X509 cert time

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

X509 cert time

vipin rathor
hi all,
   now i'm able to get the certificate timing info. by using the call X509_get_notAfter() and X509_get_notBefore()....but they are returning the values in integer type( in my case, both return 13 and 13)
  so anybody can help me out to get the timing info. in proper date format.
 
Thanks and regards,
-Vipin


Yahoo! Mail
Bring photos to life! New PhotoMail makes sharing a breeze.
Reply | Threaded
Open this post in threaded view
|

RE: X509 cert time

JoelKatz

> hi all,
>    now i'm able to get the certificate timing info. by using the call
X509_get_notAfter() and X509
> _get_notBefore()....but they are returning the values in integer type( in
my case, both return 13 and 13)
>  so anybody can help me out to get the timing info. in proper date format.

        Most likely you are mishandling the result type. The return value is an
ASN1_STRING, which is a structure. The first thing in it is its length in
bytes, which is typically 13 for a time.

        Time is typically encoded as "YYMMDDHHMMSSZ" which is 13 characters. How
are you getting '13'? What does your call to X509_get_notAfter actually look
like?

        DS


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: X509 cert time

vipin rathor
hi DS,
     here is the code snippet i'm using:
 
X509 *cert;
FILE fp;
fp=fopen("cacert.der","r");
/* error check*/
cert=d2i_X509_fp(fp,NULL);
/* error check*/
printf("Valid From : %d",X509_get_notBefore(cert)); 
/*gives 13 and when printed using %s, it gives segmentation fault*/
 
   actually, the call X509_get_notBefore() is a macro defined in ssl.h as
 
#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)

and the data type of the member 'notBefore' is ASN1_TIME . am i doing something wrong and do u have any idea that how can i parse and print the date elements?

thanx and regards,
-Vipin


Yahoo! Mail
Use Photomail to share photos without annoying attachments.
Reply | Threaded
Open this post in threaded view
|

RE: X509 cert time

Stefan Vatev

> hi DS,
>        here is the code snippet i'm using:
>
>   X509 *cert;
>   FILE fp;
>   fp=fopen("cacert.der","r");
>   /* error check*/
>   cert=d2i_X509_fp(fp,NULL);
>   /* error check*/
>   printf("Valid From : %d",X509_get_notBefore(cert));
>   /*gives 13 and when printed using %s, it gives
> segmentation fault*/
>
>      actually, the call X509_get_notBefore() is a macro
> defined in ssl.h as
>
>   #define X509_get_notBefore(x)
> ((x)->cert_info->validity->notBefore)
>
> and the data type of the member 'notBefore' is ASN1_TIME
> . am i doing something wrong and do u have any idea that
> how can i parse and print the date elements?
>
> thanx and regards,
>   -Vipin
>


Well, if you just want to print a date, use
ASN1_TIME_print(BIO*, ASN1_TIME*)




-----------------------------

Хостинг от Tophost.bg
99,9 % uptime
24/7 поддръжка
отлична видимост от цял свят.
http://www.tophost.bg/

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: X509 cert time

michael Dorrian
Stephan,
This function "X509_get_notBefore(cert));" returns a ASN1_TIME pointer so u cannot print out the results using %d which is for integers or maybe it prints out something but not correct. Now just call like this:
ASN1_TIME *cert_time;
char *pstring;
cert_time = X509_get_notBefore(cert));
pstring = (char*)cert_time->data;
printf("Time unformatted is: %s",pstring);
The format should be like "YYMMDDHHMMSSZ" as someone previously said. 
I am sorry i did not parse this but i am sure you can figure it out yourself.
Good luck!

Stefan Vatev <[hidden email]> wrote:

> hi DS,
> here is the code snippet i'm using:
>
> X509 *cert;
> FILE fp;
> fp=fopen("cacert.der","r");
> /* error check*/
> cert=d2i_X509_fp(fp,NULL);
> /* error check*/
> printf("Valid From : %d",X509_get_notBefore(cert));
> /*gives 13 and when printed using %s, it gives
> segmentation fault*/
>
> actually, the call X509_get_notBefore() is a macro
> defined in ssl.h as
>
> #define X509_get_notBefore(x)
> ((x)->cert_info->validity->notBefore)
>
> and the data type of the member 'notBefore' is ASN1_TIME
> . am i doing something wrong and do u have any idea that
> how can i parse and print the date elements?
>
> thanx and regards,
> -Vipin
>


Well, if you just want to print a date, use
ASN1_TIME_print(BIO*, ASN1_TIME*)




-----------------------------

ÕúBòèûB úC Tophost.bg
99,9 % uptime
24/7 EääðúæêE
úCE÷íEâèäèEñò úC EEñâÿE
http://www.tophost.bg/

______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [hidden email]
Automated List Manager [hidden email]


Yahoo! Mail
Bring photos to life! New PhotoMail makes sharing a breeze.