[gnutls-devel] Guile-GnuTLS | 32bit time issues with gnutls_x509_crt_[get, set]-*-time (#33)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Mar 4 18:01:37 CET 2025
Dariqq created an issue: https://gitlab.com/gnutls/guile/-/issues/33
## Description of problem:
Originally a bug against the guile bindings (https://gitlab.com/gnutls/guile/-/issues/32) but i think it might be an issue with gnutls.
The functions `gnutls_x509_crt_get_expiration_time`, `gnutls_x509_crt_set_expiration_time`, `gnutls_x509_crt_get_activation_time`, `gnutls_x509_crt_set_activation_time` seem to have troubles using time values greater than 32 bits. Trying to get a time value results in an overflow/underflow, trying to set a value in an error.
I am using a 64bit system.
## Version of gnutls used:
3.8.9
## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Verified this on Fedora 41, Debian 13 and others (on x86_64)
## How reproducible:
Always
## Steps to Reproduce:
I am using my scheme examples from the other bug report, but I verified that this is not an issue with the bindings as the value is already negative before it gets converted to a scheme value
Setting a value:
```scm
(use-modules (gnutls))
(let ((cert (make-x509-certificate))
(expiration (expt 2 31)))
(set-x509-certificate-expiration-time! cert expiration))
```
Getting:
The file `cert.pem` has an expiry date in 2055
```
(use-modules (gnutls)
(ice-9 binary-ports))
(let* ((data (call-with-input-file "cert.pem" get-bytevector-all))
(cert (import-x509-certificate data x509-certificate-format/pem)))
(format #t "Activation: ~a~%Expiration: ~a~%"
(strftime "%c" (gmtime (x509-certificate-activation-time cert)))
(strftime "%c" (gmtime (x509-certificate-expiration-time cert)))))
```
Similar issues with the activation time
## Actual results:
Setting:
```
An error:
In procedure raise exception:
Value out of range -2147483648 to< 2147483647: 2147483648
```
Getting
```
Activation: Fri Feb 21 18:31:34 2025
Expiration: Thu Jan 16 12:03:18 1919
```
## Expected results:
Set the date to the correct time.
Get the correct timestamp for expiration/activation.
Interestingly when I use `gnutls_x509_crt_print` the dates are correct:
```
Validity:
Not Before: Fri Feb 21 18:31:34 UTC 2025
Not After: Sun Feb 21 18:31:34 UTC 2055
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/33
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250304/d574f760/attachment-0001.html>
More information about the Gnutls-devel
mailing list