table of contents
- bookworm 3.0.14-1~deb12u1
- testing 3.3.2-1
- unstable 3.3.2-1
- experimental 3.4.0~~beta1-2
X509_GET0_NOTBEFORE(3SSL) | OpenSSL | X509_GET0_NOTBEFORE(3SSL) |
NAME¶
X509_get0_notBefore, X509_getm_notBefore, X509_get0_notAfter, X509_getm_notAfter, X509_set1_notBefore, X509_set1_notAfter, X509_ACERT_get0_notBefore, X509_ACERT_get0_notAfter, X509_ACERT_set1_notBefore, X509_ACERT_set1_notAfter, X509_CRL_get0_lastUpdate, X509_CRL_get0_nextUpdate, X509_CRL_set1_lastUpdate, X509_CRL_set1_nextUpdate - get or set certificate or CRL dates
SYNOPSIS¶
#include <openssl/x509.h> const ASN1_TIME *X509_get0_notBefore(const X509 *x); const ASN1_TIME *X509_get0_notAfter(const X509 *x); ASN1_TIME *X509_getm_notBefore(const X509 *x); ASN1_TIME *X509_getm_notAfter(const X509 *x); int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm); int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm); const ASN1_GENERALIZEDTIME *X509_ACERT_get0_notBefore(const X509 *x); const ASN1_GENERALIZEDTIME *X509_ACERT_get0_notAfter(const X509 *x); int X509_ACERT_set1_notBefore(X509_ACERT *x, const ASN1_GENERALIZEDTIME *tm); int X509_ACERT_set1_notAfter(X509_ACERT *x, const ASN1_GENERALIZEDTIME *tm); const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl); const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl); int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm); int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
DESCRIPTION¶
X509_get0_notBefore() and X509_get0_notAfter() return the notBefore and notAfter fields of certificate x respectively. The value returned is an internal pointer which must not be freed up after the call.
X509_getm_notBefore() and X509_getm_notAfter() are similar to X509_get0_notBefore() and X509_get0_notAfter() except they return non-constant mutable references to the associated date field of the certificate.
X509_set1_notBefore() and X509_set1_notAfter() set the notBefore and notAfter fields of x to tm. Ownership of the passed parameter tm is not transferred by these functions so it must be freed up after the call.
X509_ACERT_get0_notBefore() and X509_ACERT_get0_notAfter() return the notBefore and notAfter fields of certificate x respectively. returned is an internal pointer which must not be freed up after the call.
X509_ACERT_set1_notBefore() and X509_ACERT_set1_notAfter() set the notBefore and notAfter fields of x to tm. Ownership of the passed parameter tm is not transferred by these functions so it must be freed up after the call.
X509_CRL_get0_lastUpdate() and X509_CRL_get0_nextUpdate() return the lastUpdate and nextUpdate fields of crl. The value returned is an internal pointer which must not be freed up after the call. If the nextUpdate field is absent from crl then NULL is returned.
X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() set the lastUpdate and nextUpdate fields of crl to tm. Ownership of the passed parameter tm is not transferred by these functions so it must be freed up after the call. For X509_CRL_set1_nextUpdate() the tm argument may be NULL, which implies removal of the optional nextUpdate field.
RETURN VALUES¶
X509_get0_notBefore(), X509_get0_notAfter() and X509_CRL_get0_lastUpdate() return a pointer to an ASN1_TIME structure.
X509_CRL_get0_lastUpdate() return a pointer to an ASN1_TIME structure or NULL if the lastUpdate field is absent.
X509_set1_notBefore(), X509_set1_notAfter(), X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() return 1 for success or 0 for failure.
NOTES¶
Unlike the X509 and X509_CRL routines, the X509_ACERT routines use the ASN1_GENERALIZEDTIME format instead of ASN1_TIME for holding time data.
SEE ALSO¶
d2i_X509(3), ASN1_GENERALIZEDTIME_check(3) ERR_get_error(3), X509_CRL_get0_by_serial(3), X509_get0_signature(3), X509_get_ext_d2i(3), X509_get_extension_flags(3), X509_get_pubkey(3), X509_get_subject_name(3), X509_NAME_add_entry_by_txt(3), X509_NAME_ENTRY_get_object(3), X509_NAME_get_index_by_NID(3), X509_NAME_print_ex(3), X509_new(3), X509_sign(3), X509V3_get_d2i(3), X509_verify_cert(3)
HISTORY¶
These functions are available in all versions of OpenSSL.
X509_get_notBefore() and X509_get_notAfter() were deprecated in OpenSSL 1.1.0
COPYRIGHT¶
Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.
2024-10-13 | 3.4.0-beta1 |