From ea7b9e7030cb9a2c1a11fa9e50168daad5d7bb2a Mon Sep 17 00:00:00 2001
From: Emil <emil@vitosha-labs.bg>
Date: Mon, 4 Nov 2024 10:47:23 +0200
Subject: [PATCH] Add ability to use date as certificate expiration

---
 src/mkcert.ts        | 15 ++++++++++-----
 tests/mkcert.test.ts | 26 ++++++++++++++++++++++++++
 2 files changed, 36 insertions(+), 5 deletions(-)

diff --git a/src/mkcert.ts b/src/mkcert.ts
index 7ee7487..0e7479f 100644
--- a/src/mkcert.ts
+++ b/src/mkcert.ts
@@ -11,7 +11,7 @@ type GenerateOptions = {
   subject: pki.CertificateField[];
   issuer: pki.CertificateField[];
   extensions: Record<string, unknown>[];
-  validity: number;
+  validity: number | Date;
   signWith?: string;
 };
 
@@ -31,8 +31,13 @@ async function generateCert(options: GenerateOptions): Promise<Certificate> {
   cert.setIssuer(issuer);
   cert.setExtensions(extensions);
   cert.validity.notBefore = new Date();
-  cert.validity.notAfter = new Date();
-  cert.validity.notAfter.setDate(cert.validity.notAfter.getDate() + validity);
+  // Date object, use it directly
+  if (validity instanceof Date) {
+    cert.validity.notAfter = validity;
+  } else {
+    cert.validity.notAfter = new Date();
+    cert.validity.notAfter.setDate(cert.validity.notAfter.getDate() + validity);
+  }
 
   // sign the certificate with it's own
   // private key if no separate signing key is provided
@@ -50,7 +55,7 @@ export type CertificateAuthorityOptions = {
   countryCode: string;
   state: string;
   locality: string;
-  validity: number;
+  validity: number | Date;
 };
 
 export async function createCA(options: CertificateAuthorityOptions): Promise<Certificate> {
@@ -79,7 +84,7 @@ export async function createCA(options: CertificateAuthorityOptions): Promise<Ce
 
 export type CertificateOptions = {
   domains: string[];
-  validity: number;
+  validity: number | Date;
   organization?: string;
   email?: string;
   ca: Certificate;
diff --git a/tests/mkcert.test.ts b/tests/mkcert.test.ts
index a0dec0c..7ae4ea3 100644
--- a/tests/mkcert.test.ts
+++ b/tests/mkcert.test.ts
@@ -58,3 +58,29 @@ test("Verify Certificate Chain", async () => {
     pki.verifyCertificateChain(caStore, [serverCert]);
   }).not.toThrow();
 });
+
+test("Create Certificate with Date", async () => {
+  const tomorrow = new Date();
+  tomorrow.setDate(tomorrow.getDate() + 1);
+  const seconds_since_epoch = Math.floor(tomorrow.getTime()/1000);
+  const ca_bundle = await mkcert.createCA({
+    organization: "Test CA",
+    countryCode: "NP",
+    state: "Bagmati",
+    locality: "Kathmandu",
+    validity: tomorrow
+  });
+  const ca_cert = pki.certificateFromPem(ca_bundle.cert);
+  expect(ca_cert.validity.notAfter.getTime()).toBe(seconds_since_epoch*1000);
+
+  const tls_bundle = await mkcert.createCert({
+    ca: { key: ca_bundle.key, cert: ca_bundle.cert },
+    domains: ["127.0.0.1", "localhost"],
+    email: "abc@example.com",
+    organization: "Test Cert",
+    validity: tomorrow
+  });
+
+  const cert = pki.certificateFromPem(tls_bundle.cert);
+  expect(cert.validity.notAfter.getTime()).toBe(seconds_since_epoch*1000);
+});
\ No newline at end of file