ASN1_TIME_set.pod 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277
  1. =pod
  2. =head1 NAME
  3. ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set,
  4. ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj,
  5. ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check,
  6. ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string,
  7. ASN1_TIME_set_string_X509,
  8. ASN1_TIME_normalize,
  9. ASN1_TIME_to_tm,
  10. ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print,
  11. ASN1_TIME_diff,
  12. ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t,
  13. ASN1_TIME_compare,
  14. ASN1_TIME_to_generalizedtime,
  15. ASN1_TIME_dup, ASN1_UTCTIME_dup, ASN1_GENERALIZEDTIME_dup - ASN.1 Time functions
  16. =head1 SYNOPSIS
  17. ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
  18. ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
  19. ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
  20. time_t t);
  21. ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
  22. long offset_sec);
  23. ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
  24. int offset_day, long offset_sec);
  25. ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
  26. time_t t, int offset_day,
  27. long offset_sec);
  28. int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
  29. int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
  30. int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
  31. int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
  32. const char *str);
  33. int ASN1_TIME_normalize(ASN1_TIME *s);
  34. int ASN1_TIME_check(const ASN1_TIME *t);
  35. int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
  36. int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
  37. int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
  38. int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
  39. int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
  40. int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
  41. int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
  42. const ASN1_TIME *to);
  43. int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
  44. int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
  45. int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
  46. ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
  47. ASN1_GENERALIZEDTIME **out);
  48. ASN1_TIME *ASN1_TIME_dup(const ASN1_TIME *t);
  49. ASN1_UTCTIME *ASN1_UTCTIME_dup(const ASN1_UTCTIME *t);
  50. ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_dup(const ASN1_GENERALIZEDTIME *t);
  51. =head1 DESCRIPTION
  52. The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set()
  53. functions set the structure I<s> to the time represented by the time_t
  54. value I<t>. If I<s> is NULL a new time structure is allocated and returned.
  55. The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj()
  56. functions set the time structure I<s> to the time represented
  57. by the time I<offset_day> and I<offset_sec> after the time_t value I<t>.
  58. The values of I<offset_day> or I<offset_sec> can be negative to set a
  59. time before I<t>. The I<offset_sec> value can also exceed the number of
  60. seconds in a day. If I<s> is NULL a new structure is allocated
  61. and returned.
  62. The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and
  63. ASN1_GENERALIZEDTIME_set_string() functions set the time structure I<s>
  64. to the time represented by string I<str> which must be in appropriate ASN.1
  65. time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If I<s> is NULL
  66. this function performs a format check on I<str> only. The string I<str>
  67. is copied into I<s>.
  68. ASN1_TIME_set_string_X509() sets B<ASN1_TIME> structure I<s> to the time
  69. represented by string I<str> which must be in appropriate time format
  70. that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and
  71. YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format
  72. are not allowed. If I<s> is NULL this function performs a format check
  73. on I<str> only.
  74. The ASN1_TIME_normalize() function converts an B<ASN1_GENERALIZEDTIME> or
  75. B<ASN1_UTCTIME> into a time value that can be used in a certificate. It
  76. should be used after the ASN1_TIME_set_string() functions and before
  77. ASN1_TIME_print() functions to get consistent (i.e. GMT) results.
  78. The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check()
  79. functions check the syntax of the time structure I<s>.
  80. The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print()
  81. functions print the time structure I<s> to BIO I<b> in human readable
  82. format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example
  83. "Feb 3 00:55:52 2015 GMT", which does not include a newline.
  84. If the time structure has invalid format it prints out "Bad time value" and
  85. returns an error. The output for generalized time may include a fractional part
  86. following the second.
  87. ASN1_TIME_to_tm() converts the time I<s> to the standard I<tm> structure.
  88. If I<s> is NULL, then the current time is converted. The output time is GMT.
  89. The I<tm_sec>, I<tm_min>, I<tm_hour>, I<tm_mday>, I<tm_wday>, I<tm_yday>,
  90. I<tm_mon> and I<tm_year> fields of I<tm> structure are set to proper values,
  91. whereas all other fields are set to 0. If I<tm> is NULL this function performs
  92. a format check on I<s> only. If I<s> is in Generalized format with fractional
  93. seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while
  94. converting I<s> to I<tm> structure.
  95. ASN1_TIME_diff() sets I<*pday> and I<*psec> to the time difference between
  96. I<from> and I<to>. If I<to> represents a time later than I<from> then
  97. one or both (depending on the time difference) of I<*pday> and I<*psec>
  98. will be positive. If I<to> represents a time earlier than I<from> then
  99. one or both of I<*pday> and I<*psec> will be negative. If I<to> and I<from>
  100. represent the same time then I<*pday> and I<*psec> will both be zero.
  101. If both I<*pday> and I<*psec> are nonzero they will always have the same
  102. sign. The value of I<*psec> will always be less than the number of seconds
  103. in a day. If I<from> or I<to> is NULL the current time is used.
  104. The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare
  105. the two times represented by the time structure I<s> and the time_t I<t>.
  106. The ASN1_TIME_compare() function compares the two times represented by the
  107. time structures I<a> and I<b>.
  108. The ASN1_TIME_to_generalizedtime() function converts an B<ASN1_TIME> to an
  109. B<ASN1_GENERALIZEDTIME>, regardless of year. If either I<out> or
  110. I<*out> are NULL, then a new object is allocated and must be freed after use.
  111. The ASN1_TIME_dup(), ASN1_UTCTIME_dup() and ASN1_GENERALIZEDTIME_dup() functions
  112. duplicate the time structure I<t> and return the duplicated result
  113. correspondingly.
  114. =head1 NOTES
  115. The B<ASN1_TIME> structure corresponds to the ASN.1 structure B<Time>
  116. defined in RFC5280 et al. The time setting functions obey the rules outlined
  117. in RFC5280: if the date can be represented by UTCTime it is used, else
  118. GeneralizedTime is used.
  119. The B<ASN1_TIME>, B<ASN1_UTCTIME> and B<ASN1_GENERALIZEDTIME> structures are
  120. represented as an B<ASN1_STRING> internally and can be freed up using
  121. ASN1_STRING_free().
  122. The B<ASN1_TIME> structure can represent years from 0000 to 9999 but no attempt
  123. is made to correct ancient calendar changes (for example from Julian to
  124. Gregorian calendars).
  125. B<ASN1_UTCTIME> is limited to a year range of 1950 through 2049.
  126. Some applications add offset times directly to a time_t value and pass the
  127. results to ASN1_TIME_set() (or equivalent). This can cause problems as the
  128. time_t value can overflow on some systems resulting in unexpected results.
  129. New applications should use ASN1_TIME_adj() instead and pass the offset value
  130. in the I<offset_sec> and I<offset_day> parameters instead of directly
  131. manipulating a time_t value.
  132. ASN1_TIME_adj() may change the type from B<ASN1_GENERALIZEDTIME> to
  133. B<ASN1_UTCTIME>, or vice versa, based on the resulting year.
  134. ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() will not modify the type
  135. of the return structure.
  136. It is recommended that functions starting with B<ASN1_TIME> be used instead of
  137. those starting with B<ASN1_UTCTIME> or B<ASN1_GENERALIZEDTIME>. The functions
  138. starting with B<ASN1_UTCTIME> and B<ASN1_GENERALIZEDTIME> act only on that
  139. specific time format. The functions starting with B<ASN1_TIME> will operate on
  140. either format.
  141. =head1 BUGS
  142. ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print()
  143. do not print out the timezone: it either prints out "GMT" or nothing. But all
  144. certificates complying with RFC5280 et al use GMT anyway.
  145. ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print()
  146. do not distinguish if they fail because of an I/O error or invalid time format.
  147. Use the ASN1_TIME_normalize() function to normalize the time value before
  148. printing to get GMT results.
  149. =head1 RETURN VALUES
  150. ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(),
  151. ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_set() return
  152. a pointer to a time structure or NULL if an error occurred.
  153. ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(),
  154. ASN1_GENERALIZEDTIME_set_string() and ASN1_TIME_set_string_X509() return
  155. 1 if the time value is successfully set and 0 otherwise.
  156. ASN1_TIME_normalize() returns 1 on success, and 0 on error.
  157. ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1
  158. if the structure is syntactically correct and 0 otherwise.
  159. ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print()
  160. return 1 if the time is successfully printed out and
  161. 0 if an I/O error occurred an error occurred (I/O error or invalid time format).
  162. ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an
  163. error occurred (invalid time format).
  164. ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the
  165. passed-in time structure has invalid syntax, for example.
  166. ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if I<s> is
  167. before I<t>, 0 if I<s> equals I<t>, or 1 if I<s> is after I<t>. -2 is returned
  168. on error.
  169. ASN1_TIME_compare() returns -1 if I<a> is before I<b>, 0 if I<a> equals I<b>,
  170. or 1 if I<a> is after I<b>. -2 is returned on error.
  171. ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time
  172. structure on success or NULL if an error occurred.
  173. ASN1_TIME_dup(), ASN1_UTCTIME_dup() and ASN1_GENERALIZEDTIME_dup() return a
  174. pointer to a time structure or NULL if an error occurred.
  175. =head1 EXAMPLES
  176. Set a time structure to one hour after the current time and print it out:
  177. #include <time.h>
  178. #include <openssl/asn1.h>
  179. ASN1_TIME *tm;
  180. time_t t;
  181. BIO *b;
  182. t = time(NULL);
  183. tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
  184. b = BIO_new_fp(stdout, BIO_NOCLOSE);
  185. ASN1_TIME_print(b, tm);
  186. ASN1_STRING_free(tm);
  187. BIO_free(b);
  188. Determine if one time is later or sooner than the current time:
  189. int day, sec;
  190. if (!ASN1_TIME_diff(&day, &sec, NULL, to))
  191. /* Invalid time format */
  192. if (day > 0 || sec > 0)
  193. printf("Later\n");
  194. else if (day < 0 || sec < 0)
  195. printf("Sooner\n");
  196. else
  197. printf("Same\n");
  198. =head1 HISTORY
  199. The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1.
  200. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1.
  201. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1.
  202. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1.
  203. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.
  204. =head1 COPYRIGHT
  205. Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
  206. Licensed under the Apache License 2.0 (the "License"). You may not use
  207. this file except in compliance with the License. You can obtain a copy
  208. in the file LICENSE in the source distribution or at
  209. L<https://www.openssl.org/source/license.html>.
  210. =cut