diff --git a/include/ccf/ds/x509_time_fmt.h b/include/ccf/ds/x509_time_fmt.h index 7dc01f597f65..2b39827976f3 100644 --- a/include/ccf/ds/x509_time_fmt.h +++ b/include/ccf/ds/x509_time_fmt.h @@ -11,7 +11,7 @@ #include #include -namespace ds +namespace ccf::ds { static inline std::string to_x509_time_string(const std::tm& time) { diff --git a/src/crypto/certs.h b/src/crypto/certs.h index d846a401ec96..24a41ce2dbfc 100644 --- a/src/crypto/certs.h +++ b/src/crypto/certs.h @@ -4,8 +4,8 @@ #include "ccf/crypto/key_pair.h" #include "ccf/crypto/pem.h" +#include "ccf/ds/x509_time_fmt.h" -#include #include #include @@ -17,9 +17,9 @@ namespace ccf::crypto using namespace std::chrono_literals; // Note: As per RFC 5280, the validity period runs until "notAfter" // _inclusive_ so substract one second from the validity period. - auto valid_to = ::ds::time_point_from_string(valid_from) + + auto valid_to = ccf::ds::time_point_from_string(valid_from) + std::chrono::days(validity_period_days) - 1s; - return ::ds::to_x509_time_string(valid_to); + return ccf::ds::to_x509_time_string(valid_to); } static Pem create_self_signed_cert( diff --git a/src/crypto/openssl/openssl_wrappers.h b/src/crypto/openssl/openssl_wrappers.h index 11128e80774c..6cbd71c35435 100644 --- a/src/crypto/openssl/openssl_wrappers.h +++ b/src/crypto/openssl/openssl_wrappers.h @@ -6,7 +6,8 @@ #define FMT_HEADER_ONLY -#include +#include "ccf/ds/x509_time_fmt.h" + #include #include #include @@ -360,7 +361,7 @@ namespace ccf::crypto Unique_X509_TIME(const std::string& s) : Unique_SSL_OBJECT(ASN1_TIME_new(), ASN1_TIME_free, /*check_null=*/false) { - auto t = ::ds::to_x509_time_string(s); + auto t = ccf::ds::to_x509_time_string(s); CHECK1(ASN1_TIME_set_string(*this, t.c_str())); CHECK1(ASN1_TIME_normalize(*this)); } @@ -368,7 +369,7 @@ namespace ccf::crypto Unique_SSL_OBJECT(t, ASN1_TIME_free, /*check_null=*/false) {} Unique_X509_TIME(const std::chrono::system_clock::time_point& t) : - Unique_X509_TIME(::ds::to_x509_time_string(t)) + Unique_X509_TIME(ccf::ds::to_x509_time_string(t)) {} }; diff --git a/src/crypto/openssl/verifier.cpp b/src/crypto/openssl/verifier.cpp index cd192854b713..5bd034d5e271 100644 --- a/src/crypto/openssl/verifier.cpp +++ b/src/crypto/openssl/verifier.cpp @@ -208,7 +208,7 @@ namespace ccf::crypto const std::chrono::system_clock::time_point& now) const { auto [from, to] = validity_period(); - auto tp_to = ::ds::time_point_from_string(to); + auto tp_to = ccf::ds::time_point_from_string(to); return std::chrono::duration_cast(tp_to - now) .count() + 1; @@ -218,8 +218,8 @@ namespace ccf::crypto const std::chrono::system_clock::time_point& now) const { auto [from, to] = validity_period(); - auto tp_from = ::ds::time_point_from_string(from); - auto tp_to = ::ds::time_point_from_string(to); + auto tp_from = ccf::ds::time_point_from_string(from); + auto tp_to = ccf::ds::time_point_from_string(to); auto total_sec = std::chrono::duration_cast(tp_to - tp_from) .count() + diff --git a/src/crypto/openssl/x509_time.h b/src/crypto/openssl/x509_time.h index 418846538131..00839ac7641f 100644 --- a/src/crypto/openssl/x509_time.h +++ b/src/crypto/openssl/x509_time.h @@ -2,9 +2,9 @@ // Licensed under the Apache 2.0 License. #pragma once +#include "ccf/ds/x509_time_fmt.h" #include "openssl_wrappers.h" -#include #include namespace ccf::crypto::OpenSSL @@ -30,6 +30,6 @@ namespace ccf::crypto::OpenSSL { std::tm t; CHECK1(ASN1_TIME_to_tm(time, &t)); - return ::ds::to_x509_time_string(t); + return ccf::ds::to_x509_time_string(t); } } diff --git a/src/crypto/test/crypto.cpp b/src/crypto/test/crypto.cpp index 8d7ee3354990..5fccd1aa5e8d 100644 --- a/src/crypto/test/crypto.cpp +++ b/src/crypto/test/crypto.cpp @@ -12,6 +12,7 @@ #include "ccf/crypto/rsa_key_pair.h" #include "ccf/crypto/symmetric_key.h" #include "ccf/crypto/verifier.h" +#include "ccf/ds/x509_time_fmt.h" #include "crypto/certs.h" #include "crypto/csr.h" #include "crypto/openssl/cose_sign.h" @@ -22,7 +23,6 @@ #include "crypto/openssl/verifier.h" #include "crypto/openssl/x509_time.h" -#include #include #include #include @@ -189,7 +189,7 @@ ccf::crypto::Pem generate_self_signed_cert( constexpr size_t certificate_validity_period_days = 365; using namespace std::literals; auto valid_from = - ::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); + ccf::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); return ccf::crypto::create_self_signed_cert( kp, name, {}, valid_from, certificate_validity_period_days); @@ -755,71 +755,71 @@ void run_csr(bool corrupt_csr = false) TEST_CASE("2-digit years") { auto time_str = "220405175422Z"; - auto tp = ::ds::time_point_from_string(time_str); - auto conv = ::ds::to_x509_time_string(tp); + auto tp = ccf::ds::time_point_from_string(time_str); + auto conv = ccf::ds::to_x509_time_string(tp); REQUIRE(conv == std::string("20") + time_str); } TEST_CASE("Non-ASN.1 timepoint formats") { auto time_str = "2022-04-05 18:53:27"; - auto tp = ::ds::time_point_from_string(time_str); - auto conv = ::ds::to_x509_time_string(tp); + auto tp = ccf::ds::time_point_from_string(time_str); + auto conv = ccf::ds::to_x509_time_string(tp); REQUIRE(conv == "20220405185327Z"); time_str = "2022-04-05 18:53:27.190380"; - tp = ::ds::time_point_from_string(time_str); - conv = ::ds::to_x509_time_string(tp); + tp = ccf::ds::time_point_from_string(time_str); + conv = ccf::ds::to_x509_time_string(tp); REQUIRE(conv == "20220405185327Z"); time_str = "2022-04-05 18:53:27 +03:00"; - tp = ::ds::time_point_from_string(time_str); - conv = ::ds::to_x509_time_string(tp); + tp = ccf::ds::time_point_from_string(time_str); + conv = ccf::ds::to_x509_time_string(tp); REQUIRE(conv == "20220405155327Z"); time_str = "2022-04-05 18:53:27 +0300"; - tp = ::ds::time_point_from_string(time_str); - conv = ::ds::to_x509_time_string(tp); + tp = ccf::ds::time_point_from_string(time_str); + conv = ccf::ds::to_x509_time_string(tp); REQUIRE(conv == "20220405155327Z"); time_str = "2022-04-05 18:53:27.190380+03:00"; - tp = ::ds::time_point_from_string(time_str); - conv = ::ds::to_x509_time_string(tp); + tp = ccf::ds::time_point_from_string(time_str); + conv = ccf::ds::to_x509_time_string(tp); REQUIRE(conv == "20220405155327Z"); time_str = "2022-04-05 18:53:27 -03:00"; - tp = ::ds::time_point_from_string(time_str); - conv = ::ds::to_x509_time_string(tp); + tp = ccf::ds::time_point_from_string(time_str); + conv = ccf::ds::to_x509_time_string(tp); REQUIRE(conv == "20220405215327Z"); time_str = "2022-04-07T10:37:49.567612"; - tp = ::ds::time_point_from_string(time_str); - conv = ::ds::to_x509_time_string(tp); + tp = ccf::ds::time_point_from_string(time_str); + conv = ccf::ds::to_x509_time_string(tp); REQUIRE(conv == "20220407103749Z"); time_str = "2022-04-07T10:37:49.567612+03:00"; - tp = ::ds::time_point_from_string(time_str); - conv = ::ds::to_x509_time_string(tp); + tp = ccf::ds::time_point_from_string(time_str); + conv = ccf::ds::to_x509_time_string(tp); REQUIRE(conv == "20220407073749Z"); time_str = "2022-04-07T10:37:49.567612Z"; - tp = ::ds::time_point_from_string(time_str); - conv = ::ds::to_x509_time_string(tp); + tp = ccf::ds::time_point_from_string(time_str); + conv = ccf::ds::to_x509_time_string(tp); REQUIRE(conv == "20220407103749Z"); time_str = "220425165619+0000"; - tp = ::ds::time_point_from_string(time_str); - conv = ::ds::to_x509_time_string(tp); + tp = ccf::ds::time_point_from_string(time_str); + conv = ccf::ds::to_x509_time_string(tp); REQUIRE(conv == "20220425165619Z"); time_str = "220425165619+0200"; - tp = ::ds::time_point_from_string(time_str); - conv = ::ds::to_x509_time_string(tp); + tp = ccf::ds::time_point_from_string(time_str); + conv = ccf::ds::to_x509_time_string(tp); REQUIRE(conv == "20220425145619Z"); time_str = "20220425165619-0300"; - tp = ::ds::time_point_from_string(time_str); - conv = ::ds::to_x509_time_string(tp); + tp = ccf::ds::time_point_from_string(time_str); + conv = ccf::ds::to_x509_time_string(tp); REQUIRE(conv == "20220425195619Z"); } @@ -987,9 +987,9 @@ TEST_CASE("x509 time") auto to = ccf::crypto::OpenSSL::Unique_X509_TIME(adjusted_time); // Convert to string and back to time_points - auto from_conv = ::ds::time_point_from_string( + auto from_conv = ccf::ds::time_point_from_string( ccf::crypto::OpenSSL::to_x509_time_string(from)); - auto to_conv = ::ds::time_point_from_string( + auto to_conv = ccf::ds::time_point_from_string( ccf::crypto::OpenSSL::to_x509_time_string(to)); // Diff is still the same amount of days @@ -1007,7 +1007,7 @@ TEST_CASE("x509 time") for (auto const& days_offset : days_offsets) { auto adjusted_time = time + std::chrono::days(days_offset); - auto adjusted_str = ::ds::to_x509_time_string(adjusted_time); + auto adjusted_str = ccf::ds::to_x509_time_string(adjusted_time); auto asn1_time = ccf::crypto::OpenSSL::Unique_X509_TIME(adjusted_str); auto converted_str = ccf::crypto::OpenSSL::to_x509_time_string(asn1_time); REQUIRE(converted_str == adjusted_str); diff --git a/src/crypto/test/kp_cert.cpp b/src/crypto/test/kp_cert.cpp index f7140359a1fb..cf1337a43dd8 100644 --- a/src/crypto/test/kp_cert.cpp +++ b/src/crypto/test/kp_cert.cpp @@ -7,7 +7,8 @@ #include constexpr size_t certificate_validity_period_days = 365; -auto valid_from = ::ds::to_x509_time_string(std::chrono::system_clock::now()); +auto valid_from = + ccf::ds::to_x509_time_string(std::chrono::system_clock::now()); auto valid_to = ccf::crypto::compute_cert_valid_to_string( valid_from, certificate_validity_period_days); diff --git a/src/endpoints/authentication/cert_auth.cpp b/src/endpoints/authentication/cert_auth.cpp index ac3e8aeb4771..e02452f169a7 100644 --- a/src/endpoints/authentication/cert_auth.cpp +++ b/src/endpoints/authentication/cert_auth.cpp @@ -3,6 +3,7 @@ #include "ccf/endpoints/authentication/cert_auth.h" +#include "ccf/ds/x509_time_fmt.h" #include "ccf/pal/locking.h" #include "ccf/rpc_context.h" #include "ccf/service/tables/members.h" @@ -11,8 +12,6 @@ #include "ds/lru.h" #include "enclave/enclave_time.h" -#include - namespace ccf { struct ValidityPeriodsCache @@ -50,12 +49,12 @@ namespace ccf const auto valid_from_unix_time = duration_cast( - ::ds::time_point_from_string(valid_from_timestring) + ccf::ds::time_point_from_string(valid_from_timestring) .time_since_epoch()) .count(); const auto valid_to_unix_time = duration_cast( - ::ds::time_point_from_string(valid_to_timestring) + ccf::ds::time_point_from_string(valid_to_timestring) .time_since_epoch()) .count(); diff --git a/src/host/main.cpp b/src/host/main.cpp index e40503715b4b..614bfecd07d0 100644 --- a/src/host/main.cpp +++ b/src/host/main.cpp @@ -3,6 +3,7 @@ #include "ccf/ds/logger.h" #include "ccf/ds/unit_strings.h" +#include "ccf/ds/x509_time_fmt.h" #include "ccf/pal/attestation.h" #include "ccf/pal/platform.h" #include "ccf/version.h" @@ -28,7 +29,6 @@ #include "time_updater.h" #include -#include #include #include #include @@ -593,7 +593,7 @@ int main(int argc, char** argv) LOG_INFO_FMT("Startup host time: {}", startup_host_time); startup_config.startup_host_time = - ::ds::to_x509_time_string(startup_host_time); + ccf::ds::to_x509_time_string(startup_host_time); if (config.command.type == StartType::Start) { diff --git a/src/node/rpc/test/frontend_test_infra.h b/src/node/rpc/test/frontend_test_infra.h index 1ba5aa351d9b..370970e9c522 100644 --- a/src/node/rpc/test/frontend_test_infra.h +++ b/src/node/rpc/test/frontend_test_infra.h @@ -31,7 +31,7 @@ using TResponse = ::http::SimpleResponseProcessor::Response; constexpr size_t certificate_validity_period_days = 365; using namespace std::literals; auto valid_from = - ::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); + ccf::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); auto valid_to = ccf::crypto::compute_cert_valid_to_string( valid_from, certificate_validity_period_days); @@ -118,7 +118,7 @@ std::unique_ptr make_test_network_ident() { using namespace std::literals; const auto valid_from = - ::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); + ccf::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); return std::make_unique( "CN=CCF test network", ccf::crypto::service_identity_curve_choice, diff --git a/src/node/test/channels.cpp b/src/node/test/channels.cpp index 462b1fa9ec06..506c17a7b271 100644 --- a/src/node/test/channels.cpp +++ b/src/node/test/channels.cpp @@ -79,12 +79,13 @@ static std::pair make_validity_pair(bool expired) if (expired) { return std::make_pair( - ::ds::to_x509_time_string(now - std::chrono::days(2 * validity_days)), + ccf::ds::to_x509_time_string(now - std::chrono::days(2 * validity_days)), validity_days); } else { - return std::make_pair(::ds::to_x509_time_string(now - 24h), validity_days); + return std::make_pair( + ccf::ds::to_x509_time_string(now - 24h), validity_days); } } diff --git a/src/node/test/historical_queries.cpp b/src/node/test/historical_queries.cpp index 5959b38489d4..8b31b78636ec 100644 --- a/src/node/test/historical_queries.cpp +++ b/src/node/test/historical_queries.cpp @@ -31,7 +31,7 @@ using NumToString = ccf::kv::Map; constexpr size_t certificate_validity_period_days = 365; using namespace std::literals; auto valid_from = - ::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); + ccf::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); auto valid_to = ccf::crypto::compute_cert_valid_to_string( valid_from, certificate_validity_period_days); diff --git a/src/node/test/history.cpp b/src/node/test/history.cpp index 33ac2d56c269..91cad0b6e937 100644 --- a/src/node/test/history.cpp +++ b/src/node/test/history.cpp @@ -4,6 +4,7 @@ #include "ccf/app_interface.h" #include "ccf/ds/logger.h" +#include "ccf/ds/x509_time_fmt.h" #include "ccf/service/tables/nodes.h" #include "crypto/certs.h" #include "crypto/openssl/hash.h" @@ -13,8 +14,6 @@ #include "kv/test/stub_consensus.h" #include "service/tables/signatures.h" -#include - #define DOCTEST_CONFIG_IMPLEMENT #include #undef FAIL @@ -27,7 +26,7 @@ using MapT = ccf::kv::Map; constexpr size_t certificate_validity_period_days = 365; using namespace std::literals; auto valid_from = - ::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); + ccf::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); auto valid_to = ccf::crypto::compute_cert_valid_to_string( valid_from, certificate_validity_period_days); diff --git a/src/node/test/receipt.cpp b/src/node/test/receipt.cpp index 129561e7f8d9..ae8a706327df 100644 --- a/src/node/test/receipt.cpp +++ b/src/node/test/receipt.cpp @@ -4,11 +4,11 @@ #include "ccf/receipt.h" #include "ccf/crypto/key_pair.h" +#include "ccf/ds/x509_time_fmt.h" #include "ccf/service/tables/nodes.h" #include "crypto/openssl/hash.h" #include "crypto/openssl/key_pair.h" -#include #include #include #include @@ -31,9 +31,9 @@ void populate_receipt(std::shared_ptr receipt) { using namespace std::literals; const auto valid_from = - ::ds::to_x509_time_string(std::chrono::system_clock::now() - 1h); + ccf::ds::to_x509_time_string(std::chrono::system_clock::now() - 1h); const auto valid_to = - ::ds::to_x509_time_string(std::chrono::system_clock::now() + 1h); + ccf::ds::to_x509_time_string(std::chrono::system_clock::now() + 1h); auto node_kp = ccf::crypto::make_key_pair(); auto node_cert = node_kp->self_sign("CN=node", valid_from, valid_to); diff --git a/src/tls/test/main.cpp b/src/tls/test/main.cpp index 51bf6740c0c5..6e619baf6713 100644 --- a/src/tls/test/main.cpp +++ b/src/tls/test/main.cpp @@ -223,7 +223,7 @@ static ccf::crypto::Pem generate_self_signed_cert( using namespace std::literals; constexpr size_t certificate_validity_period_days = 365; auto valid_from = - ::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); + ccf::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); return ccf::crypto::create_self_signed_cert( kp, name, {}, valid_from, certificate_validity_period_days); @@ -239,7 +239,7 @@ static ccf::crypto::Pem generate_endorsed_cert( using namespace std::literals; auto valid_from = - ::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); + ccf::ds::to_x509_time_string(std::chrono::system_clock::now() - 24h); return ccf::crypto::create_endorsed_cert( kp,