From 5198b85df95c5b8bfbca37bbe59cc3c83c965988 Mon Sep 17 00:00:00 2001
From: Laurence Withers <l@lwithers.me.uk>
Date: Sat, 29 Apr 2023 12:02:33 +0100
Subject: [PATCH] cmd/ca: copy CSR to audit dir when signing

---
 cmd/ca/sign.go | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/cmd/ca/sign.go b/cmd/ca/sign.go
index d32648a..1efa318 100644
--- a/cmd/ca/sign.go
+++ b/cmd/ca/sign.go
@@ -6,6 +6,7 @@ import (
 	"encoding/pem"
 	"fmt"
 	"os"
+	"path/filepath"
 	"time"
 
 	"github.com/spf13/cobra"
@@ -71,10 +72,13 @@ func Sign(cmd *cobra.Command, args []string) {
 		Bytes: cert.Raw,
 	})
 
-	// TODO: copy CSR to audit dir
-	_ = auditDir
+	// copy CSR to audit dir
+	os.WriteFile(filepath.Join(auditDir, "csr.pem"), pem.EncodeToMemory(&pem.Block{
+		Type:  pemfile.TypeX509CSR,
+		Bytes: csr.Raw,
+	}), 0600)
 
-	// write CSR to output file
+	// write cert to output file
 	switch outputFilename {
 	case "", "-":
 		os.Stdout.Write(raw)