Thanks Tan! that worked, I'm wondering if there is a way of reading the
dates directly to a string buffer my code now reads:
One more question, how do you read the certificate authority from the cert?
// Read in certificate dates
// there must be a better way of doing this!
char bigBuffer[1024];
BIO *out;
char * tmpFile = getTempFile();
out = BIO_new_file(tmpFile, "w+");
BIO_printf(out, "DateValid.From:");
ASN1_TIME_print(out, X509_get_notBefore(cert));
BIO_printf(out, "\r\nDateValid.To:");
ASN1_TIME_print(out, X509_get_notAfter(cert));
BIO_printf(out, "\r\n");
BIO_free(out);
FILE *fp = NULL;
fp = fopen(tmpFile, "rb");
if (fp) {
// find file size
fseek(fp,0,SEEK_END);
int l = ftell(fp) + 1;
rewind(fp);
// read entire file
fread(bigBuffer, l, 1, fp);
// null terminate the buffer
*(bigBuffer + l) = '\0';
fclose(fp);
}
_unlink(tmpFile);
free(tmpFile);
//////////////////////////////////////
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tan Eng Ten
Sent: Thursday, 26 May 2005 10:30 AM
To: openssl-users@openssl.org
Subject: Re: X509 Cert dates
Hi,
U could try:
BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE);
ASN1_TIME_print(bio, X509_get_notBefore(cert));
BIO_free(bio);
Tell me if it works.
Pj wrote:
Hi All,
How can I print localised, human readable certificate dates into a null
terminated string buffer?
I wish to present the cert dates to the user as well as the fact that the
dates are valid or invalid.
Can someone point me to a good source for X509 manipulation?
At the moment my function reads:
void dumpCertificate(X509 *cert, char *fileName)
{
char buf[2044];
int ret;
X509_NAME *subj = X509_get_subject_name(cert);
X509_NAME *issuer = X509_get_issuer_name(cert);
FILE *fp;
unlink(fileName);
fp = fopen(fileName,"w");
if (!fp) return;
/* check expiry dates */
if (X509_cmp_current_time(X509_get_notBefore(cert)) >= 0) {
fprintf(fp, "DateValid:false:Certificate date not yet
valid\n");
}
else if (X509_cmp_current_time(X509_get_notAfter(cert)) <= 0)
{
fprintf(fp, "DateValid:false:Certificate date
expired\n");
}
else
fprintf(fp, "DateValid:true\n");
/* Subject commonName */
ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
NID_commonName, buf, 1024);
fprintf(fp, "Subject.CommonName:%s\n",(ret < 1)?"":buf);
/* Subject Organization name */
ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
NID_organizationName, buf, 1024);
fprintf(fp, "Subject.OrganizationName:%s\n",(ret < 1)?"":buf);
/* Subject Email Address */
ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
NID_pkcs9_emailAddress, buf, 1024);
fprintf(fp, "Subject.Email:%s\n",(ret < 1)?"":buf);
/* Issuer Organization name */
ret = X509_NAME_get_text_by_NID(X509_get_issuer_name(cert),
NID_organizationName, buf, 1024);
fprintf(fp, "Issuer.OrganizationName:%s\n",(ret < 1)?"":buf);
fclose(fp);
}
Thanks Heaps!
Phillip.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
