Hi,
The php openssl library implements a function named openssl_csr_sign() and
inside that function one can find the following line:
X509_gmtime_adj(X509_get_notAfter(new_cert), (long)60*60*24*num_days);
This obviously provokes an overflow in cases of large values of "num_days", say
36500 (representing 100 years), on 32-bit systems where usually "sizeof(long) =
4". The bug report I opened in the php bugtracker was closed with "not a bug"
pointing to the openssl API. The php people correctly pointed out that
X509_gmtime_adj() needs a long value as parameter.
I found that OpenSSL Cert creation example code
(https://github.com/cloudmeter/openssl/blob/master/demos/x509/mkcert.c) has
that very same line in it and should therefore be subject to the same issue:
X509_set_version(x,2);
ASN1_INTEGER_set(X509_get_serialNumber(x),serial);
X509_gmtime_adj(X509_get_notBefore(x),0);
X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);
X509_set_pubkey(x,pk);
After searching around a bit I assume that with newer versions of OpenSSL using
OPENSSL_gmtime_adj() or X509_time_adj_ex instead of X509_gmtime_adj() would
maybe resolve this obvious limitation. Unfortunately I'm not able to
immediately see how (my C skills are rather limited and I'm not experienced
with using OpenSSL). Could somebody on this list maybe be so kind and point me
in the right direction?
Thanks
Alex
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
