Loading apps/x509.c +27 −0 Original line number Diff line number Diff line Loading @@ -113,6 +113,8 @@ static char *x509_usage[]={ " -addreject arg - reject certificate for a given purpose\n", " -setalias arg - set certificate alias\n", " -days arg - How long till expiry of a signed certificate - def 30 days\n", " -checkend arg - check whether the cert expires in the next arg seconds\n", " exit 1 if so, 0 if not\n", " -signkey arg - self sign cert with arg\n", " -x509toreq - output a certification request object\n", " -req - input is a certificate request, sign and output.\n", Loading Loading @@ -173,6 +175,7 @@ int MAIN(int argc, char **argv) LHASH *extconf = NULL; char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL; int need_rand = 0; int checkend=0,checkoffset=0; reqfile=0; Loading Loading @@ -353,6 +356,12 @@ int MAIN(int argc, char **argv) startdate= ++num; else if (strcmp(*argv,"-enddate") == 0) enddate= ++num; else if (strcmp(*argv,"-checkend") == 0) { if (--argc < 1) goto bad; checkoffset=atoi(*(++argv)); checkend=1; } else if (strcmp(*argv,"-noout") == 0) noout= ++num; else if (strcmp(*argv,"-trustout") == 0) Loading Loading @@ -839,6 +848,24 @@ bad: } } if(checkend) { time_t t=ASN1_UTCTIME_get(X509_get_notAfter(x)); time_t tnow=time(NULL); if(tnow+checkoffset > t) { BIO_printf(out,"Certificate will expire\n"); ret=1; } else { BIO_printf(out,"Certificate will not expire\n"); ret=0; } goto end; } if (noout) { ret=0; Loading crypto/asn1/a_utctm.c +29 −0 Original line number Diff line number Diff line Loading @@ -264,3 +264,32 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) #endif return(s); } time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s) { struct tm tm; int offset; memset(&tm,'\0',sizeof tm); #define g2(p) (((p)[0]-'0')*10+(p)[1]-'0') tm.tm_year=g2(s->data); if(tm.tm_year < 50) tm.tm_year+=100; tm.tm_mon=g2(s->data+2)-1; tm.tm_mday=g2(s->data+4); tm.tm_hour=g2(s->data+6); tm.tm_min=g2(s->data+8); tm.tm_sec=g2(s->data+10); if(s->data[12] == 'Z') offset=0; else { offset=g2(s->data+13)*60+g2(s->data+15); if(s->data[12] == '-') offset= -offset; } #undef g2 return timegm(&tm)-offset*60; } crypto/asn1/asn1.h +1 −0 Original line number Diff line number Diff line Loading @@ -579,6 +579,7 @@ ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a,unsigned char **pp, int ASN1_UTCTIME_check(ASN1_UTCTIME *a); ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t); int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str); time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a); ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t); Loading Loading
apps/x509.c +27 −0 Original line number Diff line number Diff line Loading @@ -113,6 +113,8 @@ static char *x509_usage[]={ " -addreject arg - reject certificate for a given purpose\n", " -setalias arg - set certificate alias\n", " -days arg - How long till expiry of a signed certificate - def 30 days\n", " -checkend arg - check whether the cert expires in the next arg seconds\n", " exit 1 if so, 0 if not\n", " -signkey arg - self sign cert with arg\n", " -x509toreq - output a certification request object\n", " -req - input is a certificate request, sign and output.\n", Loading Loading @@ -173,6 +175,7 @@ int MAIN(int argc, char **argv) LHASH *extconf = NULL; char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL; int need_rand = 0; int checkend=0,checkoffset=0; reqfile=0; Loading Loading @@ -353,6 +356,12 @@ int MAIN(int argc, char **argv) startdate= ++num; else if (strcmp(*argv,"-enddate") == 0) enddate= ++num; else if (strcmp(*argv,"-checkend") == 0) { if (--argc < 1) goto bad; checkoffset=atoi(*(++argv)); checkend=1; } else if (strcmp(*argv,"-noout") == 0) noout= ++num; else if (strcmp(*argv,"-trustout") == 0) Loading Loading @@ -839,6 +848,24 @@ bad: } } if(checkend) { time_t t=ASN1_UTCTIME_get(X509_get_notAfter(x)); time_t tnow=time(NULL); if(tnow+checkoffset > t) { BIO_printf(out,"Certificate will expire\n"); ret=1; } else { BIO_printf(out,"Certificate will not expire\n"); ret=0; } goto end; } if (noout) { ret=0; Loading
crypto/asn1/a_utctm.c +29 −0 Original line number Diff line number Diff line Loading @@ -264,3 +264,32 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) #endif return(s); } time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s) { struct tm tm; int offset; memset(&tm,'\0',sizeof tm); #define g2(p) (((p)[0]-'0')*10+(p)[1]-'0') tm.tm_year=g2(s->data); if(tm.tm_year < 50) tm.tm_year+=100; tm.tm_mon=g2(s->data+2)-1; tm.tm_mday=g2(s->data+4); tm.tm_hour=g2(s->data+6); tm.tm_min=g2(s->data+8); tm.tm_sec=g2(s->data+10); if(s->data[12] == 'Z') offset=0; else { offset=g2(s->data+13)*60+g2(s->data+15); if(s->data[12] == '-') offset= -offset; } #undef g2 return timegm(&tm)-offset*60; }
crypto/asn1/asn1.h +1 −0 Original line number Diff line number Diff line Loading @@ -579,6 +579,7 @@ ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a,unsigned char **pp, int ASN1_UTCTIME_check(ASN1_UTCTIME *a); ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t); int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str); time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a); ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t); Loading
