[tor-commits] [stem/master] Add an is_expired() method to certificates

[atagar at torproject.org]

commit 43e239fad888eb213b0cb22dbff3b34b55fc64f8
Author: Damian Johnson <atagar at torproject.org>
Date:   Sun Mar 26 17:49:07 2017 +0200

    Add an is_expired() method to certificates
    
    Method to check if the certificate is presently expired or not. We should *not*
    consider a certificate to be invalid because it's expired. Stem is used to
    parse past descriptors just as well as current ones. Good thing to be able to
    easily check but doesn't belong in a validate() function.
---
 stem/descriptor/certificate.py      | 10 ++++++++++
 test/unit/descriptor/certificate.py |  1 +
 2 files changed, 11 insertions(+)

diff --git a/stem/descriptor/certificate.py b/stem/descriptor/certificate.py
index 094667d..5d60458 100644
--- a/stem/descriptor/certificate.py
+++ b/stem/descriptor/certificate.py
@@ -177,6 +177,16 @@ class Ed25519CertificateV1(Ed25519Certificate):
     if remaining_data:
       raise ValueError('Ed25519 certificate had %i bytes of unused extension data' % len(remaining_data))
 
+  def is_expired(self):
+    """
+    Checks if this certificate is presently expired or not.
+
+    :returns: **True** if the certificate has expired, **False** otherwise
+    """
+
+    return datetime.datetime.now() > self.expiration
+
+
 
 class Ed25519Extension(collections.namedtuple('Ed25519Extension', ['type', 'flags', 'flag_int', 'data'])):
   """
diff --git a/test/unit/descriptor/certificate.py b/test/unit/descriptor/certificate.py
index 1444a10..57f6643 100644
--- a/test/unit/descriptor/certificate.py
+++ b/test/unit/descriptor/certificate.py
@@ -59,6 +59,7 @@ class TestEd25519Certificate(unittest.TestCase):
     ], cert.extensions)
 
     self.assertEqual(ExtensionType.HAS_SIGNING_KEY, cert.extensions[0].type)
+    self.assertTrue(cert.is_expired())
 
   def test_with_real_cert(self):
     cert = Ed25519Certificate.parse(ED25519_CERT)