//
#include <string.h>
+#include <time.h>
#include <openssl/asn1.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
/*
Function:
+_MakeTimeT
+
+Used to convert the constituent elements of a struct tm into a time_t. As time_t does not have
+a guaranteed blitting size, this should never be p/invoked. It is here merely as a utility.
+
+Return values:
+A time_t representation of the input date. See also man mktime(3).
+*/
+time_t
+_MakeTimeT(
+ int year,
+ int month,
+ int day,
+ int hour,
+ int minute,
+ int second,
+ int isDst)
+{
+ struct tm currentTm;
+ currentTm.tm_year = year - 1900;
+ currentTm.tm_mon = month;
+ currentTm.tm_mday = day;
+ currentTm.tm_hour = hour;
+ currentTm.tm_min = minute;
+ currentTm.tm_sec = second;
+ currentTm.tm_isdst = isDst;
+ return mktime(¤tTm);
+}
+
+/*
+Function:
GetX509Thumbprint
Used by System.Security.Cryptography.X509Certificates' OpenSslX509CertificateReader to copy the SHA1
{
sk_X509_pop_free(stack, X509_free);
}
+
+/*
+Function:
+SetX509ChainVerifyTime
+
+Used by System.Security.Cryptography.X509Certificates' OpenSslX509ChainProcessor to assign the
+verification time to the chain building. The input is in LOCAL time, not UTC.
+
+Return values:
+0 if ctx is NULL, if ctx has no X509_VERIFY_PARAM, or the date inputs don't produce a valid time_t;
+1 on success.
+*/
+int
+SetX509ChainVerifyTime(
+ X509_STORE_CTX* ctx,
+ int year,
+ int month,
+ int day,
+ int hour,
+ int minute,
+ int second,
+ int isDst)
+{
+ if (!ctx)
+ {
+ return 0;
+ }
+
+ time_t verifyTime = _MakeTimeT(year, month, day, hour, minute, second, isDst);
+
+ if (verifyTime == (time_t)-1)
+ {
+ return 0;
+ }
+
+ X509_VERIFY_PARAM* verifyParams = X509_STORE_CTX_get0_param(ctx);
+
+ if (!verifyParams)
+ {
+ return 0;
+ }
+
+ X509_VERIFY_PARAM_set_time(verifyParams, verifyTime);
+ return 1;
+}
+
+/*
+Function:
+GetX509RootStorePath
+
+Used by System.Security.Cryptography.X509Certificates' Unix StorePal to determine the path to use
+for the LocalMachine\Root X509 store.
+
+Return values:
+The directory which would be applied for X509_LOOKUP_add_dir(ctx, NULL). That is, the value of the
+SSL_CERT_DIR environment variable, or the value of the X509_CERT_DIR compile-time constant.
+*/
+const char*
+GetX509RootStorePath()
+{
+ const char* dir = getenv(X509_get_default_cert_dir_env());
+
+ if (!dir)
+ {
+ dir = X509_get_default_cert_dir();
+ }
+
+ return dir;
+}