Fix getExpirationDate breaking when the certificate is expired

MatteoPologruto · MatteoPologruto · commit 4285c046a635 · 2024-05-09T16:04:37.000+02:00
diff --git a/certificates/certificates.go b/certificates/certificates.go
@@ -271,11 +271,10 @@ func DeleteCertificates(certDir *paths.Path) {
 // IsExpired checks if a certificate is expired or about to expire (less than 1 month)
 func IsExpired() (bool, error) {
 	bound := time.Now().AddDate(0, 1, 0)
-	dateS, err := GetExpirationDate()
+	date, err := GetExpirationDate()
 	if err != nil {
 		return false, err
 	}
-	date, _ := time.Parse(time.DateTime, dateS)
 	return date.Before(bound), nil
 }
 
diff --git a/certificates/install_darwin.go b/certificates/install_darwin.go
@@ -111,11 +111,11 @@ const char *getExpirationDate(char *expirationDate){
     }
 
     // Get data from the certificate. We just need the "invalidity date" property.
-    CFDictionaryRef valuesDict = SecCertificateCopyValues(cert, (__bridge CFArrayRef)@[(__bridge id)kSecOIDInvalidityDate], NULL);
+    CFDictionaryRef valuesDict = SecCertificateCopyValues(cert, (__bridge CFArrayRef)@[(__bridge id)kSecOIDX509V1ValidityNotAfter], NULL);
 
     id expirationDateValue;
     if(valuesDict){
-        CFDictionaryRef invalidityDateDictionaryRef = CFDictionaryGetValue(valuesDict, kSecOIDInvalidityDate);
+        CFDictionaryRef invalidityDateDictionaryRef = CFDictionaryGetValue(valuesDict, kSecOIDX509V1ValidityNotAfter);
         if(invalidityDateDictionaryRef){
             CFTypeRef invalidityRef = CFDictionaryGetValue(invalidityDateDictionaryRef, kSecPropertyKeyValue);
             if(invalidityRef){
@@ -173,7 +173,8 @@ const char *certInKeychain() {
 import "C"
 import (
 	"errors"
-	"strings"
+	"strconv"
+	"time"
 	"unsafe"
 
 	log "github.com/sirupsen/logrus"
@@ -212,7 +213,7 @@ func UninstallCertificates() error {
 }
 
 // GetExpirationDate returns the expiration date of a certificate stored in the keychain
-func GetExpirationDate() (string, error) {
+func GetExpirationDate() (time.Time, error) {
 	log.Infof("Retrieving certificate's expiration date")
 	dateString := C.CString("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA") // 32 characters string
 	defer C.free(unsafe.Pointer(dateString))
@@ -222,8 +223,8 @@ func GetExpirationDate() (string, error) {
 		utilities.UserPrompt(s, "\"OK\"", "OK", "Arduino Agent: Error retrieving expiration date")
 		return "", errors.New(s)
 	}
-	date := C.GoString(dateString)
-	return strings.ReplaceAll(date, " +0000", ""), nil
+	dateValue, _ := strconv.Atoi(C.GoString(dateString))
+	return time.Unix(dateValue, 0).AddDate(31, 0, 0), nil
 }
 
 // GetDefaultBrowserName returns the name of the default browser
diff --git a/certificates/install_default.go b/certificates/install_default.go
@@ -19,6 +19,7 @@ package certificates
 
 import (
 	"errors"
+	"time"
 
 	log "github.com/sirupsen/logrus"
 
@@ -38,9 +39,9 @@ func UninstallCertificates() error {
 }
 
 // GetExpirationDate won't do anything on unsupported Operative Systems
-func GetExpirationDate() (string, error) {
+func GetExpirationDate() (time.Time, error) {
 	log.Warn("platform not supported for retrieving certificates expiration date")
-	return "", errors.New("platform not supported for retrieving certificates expiration date")
+	return time.Time{}, errors.New("platform not supported for retrieving certificates expiration date")
 }
 
 // GetDefaultBrowserName won't do anything on unsupported Operative Systems
diff --git a/systray/systray_real.go b/systray/systray_real.go
@@ -22,6 +22,7 @@ package systray
 import (
 	"os"
 	"runtime"
+	"time"
 
 	"fyne.io/systray"
 	cert "github.com/arduino/arduino-create-agent/certificates"
@@ -102,7 +103,7 @@ func (s *Systray) start() {
 					if err != nil {
 						log.Errorf("cannot get certificates expiration date, something went wrong: %s", err)
 					}
-					infoMsg = infoMsg + "- Certificate installed: Yes\n- Certificate trusted: Yes\n- Certificate expiration date: " + expDate
+					infoMsg = infoMsg + "- Certificate installed: Yes\n- Certificate trusted: Yes\n- Certificate expiration date: " + expDate.Format(time.DateTime)
 					buttons = "{\"OK\", \"Uninstall the certificate for Safari\"}"
 					defaultButton = "Uninstall the certificate for Safari"
 					pressedButton := utilities.UserPrompt(infoMsg, buttons, defaultButton, "Arduino Agent: Manage HTTPS certificate")

Original file line number	Diff line number	Diff line change
`@@ -271,11 +271,10 @@ func DeleteCertificates(certDir *paths.Path) {`
`271`	`271`	`// IsExpired checks if a certificate is expired or about to expire (less than 1 month)`
`272`	`272`	`func IsExpired() (bool, error) {`
`273`	`273`	`bound := time.Now().AddDate(0, 1, 0)`
`274`		`- dateS, err := GetExpirationDate()`
	`274`	`+ date, err := GetExpirationDate()`
`275`	`275`	`if err != nil {`
`276`	`276`	`return false, err`
`277`	`277`	`}`
`278`		`- date, _ := time.Parse(time.DateTime, dateS)`
`279`	`278`	`return date.Before(bound), nil`
`280`	`279`	`}`
`281`	`280`
Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,7 @@ package certificates`
`19`	`19`
`20`	`20`	`import (`
`21`	`21`	`"errors"`
	`22`	`+ "time"`
`22`	`23`
`23`	`24`	`log "github.com/sirupsen/logrus"`
`24`	`25`
`@@ -38,9 +39,9 @@ func UninstallCertificates() error {`
`38`	`39`	`}`
`39`	`40`
`40`	`41`	`// GetExpirationDate won't do anything on unsupported Operative Systems`
`41`		`-func GetExpirationDate() (string, error) {`
	`42`	`+func GetExpirationDate() (time.Time, error) {`
`42`	`43`	`log.Warn("platform not supported for retrieving certificates expiration date")`
`43`		`- return "", errors.New("platform not supported for retrieving certificates expiration date")`
	`44`	`+ return time.Time{}, errors.New("platform not supported for retrieving certificates expiration date")`
`44`	`45`	`}`
`45`	`46`
`46`	`47`	`// GetDefaultBrowserName won't do anything on unsupported Operative Systems`