32bit time issues with gnutls_x509_crt_[get,set]-*-time
Description of problem:
Originally a bug against the guile bindings (#32 (closed)) but i think it might be an issue with gnutls.
The functions gnutls_x509_crt_get_expiration_time, gnutls_x509_crt_set_expiration_time, gnutls_x509_crt_get_activation_time, gnutls_x509_crt_set_activation_time seem to have troubles using time values greater than 32 bits. Trying to get a time value results in an overflow/underflow, trying to set a value in an error.
I am using a 64bit system.
Version of gnutls used:
3.8.9
Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Verified this on Fedora 41, Debian 13 and others (on x86_64)
How reproducible:
Always
Steps to Reproduce:
I am using my scheme examples from the other bug report, but I verified that this is not an issue with the bindings as the value is already negative before it gets converted to a scheme value
Setting a value:
(use-modules (gnutls))
(let ((cert (make-x509-certificate))
(expiration (expt 2 31)))
(set-x509-certificate-expiration-time! cert expiration))Getting:
The file cert.pem has an expiry date in 2055
(use-modules (gnutls)
(ice-9 binary-ports))
(let* ((data (call-with-input-file "cert.pem" get-bytevector-all))
(cert (import-x509-certificate data x509-certificate-format/pem)))
(format #t "Activation: ~a~%Expiration: ~a~%"
(strftime "%c" (gmtime (x509-certificate-activation-time cert)))
(strftime "%c" (gmtime (x509-certificate-expiration-time cert)))))Similar issues with the activation time
Actual results:
Setting:
An error:
In procedure raise exception:
Value out of range -2147483648 to< 2147483647: 2147483648
Getting
Activation: Fri Feb 21 18:31:34 2025
Expiration: Thu Jan 16 12:03:18 1919Expected results:
Set the date to the correct time.
Get the correct timestamp for expiration/activation.
Interestingly when I use gnutls_x509_crt_print the dates are correct:
Validity:
Not Before: Fri Feb 21 18:31:34 UTC 2025
Not After: Sun Feb 21 18:31:34 UTC 2055