fix: parse ssl certificate error #270

0xJacky · Feb 6, 2024 · 371472e · 371472e
1 parent e1c38e2
commit 371472e
Show file tree

Hide file tree

Showing 5 changed files with 16 additions and 17 deletions.
diff --git a/api/certificate/certificate.go b/api/certificate/certificate.go
@@ -25,7 +25,7 @@ func Transformer(certModel *model.Cert) (certificate *APICertificate) {
 	if certModel.SSLCertificatePath != "" {
 		if _, err := os.Stat(certModel.SSLCertificatePath); err == nil {
 			sslCertificationBytes, _ = os.ReadFile(certModel.SSLCertificatePath)
-			if !cert.IsPublicKey(string(sslCertificationBytes)) {
+			if !cert.IsCertificate(string(sslCertificationBytes)) {
 				sslCertificationBytes = []byte{}
 			}
 		}
@@ -77,9 +77,9 @@ func GetCert(c *gin.Context) {
 
 type certJson struct {
 	Name                  string `json:"name" binding:"required"`
-	SSLCertificatePath    string `json:"ssl_certificate_path" binding:"required,publickey_path"`
+	SSLCertificatePath    string `json:"ssl_certificate_path" binding:"required,certificate_path"`
 	SSLCertificateKeyPath string `json:"ssl_certificate_key_path" binding:"required,privatekey_path"`
-	SSLCertificate        string `json:"ssl_certificate" binding:"omitempty,publickey"`
+	SSLCertificate        string `json:"ssl_certificate" binding:"omitempty,certificate"`
 	SSLCertificateKey     string `json:"ssl_certificate_key" binding:"omitempty,privatekey"`
 	ChallengeMethod       string `json:"challenge_method"`
 	DnsCredentialID       int    `json:"dns_credential_id"`

diff --git a/app/src/views/certificate/CertificateEditor.vue b/app/src/views/certificate/CertificateEditor.vue
@@ -164,7 +164,7 @@ const isManaged = computed(() => {
             :label="$gettext('SSL Certificate Path')"
             :validate-status="errors.ssl_certificate_path ? 'error' : ''"
             :help="errors.ssl_certificate_path === 'required' ? $gettext('This field is required')
-              : errors.ssl_certificate_path === 'publickey_path'
+              : errors.ssl_certificate_path === 'certificate_path'
                 ? $gettext('The path exists, but the file is not a public key') : ''"
           >
             <p v-if="isManaged">
@@ -193,7 +193,7 @@ const isManaged = computed(() => {
           <AFormItem
             :label="$gettext('SSL Certificate Content')"
             :validate-status="errors.ssl_certificate ? 'error' : ''"
-            :help="errors.ssl_certificate === 'publickey'
+            :help="errors.ssl_certificate === 'certificate'
               ? $gettext('The input is not a SSL Certificate') : ''"
           >
             <CodeEditor

diff --git a/internal/cert/helper.go b/internal/cert/helper.go
@@ -6,13 +6,12 @@ import (
 	"os"
 )
 
-func IsPublicKey(pemStr string) bool {
+func IsCertificate(pemStr string) bool {
 	block, _ := pem.Decode([]byte(pemStr))
 	if block == nil {
 		return false
 	}
-
-	_, err := x509.ParsePKIXPublicKey(block.Bytes)
+	_, err := x509.ParseCertificate(block.Bytes)
 	return err == nil
 }
 
@@ -31,8 +30,8 @@ func IsPrivateKey(pemStr string) bool {
 	return errECDSA == nil
 }
 
-// IsPublicKeyPath checks if the file at the given path is a public key or not exists.
-func IsPublicKeyPath(path string) bool {
+// IsCertificatePath checks if the file at the given path is a certificate or not exists.
+func IsCertificatePath(path string) bool {
 	if path == "" {
 		return false
 	}
@@ -50,7 +49,7 @@ func IsPublicKeyPath(path string) bool {
 		return false
 	}
 
-	return IsPublicKey(string(bytes))
+	return IsCertificate(string(bytes))
 }
 
 // IsPrivateKeyPath checks if the file at the given path is a private key or not exists.

diff --git a/internal/validation/certificate.go b/internal/validation/certificate.go
@@ -5,16 +5,16 @@ import (
 	val "github.com/go-playground/validator/v10"
 )
 
-func isPublicKey(fl val.FieldLevel) bool {
-	return cert.IsPublicKey(fl.Field().String())
+func isCertificate(fl val.FieldLevel) bool {
+	return cert.IsCertificate(fl.Field().String())
 }
 
 func isPrivateKey(fl val.FieldLevel) bool {
 	return cert.IsPrivateKey(fl.Field().String())
 }
 
-func isPublicKeyPath(fl val.FieldLevel) bool {
-	return cert.IsPublicKeyPath(fl.Field().String())
+func isCertificatePath(fl val.FieldLevel) bool {
+	return cert.IsCertificatePath(fl.Field().String())
 }
 
 func isPrivateKeyPath(fl val.FieldLevel) bool {

diff --git a/internal/validation/validation.go b/internal/validation/validation.go
@@ -18,7 +18,7 @@ func Init() {
 		logger.Fatal(err)
 	}
 
-	err = v.RegisterValidation("publickey", isPublicKey)
+	err = v.RegisterValidation("certificate", isCertificate)
 
 	if err != nil {
 		logger.Fatal(err)
@@ -30,7 +30,7 @@ func Init() {
 		logger.Fatal(err)
 	}
 
-	err = v.RegisterValidation("publickey_path", isPublicKeyPath)
+	err = v.RegisterValidation("certificate_path", isCertificatePath)
 
 	if err != nil {
 		logger.Fatal(err)