Merge pull request #1784 from Dokploy/1782-valid-certificate-shows-how-expired

Refactor expiration date extraction logic in certificate utility to i…
This commit is contained in:
Mauricio Siu
2025-04-26 23:38:09 -06:00
committed by GitHub

View File

@@ -13,22 +13,31 @@ export const extractExpirationDate = (certData: string): Date | null => {
bytes[i] = binaryStr.charCodeAt(i); bytes[i] = binaryStr.charCodeAt(i);
} }
let dateFound = 0; // ASN.1 tag for UTCTime is 0x17, GeneralizedTime is 0x18
// We need to find the second occurrence of either tag as it's the "not after" (expiration) date
let dateFound = false;
for (let i = 0; i < bytes.length - 2; i++) { for (let i = 0; i < bytes.length - 2; i++) {
if (bytes[i] === 0x17 || bytes[i] === 0x18) { // Look for sequence containing validity period (0x30)
const dateType = bytes[i]; if (bytes[i] === 0x30) {
const dateLength = bytes[i + 1]; // Check next bytes for UTCTime or GeneralizedTime
if (typeof dateLength === "undefined") continue; let j = i + 1;
while (j < bytes.length - 2) {
if (bytes[j] === 0x17 || bytes[j] === 0x18) {
const dateType = bytes[j];
const dateLength = bytes[j + 1];
if (typeof dateLength === "undefined") break;
if (dateFound === 0) { if (!dateFound) {
dateFound++; // Skip "not before" date
i += dateLength + 1; dateFound = true;
j += dateLength + 2;
continue; continue;
} }
// Found "not after" date
let dateStr = ""; let dateStr = "";
for (let j = 0; j < dateLength; j++) { for (let k = 0; k < dateLength; k++) {
const charCode = bytes[i + 2 + j]; const charCode = bytes[j + 2 + k];
if (typeof charCode === "undefined") continue; if (typeof charCode === "undefined") continue;
dateStr += String.fromCharCode(charCode); dateStr += String.fromCharCode(charCode);
} }
@@ -61,6 +70,9 @@ export const extractExpirationDate = (certData: string): Date | null => {
), ),
); );
} }
j++;
}
}
} }
return null; return null;
} catch (error) { } catch (error) {