from posix import Tm, mktime
import
  openssl,
  openssl_additional,
  times

type
  Certificate* = string

proc getPublicKey*(cert: Certificate): string =
  let x509 = d2i_X509(cert)
  let pubKey = X509_get0_pubkey_bitstr(x509)
  let pubKeyLen = ASN1_STRING_length(pubKey)
  result = newString(pubKeyLen)
  copyMem(addr result[0], ASN1_STRING_get0_data(pubKey), pubKeyLen)
  X509_free(x509)

proc getValidityPeriod*(cert: Certificate): tuple[notBefore: Time, notAfter: Time] =
  let x509 = d2i_X509(cert)
  let notBeforeAsn1 = X509_get0_notBefore(x509)
  let notAfterAsn1 = X509_get0_notAfter(x509)
  var notBeforeTm, notAfterTm: Tm
  discard ASN1_TIME_to_tm(notBeforeAsn1, addr notBeforeTm)
  discard ASN1_TIME_to_tm(notAfterAsn1, addr notAfterTm)
  let notBeforeUnix = cast[int64](mktime(notBeforeTm))
  let notAfterUnix = cast[int64](mktime(notAfterTm))
  result = (fromUnix(notBeforeUnix), fromUnix(notAfterUnix))
  X509_free(x509)