Support 64-bit certificate timesHEADmastermain

The KeyMint VTS tests send some 64-bit before/after
time values. Switch from time_t to int64_t to fix
test breakage on 32-bit Trusty builds.

Bug: 334992641
Test: qemu-generic-arm64u32-test-debug: \
    VtsAidlKeyMintTargetTest \
    --gtest_filter="*WithSpecified*"
Change-Id: I6e7c3e13102d3720394f595cba3630aae976e2de

1 files changed, 4 insertions, 4 deletions

diff --git a/km_openssl/certificate_utils.cpp b/km_openssl/certificate_utils.cpp
index 2cbae99..05fc253 100644
--- a/km_openssl/certificate_utils.cpp
+++ b/km_openssl/certificate_utils.cpp
@@ -271,8 +271,8 @@ keymaster_error_t make_cert_rump(const X509_NAME* issuer,
     // Set activation date.
     ASN1_TIME_Ptr notBefore(ASN1_TIME_new());
     LOG_D("Setting notBefore to %" PRId64, cert_params.active_date_time / 1000);
-    time_t notBeforeTime = static_cast<time_t>(cert_params.active_date_time / 1000);
-    if (!notBefore.get() || !ASN1_TIME_set(notBefore.get(), notBeforeTime) ||
+    int64_t notBeforeTime = cert_params.active_date_time / 1000;
+    if (!notBefore.get() || !ASN1_TIME_set_posix(notBefore.get(), notBeforeTime) ||
         !X509_set_notBefore(certificate.get(), notBefore.get() /* Don't release; copied */)) {
         return TranslateLastOpenSslError();
     }
@@ -280,9 +280,9 @@ keymaster_error_t make_cert_rump(const X509_NAME* issuer,
     // Set expiration date.
     ASN1_TIME_Ptr notAfter(ASN1_TIME_new());
     LOG_D("Setting notAfter to %" PRId64, cert_params.expire_date_time / 1000);
-    time_t notAfterTime = static_cast<time_t>(cert_params.expire_date_time / 1000);
+    int64_t notAfterTime = cert_params.expire_date_time / 1000;
 
-    if (!notAfter.get() || !ASN1_TIME_set(notAfter.get(), notAfterTime) ||
+    if (!notAfter.get() || !ASN1_TIME_set_posix(notAfter.get(), notAfterTime) ||
         !X509_set_notAfter(certificate.get(), notAfter.get() /* Don't release; copied */)) {
         return TranslateLastOpenSslError();
     }