return not_after (expiry) when uploading a pushcert (#79)

micromdm · Jul 11, 2023 · 65daeb8 · 65daeb8
1 parent 7bb79f5
commit 65daeb8
Showing 1 changed file with 15 additions and 6 deletions.
diff --git a/http/api/api.go b/http/api/api.go
@@ -11,6 +11,7 @@ import (
 	"fmt"
 	"net/http"
 	"strings"
+	"time"
 
 	"github.com/micromdm/nanomdm/cryptoutil"
 	mdmhttp "github.com/micromdm/nanomdm/http"
@@ -302,24 +303,32 @@ func StorePushCertHandler(storage storage.PushCertStore, logger log.Logger) http
 			http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
 			return
 		}
-		cert, key, err := readPEMCertAndKey(b)
+		certPEM, keyPEM, err := readPEMCertAndKey(b)
 		if err == nil {
 			// sanity check the provided cert and key to make sure they're usable as a pair.
-			_, err = tls.X509KeyPair(cert, key)
+			_, err = tls.X509KeyPair(certPEM, keyPEM)
+		}
+		var cert *x509.Certificate
+		if err == nil {
+			cert, err = cryptoutil.DecodePEMCertificate(certPEM)
 		}
 		var topic string
 		if err == nil {
-			topic, err = cryptoutil.TopicFromPEMCert(cert)
+			topic, err = cryptoutil.TopicFromCert(cert)
 		}
 		if err == nil {
-			err = storage.StorePushCert(r.Context(), cert, key)
+			err = storage.StorePushCert(r.Context(), certPEM, keyPEM)
 		}
 		output := &struct {
-			Error string `json:"error,omitempty"`
-			Topic string `json:"topic,omitempty"`
+			Error    string    `json:"error,omitempty"`
+			Topic    string    `json:"topic,omitempty"`
+			NotAfter time.Time `json:"not_after,omitempty"`
 		}{
 			Topic: topic,
 		}
+		if cert != nil {
+			output.NotAfter = cert.NotAfter
+		}
 		if err != nil {
 			logger.Info("msg", "store push cert", "err", err)
 			output.Error = err.Error()