您可以嘗試下面的示例代碼。它不使用BIO,但應該給出與OP示例相同的輸出。如果你不信任ASN1_TIME字符串,你要添加一些錯誤檢查:
- notBefore->數據> 10個字符
- 每個字符值「0」之間的「9」年,月,日,小時,分鐘
- 值,第二
- 型
您應該測試的類型(即UTC),如果你期望多種類型。
如果您希望輸出與使用BIO完全匹配,您還應測試日期/時間是否爲GMT,並將其添加到字符串中。見: 的OpenSSL /密碼/ ASN 1/t_x509.c - ASN1_UTCTIME_print或ASN1_GENERALIZEDTIME_print
ASN1_TIME* notBefore = NULL;
int len = 32;
char buf[len];
struct tm tm_time;
notBefore = X509_get_notBefore(x509_cert);
// Format ASN1_TIME with type UTC into a tm struct
if(notBefore->type == V_ASN1_UTCTIME){
strptime((const char*)notBefore->data, "%y%m%d%H%M%SZ" , &tm_time);
strftime(buf, sizeof(char) * len, "%h %d %H:%M:%S %Y", &tm_time);
}
// Format ASN1_TIME with type "Generalized" into a tm struct
if(notBefore->type == V_ASN1_GENERALIZEDTIME){
// I didn't look this format up, but it shouldn't be too difficult
}