On 7 Nov 2012, at 14:35, Graham Leggett wrote:
> I would like to know how long a CRL has until it expires in seconds (or milli
> or microseconds, don't care, I can convert), and am struggling to find a
> formally supported way to do this.
>
> What I would like to do is return the difference between a given ASN1_TIME
> and the current time, or two ASN1_TIME values (don't care which, I can
> generate an ASN1_TIME from the current time).
The bit of code I stole from x509/x509_vfy.c works for me.
Dw.
if(!(X509_CRL_get_nextUpdate(crl))
return -1;
int i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime);
if (i == 0)
return -1; // could not parse date
/* Ignore expiry of base CRL is delta is valid */
if ((i < 0) && !(ctx->current_crl_score & CRL_SCORE_TIME_DELTA))
return -1;
return 0;
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
