if( time != "" ) {
const unsigned char* data = ( unsigned char* )( time.data() );
- d2i_ASN1_UTCTIME( &rev->revocationDate, &data, time.size() );
+ d2i_ASN1_TIME( &rev->revocationDate, &data, time.size() );
} else {
X509_REVOKED_set_revocationDate( rev, tmptm.get() );
}
X509_CRL_add0_revoked( crl.get(), rev );
- int len = i2d_ASN1_UTCTIME( tmptm.get(), NULL );
+ int len = i2d_ASN1_TIME( tmptm.get(), NULL );
unsigned char* buffer = ( unsigned char* ) OPENSSL_malloc( len );
unsigned char* pos = buffer;
- i2d_ASN1_UTCTIME( tmptm.get(), &pos );
+ i2d_ASN1_TIME( tmptm.get(), &pos );
std::string rettime = std::string( ( char* ) buffer, len );
OPENSSL_free( buffer );
return rettime;
std::string CRL::getSignature() {
int len = i2d_X509_ALGOR( crl->sig_alg, NULL );
len += i2d_ASN1_BIT_STRING( crl->signature, NULL );
- len += i2d_ASN1_UTCTIME( crl->crl->lastUpdate, NULL );
- len += i2d_ASN1_UTCTIME( crl->crl->nextUpdate, NULL );
+ len += i2d_ASN1_TIME( crl->crl->lastUpdate, NULL );
+ len += i2d_ASN1_TIME( crl->crl->nextUpdate, NULL );
unsigned char* buffer = ( unsigned char* ) OPENSSL_malloc( len );
unsigned char* pos = buffer;
i2d_X509_ALGOR( crl->sig_alg, &pos );
i2d_ASN1_BIT_STRING( crl->signature, &pos );
- i2d_ASN1_UTCTIME( crl->crl->lastUpdate, &pos );
- i2d_ASN1_UTCTIME( crl->crl->nextUpdate, &pos );
+ i2d_ASN1_TIME( crl->crl->lastUpdate, &pos );
+ i2d_ASN1_TIME( crl->crl->nextUpdate, &pos );
std::string res = std::string( ( char* ) buffer, len );
OPENSSL_free( buffer );
const unsigned char* data = ( unsigned char* )( signature.data() );
const unsigned char* buffer = data;
d2i_X509_ALGOR( &crl->sig_alg, &buffer, signature.size() );
- d2i_ASN1_BIT_STRING( &crl->signature, &buffer, signature.size() + buffer - data );
- d2i_ASN1_UTCTIME( &crl->crl->lastUpdate, &buffer, signature.size() + buffer - data );
- d2i_ASN1_UTCTIME( &crl->crl->nextUpdate, &buffer, signature.size() + buffer - data );
+ d2i_ASN1_BIT_STRING( &crl->signature, &buffer, signature.size() + data - buffer );
+ d2i_ASN1_TIME( &crl->crl->lastUpdate, &buffer, signature.size() + data - buffer );
+ d2i_ASN1_TIME( &crl->crl->nextUpdate, &buffer, signature.size() + data - buffer );
+}
+
+bool CRL::needsResign() {
+ time_t current;
+ time( ¤t );
+ current += 60 * 60;// 1 hour
+ auto time = X509_CRL_get_nextUpdate( crl.get() );
+
+ if( !time ) {
+ return true;
+ }
+
+ int cmp = X509_cmp_time( time, ¤t );
+ return cmp < 0;
}