-\ Get the validation date and time from the context or system.
-cc: get-system-date ( -- days seconds ) {
- if (CTX->days == 0 && CTX->seconds == 0) {
+\ Check the provided validity range against the current (or configured)
+\ date and time ("na" = notAfter, "nb = notBefore). Returned value:
+\ -1 current date/time is before the notBefore date
+\ 0 current date/time is within the allowed range
+\ +1 current date/time is after the notAfter range
+\ If the current date/time is not available, then this function triggers a
+\ failure and does not return.
+cc: check-validity-range ( na-days na-seconds nb-days nb-seconds -- int ) {
+ uint32_t nbs = T0_POP();
+ uint32_t nbd = T0_POP();
+ uint32_t nas = T0_POP();
+ uint32_t nad = T0_POP();
+ int r;
+ if (CTX->itime != 0) {
+ r = CTX->itime(CTX->itime_ctx, nbd, nbs, nad, nas);
+ if (r < -1 || r > 1) {
+ CTX->err = BR_ERR_X509_TIME_UNKNOWN;
+ T0_CO();
+ }
+ } else {
+ uint32_t vd = CTX->days;
+ uint32_t vs = CTX->seconds;
+ if (vd == 0 && vs == 0) {