+ ASN1_TIME* tm = X509_get_notBefore( ca );
+ notBefore = std::shared_ptr<ASN1_TIME>( tm, ASN1_TIME_free );
+ std::size_t pos = name.find("_");
+ if (pos == std::string::npos) {
+ throw new std::invalid_argument("ca name: " + name + " is malformed.");
+ }
+ std::size_t pos2 = name.find("_", pos + 1);
+ if (pos2 == std::string::npos) {
+ throw new std::invalid_argument("ca name: " + name + " is malformed.");
+ }
+ crlURL = crlPrefix + "/g2/" + name.substr(pos+1, pos2-pos - 1) + "/" + name.substr(0,pos) + "-" + name.substr(pos2+1) + ".crl";
+ crtURL = crtPrefix + "/g2/" + name.substr(pos+1, pos2-pos - 1) + "/" + name.substr(0,pos) + "-" + name.substr(pos2+1) + ".crt";
+}
+
+std::string timeToString( std::shared_ptr<ASN1_TIME> time ) {
+ std::shared_ptr<ASN1_GENERALIZEDTIME> gtime( ASN1_TIME_to_generalizedtime( time.get(), 0 ) );
+ std::string strdate( ( char* ) ASN1_STRING_data( gtime.get() ), ASN1_STRING_length( gtime.get() ) );
+
+ logger::notef("openssl formatted me a date: %s", strdate);
+ if( strdate[strdate.size() - 1] != 'Z' ) {
+ throw "Got invalid date?";
+ }
+
+ return strdate.substr( 0, strdate.size() - 1 );
+}
+
+void extractTimes( std::shared_ptr<X509> target, std::shared_ptr<SignedCertificate> cert ) {
+ cert->before = timeToString( std::shared_ptr<ASN1_TIME>( X509_get_notBefore( target.get() ), ASN1_TIME_free ) );
+ cert->after = timeToString( std::shared_ptr<ASN1_TIME>( X509_get_notAfter( target.get() ), ASN1_TIME_free ) );
+}
+
+bool CAConfig::crlNeedsResign() {
+ auto crl = std::make_shared<CRL>( path + "/ca.crl" );
+ return crl->needsResign();