From 0fe9a87ea0fada7d341fd9b9758e30ec3c2c6fa5 Mon Sep 17 00:00:00 2001
From: zhengkunwang <31820853+zhengkunwang223@users.noreply.github.com>
Date: Fri, 8 Dec 2023 17:58:09 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E8=A7=A3=E5=86=B3=E5=88=9B=E5=BB=BA?=
 =?UTF-8?q?=E6=9C=BA=E6=9E=84=E9=80=89=E6=8B=A9=20RSA=20=E5=8A=A0=E5=AF=86?=
 =?UTF-8?q?=E5=A4=B1=E8=B4=A5=E7=9A=84=E9=97=AE=E9=A2=98=20(#3234)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/app/service/website_ca.go | 31 ++++++-------------------------
 1 file changed, 6 insertions(+), 25 deletions(-)

diff --git a/backend/app/service/website_ca.go b/backend/app/service/website_ca.go
index 40bdcb5c7..dd267935e 100644
--- a/backend/app/service/website_ca.go
+++ b/backend/app/service/website_ca.go
@@ -92,36 +92,17 @@ func (w WebsiteCAService) Create(create request.WebsiteCACreate) (*request.Websi
 		MaxPathLenZero:        false,
 		KeyUsage:              x509.KeyUsageCertSign | x509.KeyUsageCRLSign,
 	}
+	var (
+		caPEM = new(bytes.Buffer)
+	)
 
-	privateKey, err := certcrypto.GeneratePrivateKey(ssl.KeyType(create.KeyType))
+	interPrivateKey, interPublicKey, privateBytes, err := createPrivateKey(create.KeyType)
 	if err != nil {
 		return nil, err
 	}
-	var (
-		publicKey       any
-		caPEM           = new(bytes.Buffer)
-		caPrivateKeyPEM = new(bytes.Buffer)
-		privateBlock    = &pem.Block{}
-	)
-	if ssl.KeyType(create.KeyType) == certcrypto.EC256 || ssl.KeyType(create.KeyType) == certcrypto.EC384 {
-		publicKey = &privateKey.(*ecdsa.PrivateKey).PublicKey
-		publicKey = publicKey.(*ecdsa.PublicKey)
-		privateBlock.Type = "EC PRIVATE KEY"
-		privateBytes, err := x509.MarshalECPrivateKey(privateKey.(*ecdsa.PrivateKey))
-		if err != nil {
-			return nil, err
-		}
-		privateBlock.Bytes = privateBytes
-		_ = pem.Encode(caPrivateKeyPEM, privateBlock)
-	} else {
-		publicKey = privateKey.(*rsa.PrivateKey).PublicKey
-		publicKey = publicKey.(*rsa.PublicKey)
-		privateBlock.Type = "RSA PRIVATE KEY"
-		privateBlock.Bytes = x509.MarshalPKCS1PrivateKey(privateKey.(*rsa.PrivateKey))
-	}
-	ca.PrivateKey = string(pem.EncodeToMemory(privateBlock))
+	ca.PrivateKey = string(privateBytes)
 
-	caBytes, err := x509.CreateCertificate(rand.Reader, rootCA, rootCA, publicKey, privateKey)
+	caBytes, err := x509.CreateCertificate(rand.Reader, rootCA, rootCA, interPublicKey, interPrivateKey)
 	if err != nil {
 		return nil, err
 	}