[gnutls-devel] Guile-GnuTLS | year 2038 problem in x509-certificate-*-time (#32)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Sat Mar 1 20:04:18 CET 2025



Dariqq created an issue: https://gitlab.com/gnutls/guile/-/issues/32



Hello,

I was looking at certificate with the guile api and noticed a 2k38 problem with the activation and expiration dates:

`cert.pem` is a (self-signed) certificate that expires in 2055:

```scm
(use-modules (gnutls)
	     (ice-9 binary-ports))

(let* ((data (call-with-input-file "cert.pem" get-bytevector-all))
       (cert (import-x509-certificate data x509-certificate-format/pem)))

  (format #t "Activation: ~a~%Expiration: ~a~%"
	  (strftime "%c" (gmtime (x509-certificate-activation-time cert)))
	  (strftime "%c" (gmtime (x509-certificate-expiration-time cert)))))

```
Output:
```
Activation: Fri Feb 21 18:31:34 2025
Expiration: Thu Jan 16 12:03:18 1919
```

Output from `gnutls_x509_crt_print` from gnutls (3.8.9) on the same host:
```
Validity:
	Not Before: Fr Feb 21 18:31:34 UTC 2025
	Not After:  So Feb 21 18:31:34 UTC 2055
```

I am on a x86_64 machine

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/32
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250301/b1671ddd/attachment.html>


More information about the Gnutls-devel mailing list