commit 735b37eeef5f300d458ebe60381e979c8aa2a5ae
author Andres Amaya Garcia <andres.amayagarcia@arm.com> Mon Nov 21 15:38:02 2016 +0000
committer Simon Butcher <simon.butcher@arm.com> Thu Oct 12 23:21:37 2017 +0100
tree cf4fa275f33376beb900a2442bf6086ad7217daa
parent b0f148c0ab742acd45b16996b3605eb1a29e07ee

Correctly handle leap year in x509_date_is_valid()

This patch ensures that invalid dates on leap years with 100 or 400
years intervals are handled correctly.

library/x509.c

diff --git a/library/x509.c b/library/x509.c
index e94a8a3..371d6da 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -496,9 +496,10 @@
     return( 0 );
 }
 
-static int x509_date_is_valid(const mbedtls_x509_time *t)
+static int x509_date_is_valid(const mbedtls_x509_time *t )
 {
     int ret = MBEDTLS_ERR_X509_INVALID_DATE;
+    int month_len;
 
     CHECK_RANGE( 0, 9999, t->year );
     CHECK_RANGE( 0, 23,   t->hour );
@@ -508,17 +509,22 @@
     switch( t->mon )
     {
         case 1: case 3: case 5: case 7: case 8: case 10: case 12:
-            CHECK_RANGE( 1, 31, t->day );
+            month_len = 31;
             break;
         case 4: case 6: case 9: case 11:
-            CHECK_RANGE( 1, 30, t->day );
+            month_len = 30;
             break;
         case 2:
-            CHECK_RANGE( 1, 28 + (t->year % 4 == 0), t->day );
+            if( ( !( t->year % 4 ) && t->year % 100 ) ||
+                !( t->year % 400 ) )
+                month_len = 29;
+            else
+                month_len = 28;
             break;
         default:
             return( ret );
     }
+    CHECK_RANGE( 1, month_len, t->day );
 
     return( 0 );
 }