openssl/doc/man3/X509_cmp_time.pod
Emilia Kasper 80770da39e X509 time: tighten validation per RFC 5280
- Reject fractional seconds
- Reject offsets
- Check that the date/time digits are in valid range.
- Add documentation for X509_cmp_time

GH issue 2620

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-02-24 17:37:08 +01:00

40 lines
999 B
Plaintext

=pod
=head1 NAME
X509_cmp_time - X509 time functions
=head1 SYNOPSIS
X509_cmp_time(const ASN1_TIME *asn1_time, time_t *cmp_time);
=head1 DESCRIPTION
X509_cmp_time() compares the ASN1_TIME in B<asn1_time> with the time in
<cmp_time>.
B<asn1_time> must satisfy the ASN1_TIME format mandated by RFC 5280, i.e.,
its format must be either YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ.
If B<cmp_time> is NULL the current time is used.
=head1 BUGS
Unlike many standard comparison functions, X509_cmp_time returns 0 on error.
=head1 RETURN VALUES
X509_cmp_time() returns -1 if B<asn1_time> is earlier than, or equal to,
B<cmp_time>, and 1 otherwise. It returns 0 on error.
=head1 COPYRIGHT
Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut