Commit f375ecdc authored by Niall Sheridan's avatar Niall Sheridan
Browse files

Add key expiry time to the comment

parent 121e6591
......@@ -9,6 +9,7 @@ import (
"net/http"
"net/http/httptest"
"testing"
"time"
"github.com/nsheridan/cashier/lib"
"github.com/nsheridan/cashier/testdata"
......@@ -22,6 +23,7 @@ func TestLoadCert(t *testing.T) {
key := priv.(*rsa.PrivateKey)
pub, _ := ssh.NewPublicKey(&key.PublicKey)
c := &ssh.Certificate{
KeyId: "test_key_12345",
Key: pub,
CertType: ssh.UserCert,
ValidBefore: ssh.CertTimeInfinity,
......@@ -46,6 +48,13 @@ func TestLoadCert(t *testing.T) {
if !bytes.Equal(listedKeys[0].Marshal(), c.Marshal()) {
t.Fatal("Certs not equal")
}
for _, k := range listedKeys {
exp := time.Unix(int64(c.ValidBefore), 0).String()
want := fmt.Sprintf("%s [Expires %s]", c.KeyId, exp)
if k.Comment != want {
t.Errorf("key comment:\nwanted:%s\ngot: %s", want, k.Comment)
}
}
}
func TestSignGood(t *testing.T) {
......
......@@ -32,11 +32,13 @@ var (
)
func installCert(a agent.Agent, cert *ssh.Certificate, key key) error {
lifetime := time.Unix(int64(cert.ValidBefore), 0).Sub(time.Now()).Seconds()
t := time.Unix(int64(cert.ValidBefore), 0)
lifetime := t.Sub(time.Now()).Seconds()
comment := fmt.Sprintf("%s [Expires %s]", cert.KeyId, t)
pubcert := agent.AddedKey{
PrivateKey: key,
Certificate: cert,
Comment: cert.KeyId,
Comment: comment,
LifetimeSecs: uint32(lifetime),
}
if err := a.Add(pubcert); err != nil {
......@@ -44,7 +46,7 @@ func installCert(a agent.Agent, cert *ssh.Certificate, key key) error {
}
privkey := agent.AddedKey{
PrivateKey: key,
Comment: cert.KeyId,
Comment: comment,
LifetimeSecs: uint32(lifetime),
}
if err := a.Add(privkey); err != nil {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment