1
0
mirror of https://github.com/golang/go synced 2024-11-20 07:34:40 -07:00

crypto/x509: always write validity times in UTC.

RFC 5280 section 4.1.2.5.1 says so.

R=golang-dev, bradfitz
CC=golang-dev
https://golang.org/cl/6775068
This commit is contained in:
Adam Langley 2012-10-29 11:16:58 -04:00
parent 4d17fe3cd6
commit 184e7a2bf2

View File

@ -1224,7 +1224,7 @@ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub interf
SerialNumber: template.SerialNumber, SerialNumber: template.SerialNumber,
SignatureAlgorithm: signatureAlgorithm, SignatureAlgorithm: signatureAlgorithm,
Issuer: asn1.RawValue{FullBytes: asn1Issuer}, Issuer: asn1.RawValue{FullBytes: asn1Issuer},
Validity: validity{template.NotBefore, template.NotAfter}, Validity: validity{template.NotBefore.UTC(), template.NotAfter.UTC()},
Subject: asn1.RawValue{FullBytes: asn1Subject}, Subject: asn1.RawValue{FullBytes: asn1Subject},
PublicKey: publicKeyInfo{nil, publicKeyAlgorithm, encodedPublicKey}, PublicKey: publicKeyInfo{nil, publicKeyAlgorithm, encodedPublicKey},
Extensions: extensions, Extensions: extensions,
@ -1314,8 +1314,8 @@ func (c *Certificate) CreateCRL(rand io.Reader, priv interface{}, revokedCerts [
Algorithm: oidSignatureSHA1WithRSA, Algorithm: oidSignatureSHA1WithRSA,
}, },
Issuer: c.Subject.ToRDNSequence(), Issuer: c.Subject.ToRDNSequence(),
ThisUpdate: now, ThisUpdate: now.UTC(),
NextUpdate: expiry, NextUpdate: expiry.UTC(),
RevokedCertificates: revokedCerts, RevokedCertificates: revokedCerts,
} }