您可以尝试下面的示例代码。它不使用BIO,但应该给出与OP示例相同的输出。如果你不信任ASN1_TIME字符串,你要添加一些错误检查:
- notBefore->数据> 10个字符
- 每个字符值“0”之间的“9”年,月,日,小时,分钟
- 值,第二
- 型
您应该测试的类型(即UTC),如果你期望多种类型。
如果您希望输出与使用BIO完全匹配,您还应测试日期/时间是否为GMT,并将其添加到字符串中。见: 的OpenSSL /密码/ ASN 1/t_x509.c - ASN1_UTCTIME_print或ASN1_GENERALIZEDTIME_print
ASN1_TIME* notBefore = NULL;
int len = 32;
char buf[len];
struct tm tm_time;
notBefore = X509_get_notBefore(x509_cert);
// Format ASN1_TIME with type UTC into a tm struct
if(notBefore->type == V_ASN1_UTCTIME){
strptime((const char*)notBefore->data, "%y%m%d%H%M%SZ" , &tm_time);
strftime(buf, sizeof(char) * len, "%h %d %H:%M:%S %Y", &tm_time);
}
// Format ASN1_TIME with type "Generalized" into a tm struct
if(notBefore->type == V_ASN1_GENERALIZEDTIME){
// I didn't look this format up, but it shouldn't be too difficult
}