with % operator
|
||||
offset_hms = offset_sec - (offset_day * SECS_PER_DAY); |
||||
offset_day += off_day; |
||||
// Add current time seconds to offset
|
||||
offset_hms += tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec; |
||||
// Adjust day seconds if overflow
|
||||
if (offset_hms >= SECS_PER_DAY) { |
||||
offset_day++; |
||||
offset_hms -= SECS_PER_DAY; |
||||
} else if (offset_hms < 0) { |
||||
offset_day--; |
||||
offset_hms += SECS_PER_DAY; |
||||
} |
||||
|
||||
// Convert date of time structure into a Julian day number.
|
||||
|
||||
time_year = tm->tm_year + 1900; |
||||
time_month = tm->tm_mon + 1; |
||||
time_day = tm->tm_mday; |
||||
|
||||
time_jd = date_to_julian(time_year, time_month, time_day); |
||||
|
||||
// Work out Julian day of new date
|
||||
time_jd += offset_day; |
||||
|
||||
if (time_jd < 0) { |
||||
return 0; |
||||
} |
||||
|
||||
*pday = time_jd; |
||||
*psec = offset_hms; |
||||
return 1; |
||||
} |
||||
|
||||
int OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec) { |
||||
int time_sec, time_year, time_month, time_day; |
||||
long time_jd; |
||||
|
||||
// Convert time and offset into julian day and seconds
|
||||
if (!julian_adj(tm, off_day, offset_sec, &time_jd, &time_sec)) { |
||||
return 0; |
||||
} |
||||
|
||||
// Convert Julian day back to date
|
||||
|
||||
julian_to_date(time_jd, &time_year, &time_month, &time_day); |
||||
|
||||
if (time_year < 1900 || time_year > 9999) { |
||||
return 0; |
||||
} |
||||
|
||||
// Update tm structure
|
||||
|
||||
tm->tm_year = time_year - 1900; |
||||
tm->tm_mon = time_month - 1; |
||||
tm->tm_mday = time_day; |
||||
|
||||
tm->tm_hour = time_sec / 3600; |
||||
tm->tm_min = (time_sec / 60) % 60; |
||||
tm->tm_sec = time_sec % 60; |
||||
|
||||
return 1; |
||||
} |
||||
|
||||
int OPENSSL_gmtime_diff(int *out_days, int *out_secs, const struct tm *from, |
||||
const struct tm *to) { |
||||
int from_sec, to_sec, diff_sec; |
||||
long from_jd, to_jd, diff_day; |
||||
|
||||
if (!julian_adj(from, 0, 0, &from_jd, &from_sec)) { |
||||
return 0; |
||||
} |
||||
if (!julian_adj(to, 0, 0, &to_jd, &to_sec)) { |
||||
return 0; |
||||
} |
||||
|
||||
diff_day = to_jd - from_jd; |
||||
diff_sec = to_sec - from_sec; |
||||
// Adjust differences so both positive or both negative
|
||||
if (diff_day > 0 && diff_sec < 0) { |
||||
diff_day--; |
||||
diff_sec += SECS_PER_DAY; |
||||
} |
||||
if (diff_day < 0 && diff_sec > 0) { |
||||
diff_day++; |
||||
diff_sec -= SECS_PER_DAY; |
||||
} |
||||
|
||||
if (out_days) { |
||||
*out_days = (int)diff_day; |
||||
} |
||||
if (out_secs) { |
||||
*out_secs = diff_sec; |
||||
} |
||||
|
||||
return 1; |
||||
} |
||||
Loading…
Reference in new issue