diff options
Diffstat (limited to 'secure/lib/libcrypto/man/ASN1_TIME_set.3')
| -rw-r--r-- | secure/lib/libcrypto/man/ASN1_TIME_set.3 | 194 |
1 files changed, 155 insertions, 39 deletions
diff --git a/secure/lib/libcrypto/man/ASN1_TIME_set.3 b/secure/lib/libcrypto/man/ASN1_TIME_set.3 index e9dc9c2b77e2..bc75640881fd 100644 --- a/secure/lib/libcrypto/man/ASN1_TIME_set.3 +++ b/secure/lib/libcrypto/man/ASN1_TIME_set.3 @@ -128,52 +128,110 @@ .rm #[ #] #H #V #F C .\" ======================================================================== .\" -.IX Title "ASN1_TIME_set 3" -.TH ASN1_TIME_set 3 "2018-08-14" "1.0.2p" "OpenSSL" +.IX Title "ASN1_TIME_SET 3" +.TH ASN1_TIME_SET 3 "2018-09-11" "1.1.1" "OpenSSL" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" -ASN1_TIME_set, ASN1_TIME_adj, ASN1_TIME_check, ASN1_TIME_set_string, -ASN1_TIME_print, ASN1_TIME_diff \- ASN.1 Time functions. +ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime \- ASN.1 Time functions .SH "SYNOPSIS" .IX Header "SYNOPSIS" -.Vb 6 +.Vb 4 \& ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t); -\& ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, -\& int offset_day, long offset_sec); +\& ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t); +\& ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, +\& time_t t); +\& +\& ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, +\& long offset_sec); +\& ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, +\& int offset_day, long offset_sec); +\& ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, +\& time_t t, int offset_day, +\& long offset_sec); +\& \& int ASN1_TIME_set_string(ASN1_TIME *s, const char *str); +\& int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str); +\& int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str); +\& int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, +\& const char *str); +\& +\& int ASN1_TIME_normalize(ASN1_TIME *s); +\& \& int ASN1_TIME_check(const ASN1_TIME *t); +\& int ASN1_UTCTIME_check(const ASN1_UTCTIME *t); +\& int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t); +\& \& int ASN1_TIME_print(BIO *b, const ASN1_TIME *s); +\& int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s); +\& int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s); +\& +\& int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm); +\& int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from, +\& const ASN1_TIME *to); +\& +\& int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t); +\& int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); \& -\& int ASN1_TIME_diff(int *pday, int *psec, -\& const ASN1_TIME *from, const ASN1_TIME *to); +\& int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b); +\& +\& ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, +\& ASN1_GENERALIZEDTIME **out); .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" -The function \fIASN1_TIME_set()\fR sets the \s-1ASN1_TIME\s0 structure \fBs\fR to the -time represented by the time_t value \fBt\fR. If \fBs\fR is \s-1NULL\s0 a new \s-1ASN1_TIME\s0 -structure is allocated and returned. +The \fIASN1_TIME_set()\fR, \fIASN1_UTCTIME_set()\fR and \fIASN1_GENERALIZEDTIME_set()\fR +functions set the structure \fBs\fR to the time represented by the time_t +value \fBt\fR. If \fBs\fR is \s-1NULL\s0 a new time structure is allocated and returned. .PP -\&\fIASN1_TIME_adj()\fR sets the \s-1ASN1_TIME\s0 structure \fBs\fR to the time represented +The \fIASN1_TIME_adj()\fR, \fIASN1_UTCTIME_adj()\fR and \fIASN1_GENERALIZEDTIME_adj()\fR +functions set the time structure \fBs\fR to the time represented by the time \fBoffset_day\fR and \fBoffset_sec\fR after the time_t value \fBt\fR. The values of \fBoffset_day\fR or \fBoffset_sec\fR can be negative to set a time before \fBt\fR. The \fBoffset_sec\fR value can also exceed the number of -seconds in a day. If \fBs\fR is \s-1NULL\s0 a new \s-1ASN1_TIME\s0 structure is allocated +seconds in a day. If \fBs\fR is \s-1NULL\s0 a new structure is allocated and returned. .PP -\&\fIASN1_TIME_set_string()\fR sets \s-1ASN1_TIME\s0 structure \fBs\fR to the time -represented by string \fBstr\fR which must be in appropriate \s-1ASN.1\s0 time -format (for example \s-1YYMMDDHHMMSSZ\s0 or \s-1YYYYMMDDHHMMSSZ\s0). +The \fIASN1_TIME_set_string()\fR, \fIASN1_UTCTIME_set_string()\fR and +\&\fIASN1_GENERALIZEDTIME_set_string()\fR functions set the time structure \fBs\fR +to the time represented by string \fBstr\fR which must be in appropriate \s-1ASN.1\s0 +time format (for example \s-1YYMMDDHHMMSSZ\s0 or \s-1YYYYMMDDHHMMSSZ\s0). If \fBs\fR is \s-1NULL\s0 +this function performs a format check on \fBstr\fR only. The string \fBstr\fR +is copied into \fBs\fR. +.PP +\&\fIASN1_TIME_set_string_X509()\fR sets \s-1ASN1_TIME\s0 structure \fBs\fR to the time +represented by string \fBstr\fR which must be in appropriate time format +that \s-1RFC 5280\s0 requires, which means it only allows \s-1YYMMDDHHMMSSZ\s0 and +\&\s-1YYYYMMDDHHMMSSZ\s0 (leap second is rejected), all other \s-1ASN.1\s0 time format +are not allowed. If \fBs\fR is \s-1NULL\s0 this function performs a format check +on \fBstr\fR only. +.PP +The \fIASN1_TIME_normalize()\fR function converts an \s-1ASN1_GENERALIZEDTIME\s0 or +\&\s-1ASN1_UTCTIME\s0 into a time value that can be used in a certificate. It +should be used after the \fIASN1_TIME_set_string()\fR functions and before +\&\fIASN1_TIME_print()\fR functions to get consistent (i.e. \s-1GMT\s0) results. .PP -\&\fIASN1_TIME_check()\fR checks the syntax of \s-1ASN1_TIME\s0 structure \fBs\fR. +The \fIASN1_TIME_check()\fR, \fIASN1_UTCTIME_check()\fR and \fIASN1_GENERALIZEDTIME_check()\fR +functions check the syntax of the time structure \fBs\fR. .PP -\&\fIASN1_TIME_print()\fR prints out the time \fBs\fR to \s-1BIO\s0 \fBb\fR in human readable +The \fIASN1_TIME_print()\fR, \fIASN1_UTCTIME_print()\fR and \fIASN1_GENERALIZEDTIME_print()\fR +functions print the time structure \fBs\fR to \s-1BIO\s0 \fBb\fR in human readable format. It will be of the format \s-1MMM DD HH:MM:SS YYYY\s0 [\s-1GMT\s0], for example \&\*(L"Feb 3 00:55:52 2015 \s-1GMT\*(R"\s0 it does not include a newline. If the time structure has invalid format it prints out \*(L"Bad time value\*(R" and returns -an error. +an error. The output for generalized time may include a fractional part +following the second. +.PP +\&\fIASN1_TIME_to_tm()\fR converts the time \fBs\fR to the standard \fBtm\fR structure. +If \fBs\fR is \s-1NULL,\s0 then the current time is converted. The output time is \s-1GMT.\s0 +The \fBtm_sec\fR, \fBtm_min\fR, \fBtm_hour\fR, \fBtm_mday\fR, \fBtm_wday\fR, \fBtm_yday\fR, +\&\fBtm_mon\fR and \fBtm_year\fR fields of \fBtm\fR structure are set to proper values, +whereas all other fields are set to 0. If \fBtm\fR is \s-1NULL\s0 this function performs +a format check on \fBs\fR only. If \fBs\fR is in Generalized format with fractional +seconds, e.g. \s-1YYYYMMDDHHMMSS.SSSZ,\s0 the fractional seconds will be lost while +converting \fBs\fR to \fBtm\fR structure. .PP \&\fIASN1_TIME_diff()\fR sets \fB*pday\fR and \fB*psec\fR to the time difference between \&\fBfrom\fR and \fBto\fR. If \fBto\fR represents a time later than \fBfrom\fR then @@ -184,6 +242,16 @@ represent the same time then \fB*pday\fR and \fB*psec\fR will both be zero. If both \fB*pday\fR and \fB*psec\fR are non-zero they will always have the same sign. The value of \fB*psec\fR will always be less than the number of seconds in a day. If \fBfrom\fR or \fBto\fR is \s-1NULL\s0 the current time is used. +.PP +The \fIASN1_TIME_cmp_time_t()\fR and \fIASN1_UTCTIME_cmp_time_t()\fR functions compare +the two times represented by the time structure \fBs\fR and the time_t \fBt\fR. +.PP +The \fIASN1_TIME_compare()\fR function compares the two times represented by the +time structures \fBa\fR and \fBb\fR. +.PP +The \fIASN1_TIME_to_generalizedtime()\fR function converts an \s-1ASN1_TIME\s0 to an +\&\s-1ASN1_GENERALIZEDTIME,\s0 regardless of year. If either \fBout\fR or +\&\fB*out\fR are \s-1NULL,\s0 then a new object is allocated and must be freed after use. .SH "NOTES" .IX Header "NOTES" The \s-1ASN1_TIME\s0 structure corresponds to the \s-1ASN.1\s0 structure \fBTime\fR @@ -191,34 +259,51 @@ defined in \s-1RFC5280\s0 et al. The time setting functions obey the rules outli in \s-1RFC5280:\s0 if the date can be represented by UTCTime it is used, else GeneralizedTime is used. .PP -The \s-1ASN1_TIME\s0 structure is represented as an \s-1ASN1_STRING\s0 internally and can -be freed up using \fIASN1_STRING_free()\fR. +The \s-1ASN1_TIME, ASN1_UTCTIME\s0 and \s-1ASN1_GENERALIZEDTIME\s0 structures are represented +as an \s-1ASN1_STRING\s0 internally and can be freed up using \fIASN1_STRING_free()\fR. .PP The \s-1ASN1_TIME\s0 structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars). .PP +\&\s-1ASN1_UTCTIME\s0 is limited to a year range of 1950 through 2049. +.PP Some applications add offset times directly to a time_t value and pass the results to \fIASN1_TIME_set()\fR (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use \fIASN1_TIME_adj()\fR instead and pass the offset value in the \fBoffset_sec\fR and \fBoffset_day\fR parameters instead of directly manipulating a time_t value. +.PP +\&\fIASN1_TIME_adj()\fR may change the type from \s-1ASN1_GENERALIZEDTIME\s0 to \s-1ASN1_UTCTIME,\s0 +or vice versa, based on the resulting year. The \fIASN1_GENERALIZEDTIME_adj()\fR and +\&\fIASN1_UTCTIME_adj()\fR functions will not modify the type of the return structure. +.PP +It is recommended that functions starting with \s-1ASN1_TIME\s0 be used instead of +those starting with \s-1ASN1_UTCTIME\s0 or \s-1ASN1_GENERALIZEDTIME.\s0 The functions +starting with \s-1ASN1_UTCTIME\s0 and \s-1ASN1_GENERALIZEDTIME\s0 act only on that specific +time format. The functions starting with \s-1ASN1_TIME\s0 will operate on either +format. .SH "BUGS" .IX Header "BUGS" -\&\fIASN1_TIME_print()\fR currently does not print out the time zone: it either prints -out \*(L"\s-1GMT\*(R"\s0 or nothing. But all certificates complying with \s-1RFC5280\s0 et al use \s-1GMT\s0 -anyway. +\&\fIASN1_TIME_print()\fR, \fIASN1_UTCTIME_print()\fR and \fIASN1_GENERALIZEDTIME_print()\fR +do not print out the time zone: it either prints out \*(L"\s-1GMT\*(R"\s0 or nothing. But all +certificates complying with \s-1RFC5280\s0 et al use \s-1GMT\s0 anyway. +.PP +Use the \fIASN1_TIME_normalize()\fR function to normalize the time value before +printing to get \s-1GMT\s0 results. .SH "EXAMPLES" .IX Header "EXAMPLES" Set a time structure to one hour after the current time and print it out: .PP -.Vb 11 +.Vb 2 \& #include <time.h> \& #include <openssl/asn1.h> +\& \& ASN1_TIME *tm; \& time_t t; \& BIO *b; +\& \& t = time(NULL); \& tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60); \& b = BIO_new_fp(stdout, BIO_NOCLOSE); @@ -233,28 +318,59 @@ Determine if one time is later or sooner than the current time: \& int day, sec; \& \& if (!ASN1_TIME_diff(&day, &sec, NULL, to)) -\& /* Invalid time format */ +\& /* Invalid time format */ \& \& if (day > 0 || sec > 0) -\& printf("Later\en"); +\& printf("Later\en"); \& else if (day < 0 || sec < 0) -\& printf("Sooner\en"); +\& printf("Sooner\en"); \& else -\& printf("Same\en"); +\& printf("Same\en"); .Ve .SH "RETURN VALUES" .IX Header "RETURN VALUES" -\&\fIASN1_TIME_set()\fR and \fIASN1_TIME_adj()\fR return a pointer to an \s-1ASN1_TIME\s0 structure +\&\fIASN1_TIME_set()\fR, \fIASN1_UTCTIME_set()\fR, \fIASN1_GENERALIZEDTIME_set()\fR, \fIASN1_TIME_adj()\fR, +ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or \s-1NULL\s0 if an error occurred. .PP -\&\fIASN1_TIME_set_string()\fR returns 1 if the time value is successfully set and -0 otherwise. +\&\fIASN1_TIME_set_string()\fR, \fIASN1_UTCTIME_set_string()\fR, \fIASN1_GENERALIZEDTIME_set_string()\fR +\&\fIASN1_TIME_set_string_X509()\fR return 1 if the time value is successfully set and 0 otherwise. +.PP +\&\fIASN1_TIME_normalize()\fR returns 1 on success, and 0 on error. +.PP +\&\fIASN1_TIME_check()\fR, ASN1_UTCTIME_check and \fIASN1_GENERALIZEDTIME_check()\fR return 1 +if the structure is syntactically correct and 0 otherwise. +.PP +\&\fIASN1_TIME_print()\fR, \fIASN1_UTCTIME_print()\fR and \fIASN1_GENERALIZEDTIME_print()\fR return 1 +if the time is successfully printed out and 0 if an error occurred (I/O error or +invalid time format). +.PP +\&\fIASN1_TIME_to_tm()\fR returns 1 if the time is successfully parsed and 0 if an +error occurred (invalid time format). +.PP +\&\fIASN1_TIME_diff()\fR returns 1 for success and 0 for failure. It can fail if the +passed-in time structure has invalid syntax, for example. +.PP +\&\fIASN1_TIME_cmp_time_t()\fR and \fIASN1_UTCTIME_cmp_time_t()\fR return \-1 if \fBs\fR is +before \fBt\fR, 0 if \fBs\fR equals \fBt\fR, or 1 if \fBs\fR is after \fBt\fR. \-2 is returned +on error. .PP -\&\fIASN1_TIME_check()\fR returns 1 if the structure is syntactically correct and 0 -otherwise. +\&\fIASN1_TIME_compare()\fR returns \-1 if \fBa\fR is before \fBb\fR, 0 if \fBa\fR equals \fBb\fR, or 1 if \fBa\fR is after \fBb\fR. \-2 is returned on error. .PP -\&\fIASN1_TIME_print()\fR returns 1 if the time is successfully printed out and 0 if -an error occurred (I/O error or invalid time format). +\&\fIASN1_TIME_to_generalizedtime()\fR returns a pointer to +the appropriate time structure on success or \s-1NULL\s0 if an error occurred. +.SH "HISTORY" +.IX Header "HISTORY" +The \fIASN1_TIME_to_tm()\fR function was added in OpenSSL 1.1.1. +The \fIASN1_TIME_set_string_X509()\fR function was added in OpenSSL 1.1.1. +The \fIASN1_TIME_normalize()\fR function was added in OpenSSL 1.1.1. +The \fIASN1_TIME_cmp_time_t()\fR function was added in OpenSSL 1.1.1. +The \fIASN1_TIME_compare()\fR function was added in OpenSSL 1.1.1. +.SH "COPYRIGHT" +.IX Header "COPYRIGHT" +Copyright 2015\-2018 The OpenSSL Project Authors. All Rights Reserved. .PP -\&\fIASN1_TIME_diff()\fR returns 1 for sucess and 0 for failure. It can fail if the -pass \s-1ASN1_TIME\s0 structure has invalid syntax for example. +Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file \s-1LICENSE\s0 in the source distribution or at +<https://www.openssl.org/source/license.html>. |