[gnutls-devel] GnuTLS | The incorrect UTC time value. (#1675)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Sat Mar 8 02:54:25 CET 2025
Qianxin Cheng created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1675
## Description of problem:
The RFC standard for X.509 CRL restricts the thisUpdate field to only two formats: UTCTime (YYMMDDHHMMSSZ) in ASN.1 representation and GeneralizedTime (YYYYMMDDHHMMSSZ). However, GnuTLS 3.7.11 accepts the thisUpdate field format as (YYYYMMDDHHZ), with a value like ("2017090721Z") in the CRL.
## Version of gnutls used:
GnuTLS 3.8.9
## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Ubuntu
## How reproducible:
certtool --crl-info --inder --infile crl_file_gn_time.der
## Actual results:
CRL的This Update值被打印为Issued: Wed Dec 31 23:59:59 UTC 1969
## Expected results:
The RFC standard for X.509 CRL restricts the thisUpdate field to only two formats: ASN.1 encoded UTCTime (YYMMDDHHMMSSZ) and GeneralizedTime (YYYYMMDDHHMMSSZ). Therefore, it should reject a CRL with a thisUpdate field in the format (YYYYMMDDHHZ), with a value like ("2017090721Z").[crl_file_gn_time.der](/uploads/dbe2c4200feb727100571c3392d1feb2/crl_file_gn_time.der)
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1675
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250308/ce24b05f/attachment.html>
More information about the Gnutls-devel
mailing list