feat: validate if a cert is expired

italia · Jan 25, 2022 · 905dfa8 · 905dfa8
1 parent 1b89819
commit 905dfa8
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 0 deletions.
diff --git a/spid_compliant_certificates/validator/checks/__init__.py b/spid_compliant_certificates/validator/checks/__init__.py
@@ -30,6 +30,8 @@
     key_usage  # noqa
 from spid_compliant_certificates.validator.checks.subject_dn import \
     subject_dn  # noqa
+from spid_compliant_certificates.validator.checks.time_validity import \
+    not_expired  # noqa
 
 _all_ = [
     'basic_constraints',
@@ -38,4 +40,5 @@
     'key_type_and_size',
     'key_usage',
     'subject_dn',
+    'not_expired'
 ]
diff --git a/spid_compliant_certificates/validator/validate.py b/spid_compliant_certificates/validator/validate.py
@@ -63,6 +63,12 @@ def validate(crt_file: str, sector: str) -> Report:
         'Checking the SubjectDN'
     ))
 
+    # check time 
+    rep.add_test(_do_check(
+        checks.not_expired(crt),
+        'Checking that the certificates is not expired'
+    ))
+
     # check basicConstraints
     _ext_msg = 'Checking basicConstraints x509 extension'
     try: