Error or warning when using an expired certificate? #83
Description
Hello! I'm wondering if it would be possible to configure smimesign to error out (or at least display a warning) if the certificate you are using to sign commits has expired. I am trying to implement a system for git signing with shorter-lived developer certificates (30 days) and it would be really helpful if a warning or error message would let developers know that their certificate has expired and they should request a new one.
Currently smimesign will go ahead and sign commits with expired certificates with no output, but then verification fails:
$ git log --show-signature
commit 923459dd4798833eb56f0f376fcd6d0b3fc86e04 (HEAD -> master)
failed to verify signature: x509: certificate has expired or is not yet valid: current time 2021-10-01T13:56:16-05:00 is after 2021-10-01T18:54:21Z
I know we're limited in what git passes to smimesign so i'd be fine to use a wrapper script or command, but would need a command line flag to indicate it should exit with error if the signing certificate is expired.
Let me know your thoughts and I'd be happy to open a PR!