From 8ab4d2955a28a322bc95cc24410aa9ca686badb5 Mon Sep 17 00:00:00 2001
From: Sander Declerck <sander@sdsoftware.be>
Date: Fri, 28 Nov 2025 15:27:40 +0100
Subject: [PATCH] Add debug logs

---
 .../safe-chain/src/registryProxy/certUtils.js | 111 +++++++++---------
 1 file changed, 58 insertions(+), 53 deletions(-)

diff --git a/packages/safe-chain/src/registryProxy/certUtils.js b/packages/safe-chain/src/registryProxy/certUtils.js
index c8f46d6..cb69473 100644
--- a/packages/safe-chain/src/registryProxy/certUtils.js
+++ b/packages/safe-chain/src/registryProxy/certUtils.js
@@ -1,13 +1,14 @@
 import forge from "node-forge";
 import path from "path";
-// import fs from "fs";
+import fs from "fs";
 import os from "os";
+import { ui } from "../environment/userInteraction.js";
 
 // @ts-ignore
 forge.options.usePureJavaScript = true;
 
 const certFolder = path.join(os.homedir(), ".safe-chain", "certs");
-// const ca = loadCa();
+const ca = loadCa();
 
 const certCache = new Map();
 
@@ -35,7 +36,7 @@ export function generateCertForHost(hostname) {
 
   const attrs = [{ name: "commonName", value: hostname }];
   cert.setSubject(attrs);
-  // cert.setIssuer(ca.certificate.subject.attributes);
+  cert.setIssuer(ca.certificate.subject.attributes);
   cert.setExtensions([
     {
       name: "subjectAltName",
@@ -62,7 +63,7 @@ export function generateCertForHost(hostname) {
       serverAuth: true,
     },
   ]);
-  // cert.sign(ca.privateKey, forge.md.sha256.create());
+  cert.sign(ca.privateKey, forge.md.sha256.create());
 
   const result = {
     privateKey: forge.pki.privateKeyToPem(keys.privateKey),
@@ -74,58 +75,62 @@ export function generateCertForHost(hostname) {
   return result;
 }
 
-// function loadCa() {
-//   const keyPath = path.join(certFolder, "ca-key.pem");
-//   const certPath = path.join(certFolder, "ca-cert.pem");
+function loadCa() {
+  const keyPath = path.join(certFolder, "ca-key.pem");
+  const certPath = path.join(certFolder, "ca-cert.pem");
 
-//   if (fs.existsSync(keyPath) && fs.existsSync(certPath)) {
-//     const privateKeyPem = fs.readFileSync(keyPath, "utf8");
-//     const certPem = fs.readFileSync(certPath, "utf8");
-//     const privateKey = forge.pki.privateKeyFromPem(privateKeyPem);
-//     const certificate = forge.pki.certificateFromPem(certPem);
+  if (fs.existsSync(keyPath) && fs.existsSync(certPath)) {
+    const privateKeyPem = fs.readFileSync(keyPath, "utf8");
+    const certPem = fs.readFileSync(certPath, "utf8");
+    const privateKey = forge.pki.privateKeyFromPem(privateKeyPem);
+    const certificate = forge.pki.certificateFromPem(certPem);
 
-//     // Don't return a cert that is valid for less than 1 hour
-//     const oneHourFromNow = new Date(Date.now() + 60 * 60 * 1000);
-//     if (certificate.validity.notAfter > oneHourFromNow) {
-//       return { privateKey, certificate };
-//     }
-//   }
+    // Don't return a cert that is valid for less than 1 hour
+    const oneHourFromNow = new Date(Date.now() + 60 * 60 * 1000);
+    if (certificate.validity.notAfter > oneHourFromNow) {
+      return { privateKey, certificate };
+    }
+  }
 
-//   const { privateKey, certificate } = generateCa();
-//   fs.mkdirSync(certFolder, { recursive: true });
-//   fs.writeFileSync(keyPath, forge.pki.privateKeyToPem(privateKey));
-//   fs.writeFileSync(certPath, forge.pki.certificateToPem(certificate));
-//   return { privateKey, certificate };
-// }
+  const { privateKey, certificate } = generateCa();
+  fs.mkdirSync(certFolder, { recursive: true });
+  fs.writeFileSync(keyPath, forge.pki.privateKeyToPem(privateKey));
+  fs.writeFileSync(certPath, forge.pki.certificateToPem(certificate));
+  return { privateKey, certificate };
+}
 
-// function generateCa() {
-//   const keys = forge.pki.rsa.generateKeyPair(2048);
-//   const cert = forge.pki.createCertificate();
-//   cert.publicKey = keys.publicKey;
-//   cert.serialNumber = "01";
-//   cert.validity.notBefore = new Date();
-//   cert.validity.notAfter = new Date();
-//   cert.validity.notAfter.setDate(cert.validity.notBefore.getDate() + 1);
+function generateCa() {
+  ui.writeInformation("1");
+  const keys = forge.pki.rsa.generateKeyPair(2048);
+  ui.writeInformation("2");
+  const cert = forge.pki.createCertificate();
+  ui.writeInformation("3");
+  cert.publicKey = keys.publicKey;
+  cert.serialNumber = "01";
+  cert.validity.notBefore = new Date();
+  cert.validity.notAfter = new Date();
+  cert.validity.notAfter.setDate(cert.validity.notBefore.getDate() + 1);
 
-//   const attrs = [{ name: "commonName", value: "safe-chain proxy" }];
-//   cert.setSubject(attrs);
-//   cert.setIssuer(attrs);
-//   cert.setExtensions([
-//     {
-//       name: "basicConstraints",
-//       cA: true,
-//     },
-//     {
-//       name: "keyUsage",
-//       keyCertSign: true,
-//       digitalSignature: true,
-//       keyEncipherment: true,
-//     },
-//   ]);
-//   cert.sign(keys.privateKey, forge.md.sha256.create());
+  const attrs = [{ name: "commonName", value: "safe-chain proxy" }];
+  cert.setSubject(attrs);
+  cert.setIssuer(attrs);
+  cert.setExtensions([
+    {
+      name: "basicConstraints",
+      cA: true,
+    },
+    {
+      name: "keyUsage",
+      keyCertSign: true,
+      digitalSignature: true,
+      keyEncipherment: true,
+    },
+  ]);
+  cert.sign(keys.privateKey, forge.md.sha256.create());
+  ui.writeInformation("4");
 
-//   return {
-//     privateKey: keys.privateKey,
-//     certificate: cert,
-//   };
-// }
+  return {
+    privateKey: keys.privateKey,
+    certificate: cert,
+  };
+}