From 9696f950436dd5488cc95d19c056f7eed4a9ee23 Mon Sep 17 00:00:00 2001
From: Slawek Koszewski <slawek@koszewscy.waw.pl>
Date: Mon, 28 Jul 2025 06:40:17 +0200
Subject: [PATCH] Few manual optimizations and corrections of AI generated
 code.

---
 ca.go | 30 ++++++++++++++++--------------
 1 file changed, 16 insertions(+), 14 deletions(-)

diff --git a/ca.go b/ca.go
index 6ccd2ac..52392db 100644
--- a/ca.go
+++ b/ca.go
@@ -348,9 +348,16 @@ func InitCA(overwrite bool) error {
 // Helper: issue a single certificate and key, save to files, return error if any
 func issueSingleCertificate(def CertificateDefinition, overwrite, verbose bool) error {
 	// Validate Name
-	if !isValidName(def.Name) {
+
+	isValidName, err := regexp.MatchString(`^[A-Za-z0-9_-]+$`, def.Name)
+	if err != nil {
+		return fmt.Errorf("error validating certificate name: %v", err)
+	}
+
+	if !isValidName {
 		return fmt.Errorf("certificate name must be specified and contain only letters, numbers, dash, or underscore")
 	}
+
 	// Initialize Subject if not specified
 	if def.Subject == "" {
 		def.Subject = def.Name
@@ -372,13 +379,14 @@ func issueSingleCertificate(def CertificateDefinition, overwrite, verbose bool)
 	}
 
 	var validityDur time.Duration
-	if def.Validity != "" {
-		validityDur, err = parseValidity(def.Validity)
-		if err != nil {
-			return fmt.Errorf("invalid validity value: %v", err)
-		}
-	} else {
-		validityDur = 365 * 24 * time.Hour // default 1 year
+	validity := def.Validity
+	if validity == "" {
+		validity = "1y"
+	}
+
+	validityDur, err = parseValidity(validity)
+	if err != nil {
+		return fmt.Errorf("invalid validity value: %v", err)
 	}
 
 	var subjectPKIX pkix.Name
@@ -658,9 +666,3 @@ func optionalSlice(s string) []string {
 	}
 	return []string{s}
 }
-
-// Helper: validate certificate name using regex
-func isValidName(name string) bool {
-	matched, _ := regexp.MatchString(`^[A-Za-z0-9_-]+$`, name)
-	return matched
-}