it

2025-09-15 13:35:58 +02:00
parent a261d706c8
commit 51902e3155
14 changed files with 382 additions and 171 deletions
--- a/providers/crtsh_provider.py
+++ b/providers/crtsh_provider.py
@@ -541,7 +541,8 @@ class CrtShProvider(BaseProvider):
                'expires_soon_count': 0,
                'unique_issuers': [],
                'latest_certificate': None,
-                'has_valid_cert': False
+                'has_valid_cert': False,
+                'certificate_details': []  # Always include empty list
            }
        
        valid_count = sum(1 for cert in certificates if cert.get('is_currently_valid'))
@@ -565,6 +566,13 @@ class CrtShProvider(BaseProvider):
            except Exception:
                continue
        
+        # Sort certificates by date for better display (newest first)
+        sorted_certificates = sorted(
+            certificates, 
+            key=lambda c: self._get_certificate_sort_date(c), 
+            reverse=True
+        )
+        
        return {
            'total_certificates': len(certificates),
            'valid_certificates': valid_count,
@@ -573,9 +581,35 @@ class CrtShProvider(BaseProvider):
            'unique_issuers': unique_issuers,
            'latest_certificate': latest_cert,
            'has_valid_cert': valid_count > 0,
-            'certificate_details': certificates  # Full details for forensic analysis
+            'certificate_details': sorted_certificates  # Include full certificate details
        }

+    def _get_certificate_sort_date(self, cert: Dict[str, Any]) -> datetime:
+        """
+        Get a sortable date from certificate data for chronological ordering.
+        
+        Args:
+            cert: Certificate metadata dictionary
+            
+        Returns:
+            Datetime object for sorting (falls back to epoch if parsing fails)
+        """
+        try:
+            # Try not_before first (issue date)
+            if cert.get('not_before'):
+                return self._parse_certificate_date(cert['not_before'])
+            
+            # Fall back to entry_timestamp if available
+            if cert.get('entry_timestamp'):
+                return self._parse_certificate_date(cert['entry_timestamp'])
+                
+            # Last resort - return a very old date for certificates without dates
+            return datetime(1970, 1, 1, tzinfo=timezone.utc)
+            
+        except Exception:
+            # If all parsing fails, return epoch
+            return datetime(1970, 1, 1, tzinfo=timezone.utc)
+
    def _calculate_domain_relationship_confidence(self, domain1: str, domain2: str, 
                                                shared_certificates: List[Dict[str, Any]],
                                                all_discovered_domains: Set[str]) -> float: