mirror of
https://github.com/golang/go
synced 2024-11-20 07:34:40 -07:00
crypto/x509: always write validity times in UTC.
RFC 5280 section 4.1.2.5.1 says so. R=golang-dev, bradfitz CC=golang-dev https://golang.org/cl/6775068
This commit is contained in:
parent
4d17fe3cd6
commit
184e7a2bf2
@ -1224,7 +1224,7 @@ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub interf
|
|||||||
SerialNumber: template.SerialNumber,
|
SerialNumber: template.SerialNumber,
|
||||||
SignatureAlgorithm: signatureAlgorithm,
|
SignatureAlgorithm: signatureAlgorithm,
|
||||||
Issuer: asn1.RawValue{FullBytes: asn1Issuer},
|
Issuer: asn1.RawValue{FullBytes: asn1Issuer},
|
||||||
Validity: validity{template.NotBefore, template.NotAfter},
|
Validity: validity{template.NotBefore.UTC(), template.NotAfter.UTC()},
|
||||||
Subject: asn1.RawValue{FullBytes: asn1Subject},
|
Subject: asn1.RawValue{FullBytes: asn1Subject},
|
||||||
PublicKey: publicKeyInfo{nil, publicKeyAlgorithm, encodedPublicKey},
|
PublicKey: publicKeyInfo{nil, publicKeyAlgorithm, encodedPublicKey},
|
||||||
Extensions: extensions,
|
Extensions: extensions,
|
||||||
@ -1314,8 +1314,8 @@ func (c *Certificate) CreateCRL(rand io.Reader, priv interface{}, revokedCerts [
|
|||||||
Algorithm: oidSignatureSHA1WithRSA,
|
Algorithm: oidSignatureSHA1WithRSA,
|
||||||
},
|
},
|
||||||
Issuer: c.Subject.ToRDNSequence(),
|
Issuer: c.Subject.ToRDNSequence(),
|
||||||
ThisUpdate: now,
|
ThisUpdate: now.UTC(),
|
||||||
NextUpdate: expiry,
|
NextUpdate: expiry.UTC(),
|
||||||
RevokedCertificates: revokedCerts,
|
RevokedCertificates: revokedCerts,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user