[openssl-users] How to access some simple conversion functions - asn1_time_to_tm

Dr. Stephen Henson steve at openssl.org
Tue Jan 19 03:05:07 UTC 2016

On Tue, Jan 19, 2016, Nounou Dadoun wrote:

> That actually worked reasonably smoothly, the only thing that I have to fix now is that it's obviously taking the time zone into account - is there a way of telling it to do everything in UTC?

The routines don't take any account of local timezone: if the ASN1_TIME
structure contains a timezone (which is rare becasue it is forbidden in DER
but a few certificates do it anyway) that will be adjusted.

> And I still don't see any programmatic way of accessing whether a key usage is "critical" or not.

There are several ways to retrieve that. The function X509_get_ext_d2i()
decodes an extension and retrieves the criticality flags in one call. You can
use X509_EXTENSION_get_critical too if you've retrieved the X509_EXTENSION

Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

More information about the openssl-users mailing list