From ac78ce19b1a729ddc61f0a9d74d69e6bd81916ac Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Tue, 25 Jun 2024 15:20:06 +0800 Subject: [PATCH] update timestamp Signed-off-by: Patrick Zheng --- verifier/verifier.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/verifier/verifier.go b/verifier/verifier.go index 5d6a9137..e8b30527 100644 --- a/verifier/verifier.go +++ b/verifier/verifier.go @@ -655,11 +655,11 @@ func verifyAuthenticTimestamp(ctx context.Context, trustPolicy *trustpolicy.Trus } } logger.Info("TSA identity is: ", tsaCertChain[0].Subject) + timeStampLowerLimit = ts.Add(-accuracy) + timeStampUpperLimit = ts.Add(accuracy) // 4. Perform the timestamping certificate chain revocation check if !trustPolicy.SignatureVerification.SkipTimestampRevocationCheck { logger.Info("Checking timestamping certificate chain revocation...") - timeStampLowerLimit = ts.Add(-accuracy) - timeStampUpperLimit = ts.Add(accuracy) certResults, err := revocation.ValidateTimestampCertChain(tsaCertChain, timeStampUpperLimit, &http.Client{Timeout: 5 * time.Second}) if err != nil { return ¬ation.ValidationResult{