Commit 02b7653

mo <mo.khan@gmail.com>
2018-02-15 17:02:58
add expired? and active?
main
1 parent 33086f9
Changed files (3)
lib
xml
kit
certificate.rb
self_signed_certificate.rb
spec
xml
certificate_spec.rb
lib/xml/kit/certificate.rb
@@ -90,24 +90,35 @@ module Xml
         KeyPair.new(x509.to_pem, private_key.to_s, passphrase, use)
       end
 
-      def self.to_x509(value)
-        value = Base64.decode64(strip(value)) if base64?(value)
-        return value if value.is_a?(OpenSSL::X509::Certificate)
-        OpenSSL::X509::Certificate.new(value)
+      def expired?(time = Time.now)
+        x509.not_after <= time
       end
 
-      def self.base64?(value)
-        return unless value.is_a?(String)
-
-        sanitized_value = strip(value)
-        !!sanitized_value.match(BASE64_FORMAT)
+      def active?(time)
+        x509.not_before <= time && x509.not_after > time
       end
 
-      def self.strip(value)
-        value.
-          gsub(BEGIN_CERT, '').
-          gsub(END_CERT, '').
-          gsub(/[\r\n]|\\r|\\n|\s/, "")
+      class << self
+        def to_x509(value)
+          return value if value.is_a?(OpenSSL::X509::Certificate)
+
+          value = Base64.decode64(strip(value)) if base64?(value)
+          OpenSSL::X509::Certificate.new(value)
+        end
+
+        def base64?(value)
+          return unless value.is_a?(String)
+
+          sanitized_value = strip(value)
+          !!sanitized_value.match(BASE64_FORMAT)
+        end
+
+        def strip(value)
+          value.
+            gsub(BEGIN_CERT, '').
+            gsub(END_CERT, '').
+            gsub(/[\r\n]|\\r|\\n|\s/, "")
+        end
       end
     end
   end
lib/xml/kit/self_signed_certificate.rb
@@ -1,7 +1,7 @@
 module Xml
   module Kit
     class SelfSignedCertificate
-      SUBJECT="/C=CA/ST=Alberta/L=Calgary/O=XmlKit/OU=XmlKit/CN=XmlKit"
+      SUBJECT="/C=CA/ST=AB/L=Calgary/O=XmlKit/OU=XmlKit/CN=XmlKit"
 
       def create(algorithm: 'AES-256-CBC', passphrase: nil, key_pair: OpenSSL::PKey::RSA.new(2048))
         certificate = certificate_for(key_pair.public_key)
spec/xml/certificate_spec.rb
@@ -74,4 +74,51 @@ RSpec.describe Xml::Kit::Certificate do
       expect(actual.to_s).to eql(expected.to_s)
     end
   end
+
+  describe "#expired?" do
+    let(:certificate) { OpenSSL::X509::Certificate.new }
+
+    it 'returns false, when the certificate has not expired yet' do
+      certificate.not_before = 1.minute.ago
+      certificate.not_after = 10.minutes.from_now
+
+      subject = described_class.new(certificate, use: :signing)
+      expect(subject.expired?(Time.now)).to be_falsey
+    end
+
+    it 'returns true, when the current time is after the time of expiration' do
+      certificate.not_before = 10.minutes.ago
+      certificate.not_after = 1.minute.ago
+
+      subject = described_class.new(certificate, use: :signing)
+      expect(subject.expired?(Time.now)).to be_truthy
+    end
+  end
+
+  describe "#active?" do
+    let(:certificate) { OpenSSL::X509::Certificate.new }
+    subject { described_class.new(certificate, use: :signing) }
+
+    context "when the current time is within the active window" do
+      before :each do
+        certificate.not_before = 1.minute.ago
+        certificate.not_after = 10.minutes.from_now
+      end
+
+      it 'is active' do
+        expect(subject.active?(Time.now)).to be_truthy
+      end
+    end
+
+    context "when the current time is before the active window" do
+      before :each do
+        certificate.not_before = 1.minute.from_now
+        certificate.not_after = 10.minutes.from_now
+      end
+
+      it 'is not active' do
+        expect(subject.active?(Time.now)).to be_falsey
+      end
+    end
+  end
 end