From f375ecdce3586627c81665307b8f959abfddb769 Mon Sep 17 00:00:00 2001
From: Niall Sheridan <nsheridan@gmail.com>
Date: Sat, 20 Aug 2016 20:21:43 +0100
Subject: Add key expiry time to the comment

---
 cmd/cashier/client_test.go | 9 +++++++++
 cmd/cashier/main.go        | 8 +++++---
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/cmd/cashier/client_test.go b/cmd/cashier/client_test.go
index b82d78f..dcf674b 100644
--- a/cmd/cashier/client_test.go
+++ b/cmd/cashier/client_test.go
@@ -9,6 +9,7 @@ import (
 	"net/http"
 	"net/http/httptest"
 	"testing"
+	"time"
 
 	"github.com/nsheridan/cashier/lib"
 	"github.com/nsheridan/cashier/testdata"
@@ -22,6 +23,7 @@ func TestLoadCert(t *testing.T) {
 	key := priv.(*rsa.PrivateKey)
 	pub, _ := ssh.NewPublicKey(&key.PublicKey)
 	c := &ssh.Certificate{
+		KeyId:       "test_key_12345",
 		Key:         pub,
 		CertType:    ssh.UserCert,
 		ValidBefore: ssh.CertTimeInfinity,
@@ -46,6 +48,13 @@ func TestLoadCert(t *testing.T) {
 	if !bytes.Equal(listedKeys[0].Marshal(), c.Marshal()) {
 		t.Fatal("Certs not equal")
 	}
+	for _, k := range listedKeys {
+		exp := time.Unix(int64(c.ValidBefore), 0).String()
+		want := fmt.Sprintf("%s [Expires %s]", c.KeyId, exp)
+		if k.Comment != want {
+			t.Errorf("key comment:\nwanted:%s\ngot: %s", want, k.Comment)
+		}
+	}
 }
 
 func TestSignGood(t *testing.T) {
diff --git a/cmd/cashier/main.go b/cmd/cashier/main.go
index 047c13e..72355e3 100644
--- a/cmd/cashier/main.go
+++ b/cmd/cashier/main.go
@@ -32,11 +32,13 @@ var (
 )
 
 func installCert(a agent.Agent, cert *ssh.Certificate, key key) error {
-	lifetime := time.Unix(int64(cert.ValidBefore), 0).Sub(time.Now()).Seconds()
+	t := time.Unix(int64(cert.ValidBefore), 0)
+	lifetime := t.Sub(time.Now()).Seconds()
+	comment := fmt.Sprintf("%s [Expires %s]", cert.KeyId, t)
 	pubcert := agent.AddedKey{
 		PrivateKey:   key,
 		Certificate:  cert,
-		Comment:      cert.KeyId,
+		Comment:      comment,
 		LifetimeSecs: uint32(lifetime),
 	}
 	if err := a.Add(pubcert); err != nil {
@@ -44,7 +46,7 @@ func installCert(a agent.Agent, cert *ssh.Certificate, key key) error {
 	}
 	privkey := agent.AddedKey{
 		PrivateKey:   key,
-		Comment:      cert.KeyId,
+		Comment:      comment,
 		LifetimeSecs: uint32(lifetime),
 	}
 	if err := a.Add(privkey); err != nil {
-- 
cgit v1.2.3