From 8e2bebfadb2f623a14b888441c46cfdd25892fc3 Mon Sep 17 00:00:00 2001 From: Fu Diwei Date: Fri, 22 May 2026 22:39:50 +0800 Subject: [PATCH] refactor: clean code --- internal/domain/certificate.go | 2 +- internal/workflow/engine/executor_bizapply.go | 2 +- pkg/core/deployer/providers/ftp/consts.go | 17 ++++----- pkg/core/deployer/providers/ftp/ftp.go | 4 +-- pkg/core/deployer/providers/local/consts.go | 9 ++--- pkg/core/deployer/providers/local/local.go | 3 +- .../deployer/providers/local/shared/shared.go | 24 ------------- pkg/core/deployer/providers/local/utils.go | 28 --------------- pkg/core/deployer/providers/s3/consts.go | 17 ++++----- pkg/core/deployer/providers/s3/s3.go | 4 +-- pkg/core/deployer/providers/ssh/consts.go | 17 ++++----- pkg/core/deployer/providers/ssh/ssh.go | 4 +-- .../tencentcloud-eo/tencentcloud_eo.go | 2 +- pkg/utils/cert/key/key.go | 4 +-- pkg/utils/cert/pfx/encoder.go | 35 +++++++++++++++++++ 15 files changed, 80 insertions(+), 92 deletions(-) delete mode 100644 pkg/core/deployer/providers/local/shared/shared.go delete mode 100644 pkg/core/deployer/providers/local/utils.go create mode 100644 pkg/utils/cert/pfx/encoder.go diff --git a/internal/domain/certificate.go b/internal/domain/certificate.go index 0965ca9b..f4fddb9c 100644 --- a/internal/domain/certificate.go +++ b/internal/domain/certificate.go @@ -46,7 +46,7 @@ func (c *Certificate) PopulateFromX509(certX509 *x509.Certificate) *Certificate c.ValidityNotAfter = certX509.NotAfter c.ValidityInterval = int32(certX509.NotAfter.Sub(certX509.NotBefore).Seconds()) - keyAlgorithm, keySize, _ := xcertkey.GetPublicKeyAlgorithm(certX509.PublicKey) + keyAlgorithm, keySize, _ := xcertkey.DetectPublicKeyAlgorithm(certX509.PublicKey) switch keyAlgorithm { case x509.RSA: c.KeyAlgorithm = CertificateKeyAlgorithmType(fmt.Sprintf("RSA%d", keySize)) diff --git a/internal/workflow/engine/executor_bizapply.go b/internal/workflow/engine/executor_bizapply.go index 46493244..2f0b9e25 100644 --- a/internal/workflow/engine/executor_bizapply.go +++ b/internal/workflow/engine/executor_bizapply.go @@ -248,7 +248,7 @@ func (ne *bizApplyNodeExecutor) executeObtain(execCtx *NodeExecutionContext, nod if err != nil { return nil, fmt.Errorf("could not parse custom private key: %w", err) } else { - privkeyAlg, privkeySize, _ := xcertkey.GetPrivateKeyAlgorithm(privkey) + privkeyAlg, privkeySize, _ := xcertkey.DetectPrivateKeyAlgorithm(privkey) switch privkeyAlg { case x509.RSA: if nodeCfg.KeyAlgorithm != fmt.Sprintf("RSA%d", privkeySize) { diff --git a/pkg/core/deployer/providers/ftp/consts.go b/pkg/core/deployer/providers/ftp/consts.go index bd118dff..36c76270 100644 --- a/pkg/core/deployer/providers/ftp/consts.go +++ b/pkg/core/deployer/providers/ftp/consts.go @@ -1,18 +1,19 @@ package ftp import ( - "github.com/certimate-go/certimate/pkg/core/deployer/providers/local/shared" + "github.com/certimate-go/certimate/internal/domain" + xcertpfx "github.com/certimate-go/certimate/pkg/utils/cert/pfx" ) const ( - FILE_FORMAT_PEM = shared.FILE_FORMAT_PEM - FILE_FORMAT_PFX = shared.FILE_FORMAT_PFX - FILE_FORMAT_JKS = shared.FILE_FORMAT_JKS + FILE_FORMAT_PEM = string(domain.CertificateFormatTypePEM) + FILE_FORMAT_PFX = string(domain.CertificateFormatTypePFX) + FILE_FORMAT_JKS = string(domain.CertificateFormatTypeJKS) ) const ( - PFX_ENCODER_LEGACYRC2 = shared.PFX_ENCODER_LEGACYRC2 - PFX_ENCODER_LEGACYDES = shared.PFX_ENCODER_LEGACYDES - PFX_ENCODER_MODERN2023 = shared.PFX_ENCODER_MODERN2023 - PFX_ENCODER_MODERN2026 = shared.PFX_ENCODER_MODERN2026 + PFX_ENCODER_LEGACYRC2 = string(xcertpfx.EncoderNameLegacyRC2) + PFX_ENCODER_LEGACYDES = string(xcertpfx.EncoderNameLegacyDES) + PFX_ENCODER_MODERN2023 = string(xcertpfx.EncoderNameModern2023) + PFX_ENCODER_MODERN2026 = string(xcertpfx.EncoderNameModern2026) ) diff --git a/pkg/core/deployer/providers/ftp/ftp.go b/pkg/core/deployer/providers/ftp/ftp.go index 8cee8203..dacaa607 100644 --- a/pkg/core/deployer/providers/ftp/ftp.go +++ b/pkg/core/deployer/providers/ftp/ftp.go @@ -8,8 +8,8 @@ import ( "github.com/certimate-go/certimate/internal/tools/ftp" "github.com/certimate-go/certimate/pkg/core/deployer" - shared "github.com/certimate-go/certimate/pkg/core/deployer/providers/local/shared" xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xcertpfx "github.com/certimate-go/certimate/pkg/utils/cert/pfx" ) type DeployerConfig struct { @@ -155,7 +155,7 @@ func (d *Deployer) Deploy(ctx context.Context, certPEM, privkeyPEM string) (*dep return nil, fmt.Errorf("config `pfxPassword` is required") } - pfxEncoder, err := shared.ResolvePfxEncoder(d.config.PfxEncoder) + pfxEncoder, err := xcertpfx.ResolvePfxEncoder(d.config.PfxEncoder) if err != nil { return nil, fmt.Errorf("config `pfxEncoder` is invalid: %w", err) } diff --git a/pkg/core/deployer/providers/local/consts.go b/pkg/core/deployer/providers/local/consts.go index 1aaf1523..51fa0726 100644 --- a/pkg/core/deployer/providers/local/consts.go +++ b/pkg/core/deployer/providers/local/consts.go @@ -2,6 +2,7 @@ package local import ( "github.com/certimate-go/certimate/internal/domain" + xcertpfx "github.com/certimate-go/certimate/pkg/utils/cert/pfx" ) const ( @@ -17,8 +18,8 @@ const ( ) const ( - PFX_ENCODER_LEGACYRC2 = "LegacyRC2" - PFX_ENCODER_LEGACYDES = "LegacyDES" - PFX_ENCODER_MODERN2023 = "Modern2023" - PFX_ENCODER_MODERN2026 = "Modern2026" + PFX_ENCODER_LEGACYRC2 = string(xcertpfx.EncoderNameLegacyRC2) + PFX_ENCODER_LEGACYDES = string(xcertpfx.EncoderNameLegacyDES) + PFX_ENCODER_MODERN2023 = string(xcertpfx.EncoderNameModern2023) + PFX_ENCODER_MODERN2026 = string(xcertpfx.EncoderNameModern2026) ) diff --git a/pkg/core/deployer/providers/local/local.go b/pkg/core/deployer/providers/local/local.go index 1ba1f730..71e8a2f8 100644 --- a/pkg/core/deployer/providers/local/local.go +++ b/pkg/core/deployer/providers/local/local.go @@ -11,6 +11,7 @@ import ( "github.com/certimate-go/certimate/pkg/core/deployer" xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xcertpfx "github.com/certimate-go/certimate/pkg/utils/cert/pfx" xfile "github.com/certimate-go/certimate/pkg/utils/file" ) @@ -142,7 +143,7 @@ func (d *Deployer) Deploy(ctx context.Context, certPEM, privkeyPEM string) (*dep return nil, fmt.Errorf("config `pfxPassword` is required") } - pfxEncoder, err := ResolvePfxEncoder(d.config.PfxEncoder) + pfxEncoder, err := xcertpfx.ResolvePfxEncoder(d.config.PfxEncoder) if err != nil { return nil, fmt.Errorf("config `pfxEncoder` is invalid: %w", err) } diff --git a/pkg/core/deployer/providers/local/shared/shared.go b/pkg/core/deployer/providers/local/shared/shared.go deleted file mode 100644 index e7696ffa..00000000 --- a/pkg/core/deployer/providers/local/shared/shared.go +++ /dev/null @@ -1,24 +0,0 @@ -package shared - -import ( - "software.sslmate.com/src/go-pkcs12" - - "github.com/certimate-go/certimate/pkg/core/deployer/providers/local" -) - -const ( - FILE_FORMAT_PEM = local.FILE_FORMAT_PEM - FILE_FORMAT_PFX = local.FILE_FORMAT_PFX - FILE_FORMAT_JKS = local.FILE_FORMAT_JKS -) - -const ( - PFX_ENCODER_LEGACYRC2 = local.PFX_ENCODER_LEGACYRC2 - PFX_ENCODER_LEGACYDES = local.PFX_ENCODER_LEGACYDES - PFX_ENCODER_MODERN2023 = local.PFX_ENCODER_MODERN2023 - PFX_ENCODER_MODERN2026 = local.PFX_ENCODER_MODERN2026 -) - -func ResolvePfxEncoder(encoderName string) (*pkcs12.Encoder, error) { - return local.ResolvePfxEncoder(encoderName) -} diff --git a/pkg/core/deployer/providers/local/utils.go b/pkg/core/deployer/providers/local/utils.go deleted file mode 100644 index b5dd17a3..00000000 --- a/pkg/core/deployer/providers/local/utils.go +++ /dev/null @@ -1,28 +0,0 @@ -package local - -import ( - "fmt" - "strings" - - "software.sslmate.com/src/go-pkcs12" -) - -func ResolvePfxEncoder(encoderName string) (*pkcs12.Encoder, error) { - var encoder *pkcs12.Encoder - - if encoderName != "" { - if strings.EqualFold(encoderName, PFX_ENCODER_LEGACYRC2) { - encoder = pkcs12.LegacyRC2 - } else if strings.EqualFold(encoderName, PFX_ENCODER_LEGACYDES) { - encoder = pkcs12.LegacyDES - } else if strings.EqualFold(encoderName, PFX_ENCODER_MODERN2023) { - encoder = pkcs12.Modern2023 - } else if strings.EqualFold(encoderName, PFX_ENCODER_MODERN2026) { - encoder = pkcs12.Modern2026 - } else { - return nil, fmt.Errorf("unsupported encoder name: '%s'", encoderName) - } - } - - return encoder, nil -} diff --git a/pkg/core/deployer/providers/s3/consts.go b/pkg/core/deployer/providers/s3/consts.go index 1964a974..09904110 100644 --- a/pkg/core/deployer/providers/s3/consts.go +++ b/pkg/core/deployer/providers/s3/consts.go @@ -1,18 +1,19 @@ package s3 import ( - "github.com/certimate-go/certimate/pkg/core/deployer/providers/local/shared" + "github.com/certimate-go/certimate/internal/domain" + xcertpfx "github.com/certimate-go/certimate/pkg/utils/cert/pfx" ) const ( - FILE_FORMAT_PEM = shared.FILE_FORMAT_PEM - FILE_FORMAT_PFX = shared.FILE_FORMAT_PFX - FILE_FORMAT_JKS = shared.FILE_FORMAT_JKS + FILE_FORMAT_PEM = string(domain.CertificateFormatTypePEM) + FILE_FORMAT_PFX = string(domain.CertificateFormatTypePFX) + FILE_FORMAT_JKS = string(domain.CertificateFormatTypeJKS) ) const ( - PFX_ENCODER_LEGACYRC2 = shared.PFX_ENCODER_LEGACYRC2 - PFX_ENCODER_LEGACYDES = shared.PFX_ENCODER_LEGACYDES - PFX_ENCODER_MODERN2023 = shared.PFX_ENCODER_MODERN2023 - PFX_ENCODER_MODERN2026 = shared.PFX_ENCODER_MODERN2026 + PFX_ENCODER_LEGACYRC2 = string(xcertpfx.EncoderNameLegacyRC2) + PFX_ENCODER_LEGACYDES = string(xcertpfx.EncoderNameLegacyDES) + PFX_ENCODER_MODERN2023 = string(xcertpfx.EncoderNameModern2023) + PFX_ENCODER_MODERN2026 = string(xcertpfx.EncoderNameModern2026) ) diff --git a/pkg/core/deployer/providers/s3/s3.go b/pkg/core/deployer/providers/s3/s3.go index 092a42e9..df7d3f3a 100644 --- a/pkg/core/deployer/providers/s3/s3.go +++ b/pkg/core/deployer/providers/s3/s3.go @@ -7,8 +7,8 @@ import ( "github.com/certimate-go/certimate/internal/tools/s3" "github.com/certimate-go/certimate/pkg/core/deployer" - "github.com/certimate-go/certimate/pkg/core/deployer/providers/local/shared" xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xcertpfx "github.com/certimate-go/certimate/pkg/utils/cert/pfx" ) type DeployerConfig struct { @@ -137,7 +137,7 @@ func (d *Deployer) Deploy(ctx context.Context, certPEM, privkeyPEM string) (*dep return nil, fmt.Errorf("config `pfxPassword` is required") } - pfxEncoder, err := shared.ResolvePfxEncoder(d.config.PfxEncoder) + pfxEncoder, err := xcertpfx.ResolvePfxEncoder(d.config.PfxEncoder) if err != nil { return nil, fmt.Errorf("config `pfxEncoder` is invalid: %w", err) } diff --git a/pkg/core/deployer/providers/ssh/consts.go b/pkg/core/deployer/providers/ssh/consts.go index 089f54fc..8a8e3745 100644 --- a/pkg/core/deployer/providers/ssh/consts.go +++ b/pkg/core/deployer/providers/ssh/consts.go @@ -1,18 +1,19 @@ package ssh import ( - "github.com/certimate-go/certimate/pkg/core/deployer/providers/local/shared" + "github.com/certimate-go/certimate/internal/domain" + xcertpfx "github.com/certimate-go/certimate/pkg/utils/cert/pfx" ) const ( - FILE_FORMAT_PEM = shared.FILE_FORMAT_PEM - FILE_FORMAT_PFX = shared.FILE_FORMAT_PFX - FILE_FORMAT_JKS = shared.FILE_FORMAT_JKS + FILE_FORMAT_PEM = string(domain.CertificateFormatTypePEM) + FILE_FORMAT_PFX = string(domain.CertificateFormatTypePFX) + FILE_FORMAT_JKS = string(domain.CertificateFormatTypeJKS) ) const ( - PFX_ENCODER_LEGACYRC2 = shared.PFX_ENCODER_LEGACYRC2 - PFX_ENCODER_LEGACYDES = shared.PFX_ENCODER_LEGACYDES - PFX_ENCODER_MODERN2023 = shared.PFX_ENCODER_MODERN2023 - PFX_ENCODER_MODERN2026 = shared.PFX_ENCODER_MODERN2026 + PFX_ENCODER_LEGACYRC2 = string(xcertpfx.EncoderNameLegacyRC2) + PFX_ENCODER_LEGACYDES = string(xcertpfx.EncoderNameLegacyDES) + PFX_ENCODER_MODERN2023 = string(xcertpfx.EncoderNameModern2023) + PFX_ENCODER_MODERN2026 = string(xcertpfx.EncoderNameModern2026) ) diff --git a/pkg/core/deployer/providers/ssh/ssh.go b/pkg/core/deployer/providers/ssh/ssh.go index b12c551b..fa8635ca 100644 --- a/pkg/core/deployer/providers/ssh/ssh.go +++ b/pkg/core/deployer/providers/ssh/ssh.go @@ -8,8 +8,8 @@ import ( "github.com/certimate-go/certimate/internal/tools/ssh" "github.com/certimate-go/certimate/pkg/core/deployer" - "github.com/certimate-go/certimate/pkg/core/deployer/providers/local/shared" xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xcertpfx "github.com/certimate-go/certimate/pkg/utils/cert/pfx" xssh "github.com/certimate-go/certimate/pkg/utils/ssh" ) @@ -173,7 +173,7 @@ func (d *Deployer) Deploy(ctx context.Context, certPEM, privkeyPEM string) (*dep return nil, fmt.Errorf("config `pfxPassword` is required") } - pfxEncoder, err := shared.ResolvePfxEncoder(d.config.PfxEncoder) + pfxEncoder, err := xcertpfx.ResolvePfxEncoder(d.config.PfxEncoder) if err != nil { return nil, fmt.Errorf("config `pfxEncoder` is invalid: %w", err) } diff --git a/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go b/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go index aaa11ec8..e8e57e66 100644 --- a/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go +++ b/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go @@ -193,7 +193,7 @@ func (d *Deployer) Deploy(ctx context.Context, certPEM, privkeyPEM string) (*dep return nil, fmt.Errorf("failed to parse private key: %w", err) } - privkeyAlg, _, _ := xcertkey.GetPrivateKeyAlgorithm(privkey) + privkeyAlg, _, _ := xcertkey.DetectPrivateKeyAlgorithm(privkey) privkeyAlgStr := "" switch privkeyAlg { case x509.RSA: diff --git a/pkg/utils/cert/key/key.go b/pkg/utils/cert/key/key.go index 81ffe343..ae0bf1df 100644 --- a/pkg/utils/cert/key/key.go +++ b/pkg/utils/cert/key/key.go @@ -11,7 +11,7 @@ import ( type KeyAlgorithm = x509.PublicKeyAlgorithm -func GetPublicKeyAlgorithm(pubkey crypto.PublicKey) (_algorithm KeyAlgorithm, _size int, _error error) { +func DetectPublicKeyAlgorithm(pubkey crypto.PublicKey) (_algorithm KeyAlgorithm, _size int, _error error) { switch t := pubkey.(type) { case *rsa.PublicKey: size := t.N.BitLen() @@ -28,7 +28,7 @@ func GetPublicKeyAlgorithm(pubkey crypto.PublicKey) (_algorithm KeyAlgorithm, _s return x509.UnknownPublicKeyAlgorithm, 0, fmt.Errorf("unknown public key type") } -func GetPrivateKeyAlgorithm(privkey crypto.PrivateKey) (_algorithm KeyAlgorithm, _size int, _error error) { +func DetectPrivateKeyAlgorithm(privkey crypto.PrivateKey) (_algorithm KeyAlgorithm, _size int, _error error) { switch t := privkey.(type) { case *rsa.PrivateKey: size := t.N.BitLen() diff --git a/pkg/utils/cert/pfx/encoder.go b/pkg/utils/cert/pfx/encoder.go new file mode 100644 index 00000000..0ee9906c --- /dev/null +++ b/pkg/utils/cert/pfx/encoder.go @@ -0,0 +1,35 @@ +package pfx + +import ( + "fmt" + "strings" + + "software.sslmate.com/src/go-pkcs12" +) + +const ( + EncoderNameLegacyRC2 = "LegacyRC2" + EncoderNameLegacyDES = "LegacyDES" + EncoderNameModern2023 = "Modern2023" + EncoderNameModern2026 = "Modern2026" +) + +func ResolvePfxEncoder(encoderName string) (*pkcs12.Encoder, error) { + var encoder *pkcs12.Encoder + + if encoderName != "" { + if strings.EqualFold(encoderName, EncoderNameLegacyRC2) { + encoder = pkcs12.LegacyRC2 + } else if strings.EqualFold(encoderName, EncoderNameLegacyDES) { + encoder = pkcs12.LegacyDES + } else if strings.EqualFold(encoderName, EncoderNameModern2023) { + encoder = pkcs12.Modern2023 + } else if strings.EqualFold(encoderName, EncoderNameModern2026) { + encoder = pkcs12.Modern2026 + } else { + return nil, fmt.Errorf("unknown encoder name: %s", encoderName) + } + } + + return encoder, nil +}