Heiko Nardmann wrote:
>
> Hi!
>
> I am using SSLeay-0.9.0b for a project.
> Now I found that decoding an X.509 certificate
> does not work since the decoding of the Validity
> field assumes UTCTime to be used although the standard
> says UTCTime OR GeneralizedTime.
>
> Is there a simple way to say accept both alternatives
> of the ASN.1 CHOICE?
>
> Or: is there a patch which fixes this bug?
>
GeneralizedTime isn't supported at all in SSLeay-0.9.0b or in OpenSSL
0.9.1c.
I have added support for GeneralizedTime in the current CVS tree and
support for the Time CHOICE type.
I've called this ASN1_TIME and there are various functions that
(hoepefully) handle things appropriately.
I've also fixed the X509 certificate and CRL code so it now accepts Time
instead of just UTCTime.
Steve.
--
Dr Stephen N. Henson. UK based freelance Cryptographic Consultant.
For info see homepage at http://www.drh-consultancy.demon.co.uk/
Email: [EMAIL PROTECTED]
NOTE NEW (13/12/98) PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
