/** * gnutls_x509_crt_set_private_key_usage_period: * @crt: a certificate of type #gnutls_x509_crt_t * @activation: The activation time * @expiration: The expiration time * * This function will set the private key usage period extension (2.5.29.16). * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. **/ int gnutls_x509_crt_set_private_key_usage_period(gnutls_x509_crt_t crt, time_t activation, time_t expiration) { int result; gnutls_datum_t der_data; ASN1_TYPE c2 = ASN1_TYPE_EMPTY; if (crt == NULL) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } result = asn1_create_element(_gnutls_get_pkix(), "PKIX1.PrivateKeyUsagePeriod", &c2); if (result != ASN1_SUCCESS) { gnutls_assert(); return _gnutls_asn2err(result); } result = _gnutls_x509_set_time(c2, "notBefore", activation, 1); if (result < 0) { gnutls_assert(); goto cleanup; } result = _gnutls_x509_set_time(c2, "notAfter", expiration, 1); if (result < 0) { gnutls_assert(); goto cleanup; } result = _gnutls_x509_der_encode(c2, "", &der_data, 0); if (result < 0) { gnutls_assert(); goto cleanup; } result = _gnutls_x509_crt_set_extension(crt, "2.5.29.16", &der_data, 0); _gnutls_free_datum(&der_data); crt->use_extensions = 1; cleanup: asn1_delete_structure(&c2); return result; }
/** * gnutls_x509_crl_set_next_update: * @crl: should contain a gnutls_x509_crl_t type * @exp_time: The actual time * * This function will set the time this CRL will be updated. * This is an optional value to be set on a CRL and this call * can be omitted when generating a CRL. * * Prior to GnuTLS 3.5.7, setting a nextUpdate field was required * in order to generate a CRL. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. **/ int gnutls_x509_crl_set_next_update(gnutls_x509_crl_t crl, time_t exp_time) { if (crl == NULL) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } return _gnutls_x509_set_time(crl->crl, "tbsCertList.nextUpdate", exp_time, 0); }
/** * gnutls_x509_crl_set_this_update - This function will set the CRL's issuing time * @crl: should contain a gnutls_x509_crl_t structure * @act_time: The actual time * * This function will set the time this CRL was issued. * * Returns 0 on success, or a negative value in case of an error. * **/ int gnutls_x509_crl_set_this_update (gnutls_x509_crl_t crl, time_t act_time) { if (crl == NULL) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } return _gnutls_x509_set_time (crl->crl, "tbsCertList.thisUpdate", act_time); }
/** * gnutls_x509_crt_set_expiration_time: * @cert: a certificate of type #gnutls_x509_crt_t * @exp_time: The actual time * * This function will set the time this Certificate will expire. * Setting an expiration time to (time_t)-1 or to %GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION * will set to the no well-defined expiration date value. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. **/ int gnutls_x509_crt_set_expiration_time(gnutls_x509_crt_t cert, time_t exp_time) { if (cert == NULL) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } return _gnutls_x509_set_time(cert->cert, "tbsCertificate.validity.notAfter", exp_time, 0); }
/** * gnutls_x509_crl_set_crt_serial - This function will set a revoked certificate's serial number * @crl: should contain a gnutls_x509_crl_t structure * @serial: The revoked certificate's serial number * @serial_size: Holds the size of the serial field. * @revocation_time: The time this certificate was revoked * * This function will set a revoked certificate's serial number to the CRL. * * Returns 0 on success, or a negative value in case of an error. * **/ int gnutls_x509_crl_set_crt_serial (gnutls_x509_crl_t crl, const void *serial, size_t serial_size, time_t revocation_time) { int ret; if (crl == NULL) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } ret = asn1_write_value (crl->crl, "tbsCertList.revokedCertificates", "NEW", 1); if (ret != ASN1_SUCCESS) { gnutls_assert (); return _gnutls_asn2err (ret); } ret = asn1_write_value (crl->crl, "tbsCertList.revokedCertificates.?LAST.userCertificate", serial, serial_size); if (ret != ASN1_SUCCESS) { gnutls_assert (); return _gnutls_asn2err (ret); } ret = _gnutls_x509_set_time (crl->crl, "tbsCertList.revokedCertificates.?LAST.revocationDate", revocation_time); if (ret < 0) { gnutls_assert (); return ret; } ret = asn1_write_value (crl->crl, "tbsCertList.revokedCertificates.?LAST.crlEntryExtensions", NULL, 0); if (ret != ASN1_SUCCESS) { gnutls_assert (); return _gnutls_asn2err (ret); } return 0; }
/** * gnutls_x509_crt_set_activation_time: * @cert: a certificate of type #gnutls_x509_crt_t * @act_time: The actual time * * This function will set the time this Certificate was or will be * activated. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. **/ int gnutls_x509_crt_set_activation_time(gnutls_x509_crt_t cert, time_t act_time) { if (cert == NULL) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } return _gnutls_x509_set_time(cert->cert, "tbsCertificate.validity.notBefore", act_time, 0); }