From 3b1c39413ba0b478bac55fc50aa645e438e90907 Mon Sep 17 00:00:00 2001
From: Rasmus Dahlberg <rasmus@rgdd.se>
Date: Fri, 3 Jan 2025 15:52:34 +0100
Subject: Store parsed DER certificates for matching entries

For convenience.  For example, now one can debug issues like this:

    openssl x509 -inform DER -in /path/to/crt.der -text -noout
---
 pkg/storage/index/index.go | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'pkg/storage')

diff --git a/pkg/storage/index/index.go b/pkg/storage/index/index.go
index 36a9334..0056565 100644
--- a/pkg/storage/index/index.go
+++ b/pkg/storage/index/index.go
@@ -78,8 +78,11 @@ func (ix *Index) AddEntries(logID [sha256.Size]byte, entries []monitor.LogEntry)
 		if !ix.mem.addEntry(crtID, path) {
 			return nil // duplicate
 		}
-
-		return ioutil.CommitJSON(path, entry)
+		if err := ioutil.CommitJSON(path, entry); err != nil {
+			return err
+		}
+		path = fmt.Sprintf("%s/%x-%d.der", ix.cfg.MatchDirectory, logID[:], entry.LeafIndex)
+		return ioutil.CommitData(path, crt.Raw)
 	}
 
 	for _, entry := range entries {
-- 
cgit v1.2.3