NotBefore and NotAfter fields in metadata question.

Almost copied from ASN1_TIME_print(), but this shitty openssl does not have any
function for placing the result into a string.

src/questions/include/qstrings.h

@@ -7,4 +7,7 @@ is_vzero(const void *v, size_t len);
 void
 vxor(void *u, const void *v, const void *w, size_t len);
 
+int
+ASN1_TIME_str(char *dest, const ASN1_TIME *tm);
+
 #endif /* _QA_QSTRINGS_H_ */

src/questions/metadata.c

@@ -9,7 +9,7 @@
 #include <openssl/x509.h>
 
 #include "qa/questions/questions.h"
-
+#include "qa/questions/qstrings.h"
 
 /* taken from openssl's s_client app source */
 #define BUFSIZE 1024*8
@@ -25,6 +25,8 @@
 #define EBITLEN "e bits"
 #define MODULUS "modulus"
 #define E       "pub exp"
+#define NOTBEF  "not before"
+#define NOTAFT  "not after"
 
 static BIO* out;
 
@@ -50,6 +52,7 @@ metadata_question_ask_crt(X509* crt)
   char *sserial = NULL;
   char sbuf[BUFSIZE];
   char ibuf[BUFSIZE];
+  char not_after[64], not_before[64];
 
   /* subject informations: country, organization, common name */
   X509_NAME_oneline(X509_get_subject_name(crt), sbuf, sizeof(sbuf));
@@ -58,20 +61,28 @@ metadata_question_ask_crt(X509* crt)
   /* serial number */
   serial = ASN1_INTEGER_to_BN(X509_get_serialNumber(crt), NULL);
   sserial = BN_bn2hex(serial);
+  /* time fields */
+  ASN1_TIME_str(not_before, X509_get_notBefore(crt));
+  ASN1_TIME_str(not_after, X509_get_notAfter(crt));
   /* public key */
   pkey = X509_get_pubkey(crt);
+
   /* BIO_printf(out, "%-10s\n", PKEY); */
   /* PEM_write_bio_RSAPublicKey(out, pkey->pkey.rsa); */
   /* BIO_printf(out, "\r\n\r\n"); */
   /* public key bitlength */
   BIO_printf(out,
-             "%-10s: %s\n"
-             "%-10s: %s\n"
-             "%-10s: %s\n"
-             "%-10s: %d\n",
+             "%-10s:%s\n"
+             "%-10s:%s\n"
+             "%-10s:%s\n"
+             "%-10s:%s\n"
+             "%-10s:%s\n"
+             "%-10s:%d\n",
              SUBJECT, sbuf,
              ISSUER, ibuf,
              SERIAL, sserial,
+             NOTBEF, not_before,
+             NOTAFT, not_after,
              BITLEN, EVP_PKEY_bits(pkey));
 
   /* XXX.  Compression. TLS version.
@@ -94,10 +105,10 @@ RSA *metadata_question_ask_rsa(const RSA* rsa)
   t = BN_bn2hex(rsa->n);
 
   BIO_printf(out,
-             "%-10s: %s\n"
-             "%-10s: %s\n"
-             "%-10s: %d\n"
-             "%-10s: %d\n",
+             "%-10s:%s\n"
+             "%-10s:%s\n"
+             "%-10s:%d\n"
+             "%-10s:%d\n",
              MODULUS, t,
              E, s,
              EBITLEN, BN_num_bits(rsa->e),

src/questions/qstrings.c

@@ -5,6 +5,9 @@
  *
  */
 #include <stddef.h>
+#include <string.h>
+
+#include <openssl/asn1.h>
 
 #include "qa/questions/qstrings.h"
 
@@ -40,3 +43,70 @@ is_vzero(const void *v, size_t len)
     if (*(s++)) return 0;
   return 1;
 }
+
+
+int
+ASN1_TIME_str(char *dest, const ASN1_TIME *tm)
+{
+  char *v;
+  int gmt=0;
+  int i;
+  int y=0,M=0,d=0,h=0,m=0,s=0;
+  char *f = NULL;
+  int f_len = 0;
+
+  i = tm->length;
+  v = (char *)tm->data;
+
+  if (tm->type == V_ASN1_GENERALIZEDTIME) {
+    if (i < 12) goto err;
+    for (i=0; i<12; i++)
+      if ((v[i] > '9') || (v[i] < '0')) goto err;
+
+    if (v[i-1] == 'Z') gmt = 1;
+    y = (v[0]-'0')*1000 + (v[1]-'0')*100 + (v[2]-'0')*10 + (v[3]-'0');
+    M = (v[4]-'0')*10 + (v[5]-'0');
+    if ((M > 12) || (M < 1)) goto err;
+    d = (v[6]-'0')*10 + (v[7]-'0');
+    h = (v[8]-'0')*10 + (v[9]-'0');
+    m =  (v[10]-'0')*10 + (v[11]-'0');
+    if (tm->length >= 14 &&
+        (v[12] >= '0') && (v[12] <= '9') &&
+        (v[13] >= '0') && (v[13] <= '9')) {
+      s =  (v[12]-'0')*10 + (v[13]-'0');
+      /* Check for fractions of seconds. */
+      if (tm->length >= 15 && v[14] == '.') {
+      int l = tm->length;
+      f = &v[14];	/* The decimal point. */
+      for (f_len = 1;
+           14 + f_len < l && f[f_len] >= '0' && f[f_len] <= '9';
+           f_len++);
+      }
+    }
+  }
+  else if (tm->type == V_ASN1_UTCTIME) {
+    if (i < 10) goto err;
+    for (i=0; i<10; i++)
+      if ((v[i] > '9') || (v[i] < '0')) goto err;
+
+    y = (v[0]-'0')*10+(v[1]-'0');
+    if (y < 50) y+=100;
+    y += 1900;
+    M = (v[2]-'0')*10+(v[3]-'0');
+    if ((M > 12) || (M < 1)) goto err;
+    d = (v[4]-'0')*10+(v[5]-'0');
+    h = (v[6]-'0')*10+(v[7]-'0');
+    m =  (v[8]-'0')*10+(v[9]-'0');
+    if (tm->length >=12 &&
+        (v[10] >= '0') && (v[10] <= '9') &&
+        (v[11] >= '0') && (v[11] <= '9'))
+      s =  (v[10]-'0')*10+(v[11]-'0');
+
+  }
+  if (sprintf(dest,"%04d-%02d-%02d %02d:%02d:%02d%.*s %s",
+              y, M, d, h, m, s, f_len, f, (gmt)?" GMT":"") > 0)
+    return 1;
+ err:
+  strcpy(dest, "1970-01-01");
+  return 0;
+}