Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x509af_notafter and x509af_notbefore yielding vague data #697

Open
sampatti37 opened this issue Jun 13, 2024 · 0 comments
Open

x509af_notafter and x509af_notbefore yielding vague data #697

sampatti37 opened this issue Jun 13, 2024 · 0 comments
Labels
bug

Comments

@sampatti37
Copy link

When analyzing a PCAP with a TLS certificate, you are not able to access the Not Before and Not After time of the cert. You have two options according to the methods for a cert which are:

packet.tls.x509af_notbefore/packet.tls.x509af_notafter

OR

packet.tls.x509af_validity_element

The first option provides '0' for both which is the value corresponding to the time being in utc time.
The second option yields the string 'validity'.

The only option I have found is packet.tls.x509af_utctime but this only yields the Not Before time, still leaving the Not After time unable to be accessed.
@sampatti37 sampatti37 added the bug label Jun 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sampatti37