Open tanguilp opened 4 years ago
True, the existing functions around Validity are primarily about creating validity records.
I am working on a major rewrite, where much of the core functionality is handled by Erlang modules, and the Elixir modules are mostly about interworking with Elixir native data types. Validity would be one area where I imagine I'll end up with a rich Elixir interface.
Actually, there is already an undocumented X509.DateTime.to_datetime/1
:
iex(3)> {:Validity, not_before, not_after} = X509.Certificate.validity(cert)
{:Validity, {:utcTime, '181001172413Z'}, {:utcTime, '191130233419Z'}}
iex(4)> X509.DateTime.to_datetime(not_before)
~U[2018-10-01 17:24:13Z]
iex(5)> DateTime.compare(DateTime.utc_now(), X509.DateTime.to_datetime(not_after))
:gt
Don't tell anyone 🤫
Actually it's not conforming with the specification: https://tools.ietf.org/html/rfc5280#section-4.1.2.5.1
Not sure if people were doing X509 in the 60s though :)
I might fix that in the rewrite. Right now Validity encoding, which is a public API, works correctly for dates from 1950 forward. Decoding only works starting from 2000, which is probably why I didn't make it public
(Oops, again that annoying GH keyboard shortcut)
X509 utcTime (and probably other date formats) are not trivial to parse to standard Elixir's
Datetime
. For instance, if YY is > 50 then it's 19xx, otherwise 20xx.It might prove useful to implement helper functions to deal with parsing dates of a
:Validity
record.