Saturday, January 27, 2018

Extra space in openssl CLI output for notAfter/enddate

Leave a Comment

I am getting extra space in enddate output of this command:

$ export IP=google.com;  nc -z -w 3 $IP 443 && (echo | openssl s_client - connect $IP:443 2>/dev/null | openssl x509 -noout -enddate) Connection to google.com port 443 [tcp/https] succeeded! notAfter=Apr  4 09:40:00 2018 GMT 

Note two spaces between Apr and 4 in notAfter= line.

That is the case for both versions I have on laptop and on Linux server:

$ openssl version LibreSSL 2.2.7 $ openssl version OpenSSL 1.0.1f 6 Jan 2014 

Is that bug? I will try to report in https://github.com/openssl/openssl/issues

Here we go:

https://github.com/openssl/openssl/issues/5107

https://github.com/libressl-portable/portable/issues/382

1 Answers

Answers 1

This is intentional behavior from ASN1_TIME_print(), to use a fixed number of characters for the day representation. If the day number is less than 10, it still takes up two columns, with the first one being filled as a space. This is friendly to automated tooling parsers even if it is a little jarring for the human eye. I don't think it's appropriate to change ASN1_TIME_print()'s behavior because it is used in more places than just this.

From https://github.com/kaduk

https://github.com/openssl/openssl/issues/5107#issuecomment-358746180

If You Enjoyed This, Take 5 Seconds To Share It

0 comments:

Post a Comment