Check "Not before" date

mreinstein / alexa-verifier

✓ Verify HTTP requests sent to an Alexa skill are sent from Amazon

MIT License

76 stars 23 forks source link

Check "Not before" date #25

Closed navzam closed 7 years ago

navzam commented 7 years ago

Fixes issue #23

Main changes:

Added check for Not Before date in certificate
Modified existing Not After test to adopt new error message

I haven't added a test for this Not Before check yet. It looks like the Not After test uses an old certificate, which makes sense. Unfortunately we can't use a future certificate for a Not Before test :) I guess we have to build out a fake certificate. Ideas welcome.

mreinstein commented 7 years ago

@navzam looks like a good start! I've added some feedback on very minor changes.

dblock commented 7 years ago

Maybe stubbing new Date() would allow a test for this.

navzam commented 7 years ago

Maybe we could create an invalid cert with a future Not Before date. Similar to how this test creates one.