DragonFly On-Line Manual Pages

Search: Section:  

X509_GET0_NOTBEFORE(3)                      DragonFly Library Functions Manual


X509_get0_notBefore, X509_get0_notAfter, X509_getm_notBefore, X509_getm_notAfter, X509_get_notBefore, X509_get_notAfter, X509_CRL_get0_lastUpdate, X509_CRL_get0_nextUpdate, X509_CRL_get_lastUpdate, X509_CRL_get_nextUpdate, X509_set1_notBefore, X509_set1_notAfter, X509_set_notBefore, X509_set_notAfter, X509_CRL_set1_lastUpdate, X509_CRL_set1_nextUpdate, X509_CRL_set_lastUpdate, X509_CRL_set_nextUpdate - get and set certificate and CRL validity dates


#include <openssl/x509.h> const ASN1_TIME * X509_get0_notBefore(const X509 *x); const ASN1_TIME * X509_get0_notAfter(const X509 *x); ASN1_TIME * X509_getm_notBefore(const X509 *x); ASN1_TIME * X509_getm_notAfter(const X509 *x); ASN1_TIME * X509_get_notBefore(const X509 *x); ASN1_TIME * X509_get_notAfter(const X509 *x); const ASN1_TIME * X509_CRL_get0_lastUpdate(const X509_CRL *crl); const ASN1_TIME * X509_CRL_get0_nextUpdate(const X509_CRL *crl); ASN1_TIME * X509_CRL_get_lastUpdate(X509_CRL *crl); ASN1_TIME * X509_CRL_get_nextUpdate(X509_CRL *crl); int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm); int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm); int X509_set_notBefore(X509 *x, const ASN1_TIME *tm); int X509_set_notAfter(X509 *x, const ASN1_TIME *tm); int X509_CRL_set1_lastUpdate(X509_CRL *crl, const ASN1_TIME *tm); int X509_CRL_set1_nextUpdate(X509_CRL *crl, const ASN1_TIME *tm); int X509_CRL_set_lastUpdate(X509_CRL *crl, const ASN1_TIME *tm); int X509_CRL_set_nextUpdate(X509_CRL *crl, const ASN1_TIME *tm);


X509_getm_notBefore() and X509_getm_notAfter() return pointers to the notBefore and notAfter fields of the validity period of the certificate x, respectively. X509_get_notBefore() and X509_get_notAfter() are deprecated aliases implemented as macros. X509_get0_notBefore() and X509_get0_notAfter() are identical except for the const qualifier on the return type. X509_CRL_get0_lastUpdate() and X509_CRL_get0_nextUpdate() return pointers to the lastUpdate and nextUpdate fields of crl. X509_CRL_get_lastUpdate() and X509_CRL_get_nextUpdate() are deprecated and identical except for the const qualifier on the argument and on the return type. X509_set1_notBefore(), X509_set1_notAfter(), X509_CRL_set1_lastUpdate(), and X509_CRL_set1_nextUpdate() set the notBefore, notAfter, lastUpdate, or nextUpdate field of x or crl, respectively, to a deep copy of tm and free the ASN1_TIME value that they replace. X509_set_notBefore(), X509_set_notAfter(), X509_CRL_set_lastUpdate(), and X509_CRL_set_nextUpdate() are deprecated aliases.


The get functions return internal pointers which must not be freed by the application, or NULL if the requested field is not available. They may crash with a NULL pointer access if x or crl is NULL. The set functions return 1 on success or 0 on failure. They fail if x is NULL or does not contain a validity substructure, if crl is NULL, or if ASN1_STRING_dup(3) fails. Except for some cases of ASN1_STRING_dup(3) failure, these functions do not support determining reasons for failure with ERR_get_error(3).


ASN1_TIME_set(3), ASN1_TIME_set_tm(3), X509_cmp_time(3), X509_CRL_get0_by_serial(3), X509_CRL_new(3), X509_get_subject_name(3), X509_new(3), X509_sign(3), X509_VAL_new(3), X509_verify_cert(3)


X509_get_notBefore(), X509_get_notAfter(), X509_set_notBefore(), and X509_set_notAfter() first appeared in SSLeay 0.6.5 and have been available since OpenBSD 2.4. X509_CRL_get_lastUpdate() and X509_CRL_get_nextUpdate() first appeared in OpenSSL 0.9.2 and have been available since OpenBSD 2.6. X509_CRL_set_lastUpdate() and X509_CRL_set_nextUpdate() first appeared in OpenSSL 0.9.7 and have been available since OpenBSD 3.2. The remaining functions first appeared in OpenSSL 1.1.0 and have been available since OpenBSD 6.3. DragonFly 6.1-DEVELOPMENT June 24, 2020 DragonFly 6.1-DEVELOPMENT

Search: Section: