check cert time_boundaries uses pyOpenSSL

I had missed this one while deprecating gnutls
author: kali <kali@leap.se> 2013-01-24 20:07:06 +0900
committer: kali <kali@leap.se> 2013-01-24 20:07:06 +0900
commit: 19da34c598ce6db172c1e1a8978bf031fc6db89b (patch)
tree: 076b8fdcd485faf1c9959c32d88431fcb98ab6b4 /src/leap/crypto/certs.py
parent: 9cdc193c587631986e579c1ba37a8b982be01238 (diff)
1 files changed, 14 insertions, 1 deletions
diff --git a/src/leap/crypto/certs.py b/src/leap/crypto/certs.py
index c2835878..cbb5725a 100644
--- a/src/leap/crypto/certs.py
+++ b/src/leap/crypto/certs.py
@@ -2,7 +2,9 @@ import logging
 import os
 from StringIO import StringIO
 import ssl
+import time
 
+from dateutil.parser import parse
 from OpenSSL import crypto
 
 from leap.util.misc import null_check
@@ -33,7 +35,7 @@ def get_https_cert_from_domain(domain, port=443):
 
 def get_cert_from_file(_file):
     null_check(_file, "pem file")
-    if isinstance(_file, str):
+    if isinstance(_file, (str, unicode)):
         if not os.path.isfile(_file):
             raise NoCertError
         with open(_file) as f:
@@ -97,3 +99,14 @@ def get_cert_fingerprint(domain=None, port=443, filepath=None,
         cert = get_cert_from_file(filepath)
     hex_fpr = cert.digest(hash_type)
     return hex_fpr
+
+
+def get_time_boundaries(certfile):
+    cert = get_cert_from_file(certfile)
+    null_check(cert, 'certificate')
+
+    fromts, tots = (cert.get_notBefore(), cert.get_notAfter())
+    from_, to_ = map(
+        lambda ts: time.gmtime(time.mktime(parse(ts).timetuple())),
+        (fromts, tots))
+    return from_, to_
author	kali <kali@leap.se>	2013-01-24 20:07:06 +0900
committer	kali <kali@leap.se>	2013-01-24 20:07:06 +0900
commit	19da34c598ce6db172c1e1a8978bf031fc6db89b (patch)
tree	076b8fdcd485faf1c9959c32d88431fcb98ab6b4 /src/leap/crypto/certs.py
parent	9cdc193c587631986e579c1ba37a8b982be01238 (diff)