Provide X509_get{0,m}_not{Before,After}().

3 files changed, 41 insertions, 5 deletions

diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list
index 276c61b3a42..540213232b5 100644
--- a/lib/libcrypto/Symbols.list
+++ b/lib/libcrypto/Symbols.list
@@ -2857,6 +2857,8 @@ X509_email_free
 X509_find_by_issuer_and_serial
 X509_find_by_subject
 X509_free
+X509_get0_notAfter
+X509_get0_notBefore
 X509_get0_pubkey_bitstr
 X509_get1_email
 X509_get1_ocsp
@@ -2880,6 +2882,8 @@ X509_get_pubkey_parameters
 X509_get_serialNumber
 X509_get_signature_nid
 X509_get_subject_name
+X509_getm_notAfter
+X509_getm_notBefore
 X509_gmtime_adj
 X509_issuer_and_serial_cmp
 X509_issuer_and_serial_hash
diff --git a/lib/libcrypto/x509/x509.h b/lib/libcrypto/x509/x509.h
index cda89ac5afb..0cb9e2826ab 100644
--- a/lib/libcrypto/x509/x509.h
+++ b/lib/libcrypto/x509/x509.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.h,v 1.27 2018/02/14 16:18:10 jsing Exp $ */
+/* $OpenBSD: x509.h,v 1.28 2018/02/14 16:57:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -969,6 +969,10 @@ int 		X509_set_subject_name(X509 *x, X509_NAME *name);
 X509_NAME *	X509_get_subject_name(X509 *a);
 int 		X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
 int 		X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
+const ASN1_TIME *X509_get0_notBefore(const X509 *x);
+ASN1_TIME *X509_getm_notBefore(const X509 *x);
+const ASN1_TIME *X509_get0_notAfter(const X509 *x);
+ASN1_TIME *X509_getm_notAfter(const X509 *x);
 int 		X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
 EVP_PKEY *	X509_get_pubkey(X509 *x);
 ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x);
diff --git a/lib/libcrypto/x509/x509_set.c b/lib/libcrypto/x509/x509_set.c
index aeaf1610249..e60d6f967a7 100644
--- a/lib/libcrypto/x509/x509_set.c
+++ b/lib/libcrypto/x509/x509_set.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_set.c,v 1.12 2015/09/30 17:49:59 jsing Exp $ */
+/* $OpenBSD: x509_set.c,v 1.13 2018/02/14 16:57:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -104,17 +104,31 @@ X509_set_issuer_name(X509 *x, X509_NAME *name)
 int
 X509_set_subject_name(X509 *x, X509_NAME *name)
 {
-	if ((x == NULL) || (x->cert_info == NULL))
+	if (x == NULL || x->cert_info == NULL)
 		return (0);
 	return (X509_NAME_set(&x->cert_info->subject, name));
 }
 
+const ASN1_TIME *
+X509_get0_notBefore(const X509 *x)
+{
+	return X509_getm_notBefore(x);
+}
+
+ASN1_TIME *
+X509_getm_notBefore(const X509 *x)
+{
+	if (x == NULL || x->cert_info == NULL || x->cert_info->validity == NULL)
+		return (NULL);
+	return x->cert_info->validity->notBefore;
+}
+
 int
 X509_set_notBefore(X509 *x, const ASN1_TIME *tm)
 {
 	ASN1_TIME *in;
 
-	if ((x == NULL) || (x->cert_info->validity == NULL))
+	if (x == NULL || x->cert_info->validity == NULL)
 		return (0);
 	in = x->cert_info->validity->notBefore;
 	if (in != tm) {
@@ -127,12 +141,26 @@ X509_set_notBefore(X509 *x, const ASN1_TIME *tm)
 	return (in != NULL);
 }
 
+const ASN1_TIME *
+X509_get0_notAfter(const X509 *x)
+{
+	return X509_getm_notAfter(x);
+}
+
+ASN1_TIME *
+X509_getm_notAfter(const X509 *x)
+{
+	if (x == NULL || x->cert_info == NULL || x->cert_info->validity == NULL)
+		return (NULL);
+	return x->cert_info->validity->notAfter;
+}
+
 int
 X509_set_notAfter(X509 *x, const ASN1_TIME *tm)
 {
 	ASN1_TIME *in;
 
-	if ((x == NULL) || (x->cert_info->validity == NULL))
+	if (x == NULL || x->cert_info->validity == NULL)
 		return (0);
 	in = x->cert_info->validity->notAfter;
 	if (in != tm) {