feat: fix cert's ES options

2025-05-22 18:25:47 +08:00 · 2024-03-10 19:30:05 +08:00 · 2024-03-10 19:30:05 +08:00 · e5da57a005
commit e5da57a005
parent e4e225db32
5 changed files with 31 additions and 47 deletions
--- a/object/cert.go
+++ b/object/cert.go
@ -228,7 +228,7 @@ func (p *Cert) populateContent() error {
 	if sigAlgorithm == "RS" {
 		certificate, privateKey, err = generateRsaKeys(p.BitSize, shaSize, p.ExpireInYears, p.Name, p.Owner)
 	} else if sigAlgorithm == "ES" {
-		certificate, privateKey, err = generateEsKeys(p.BitSize, shaSize, p.ExpireInYears, p.Name, p.Owner)
+		certificate, privateKey, err = generateEsKeys(shaSize, p.ExpireInYears, p.Name, p.Owner)
 	} else if sigAlgorithm == "PS" {
 		certificate, privateKey, err = generateRsaPssKeys(p.BitSize, shaSize, p.ExpireInYears, p.Name, p.Owner)
 	} else {
--- a/object/token_jwt_key.go
+++ b/object/token_jwt_key.go
@ -83,7 +83,7 @@ func generateRsaKeys(bitSize int, shaSize int, expireInYears int, commonName str
 	return string(certPem), string(privateKeyPem), nil
 }

-func generateEsKeys(bitSize int, shaSize int, expireInYears int, commonName string, organization string) (string, string, error) {
+func generateEsKeys(shaSize int, expireInYears int, commonName string, organization string) (string, string, error) {
 	var curve elliptic.Curve
 	switch shaSize {
 	case 256:
--- a/object/token_jwt_key_test.go
+++ b/object/token_jwt_key_test.go
@ -37,7 +37,7 @@ func TestGenerateRsaKeys(t *testing.T) {

 func TestGenerateEsKeys(t *testing.T) {
 	fileId := "token_jwt_key"
-	certificate, privateKey, err := generateEsKeys(4096, 256, 20, "Casdoor Cert", "Casdoor Organization")
+	certificate, privateKey, err := generateEsKeys(256, 20, "Casdoor Cert", "Casdoor Organization")
 	if err != nil {
 		panic(err)
 	}
--- a/web/src/CertEditPage.js
+++ b/web/src/CertEditPage.js
@ -172,14 +172,12 @@ class CertEditPage extends React.Component {
            <Select virtual={false} style={{width: "100%"}} value={this.state.cert.cryptoAlgorithm} onChange={(value => {
              this.updateCertField("cryptoAlgorithm", value);

-              if (value === "ES256") {
-                this.updateCertField("bitSize", 256);
-              } else if (value === "ES384") {
-                this.updateCertField("bitSize", 384);
-              } else if (value === "ES512") {
-                this.updateCertField("bitSize", 521);
+              if (value.startsWith("ES")) {
+                this.updateCertField("bitSize", 0);
              } else {
-                this.updateCertField("bitSize", 2048);
+                if (this.state.cert.bitSize !== 1024 && this.state.cert.bitSize !== 2048 && this.state.cert.bitSize !== 4096) {
+                  this.updateCertField("bitSize", 2048);
+                }
              }

              this.updateCertField("certificate", "");
@ -201,22 +199,26 @@ class CertEditPage extends React.Component {
            </Select>
          </Col>
        </Row>
-        <Row style={{marginTop: "20px"}} >
-          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-            {Setting.getLabel(i18next.t("cert:Bit size"), i18next.t("cert:Bit size - Tooltip"))} :
-          </Col>
-          <Col span={22} >
-            <Select virtual={false} style={{width: "100%"}} value={this.state.cert.bitSize} onChange={(value => {
-              this.updateCertField("bitSize", value);
-              this.updateCertField("certificate", "");
-              this.updateCertField("privateKey", "");
-            })}>
-              {
-                Setting.getCryptoAlgorithmOptions(this.state.cert.cryptoAlgorithm).map((item, index) => <Option key={index} value={item.id}>{item.name}</Option>)
-              }
-            </Select>
-          </Col>
-        </Row>
+        {
+          this.state.cert.cryptoAlgorithm.startsWith("ES") ? null : (
+            <Row style={{marginTop: "20px"}} >
+              <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                {Setting.getLabel(i18next.t("cert:Bit size"), i18next.t("cert:Bit size - Tooltip"))} :
+              </Col>
+              <Col span={22} >
+                <Select virtual={false} style={{width: "100%"}} value={this.state.cert.bitSize} onChange={(value => {
+                  this.updateCertField("bitSize", value);
+                  this.updateCertField("certificate", "");
+                  this.updateCertField("privateKey", "");
+                })}>
+                  {
+                    Setting.getCryptoAlgorithmOptions(this.state.cert.cryptoAlgorithm).map((item, index) => <Option key={index} value={item.id}>{item.name}</Option>)
+                  }
+                </Select>
+              </Col>
+            </Row>
+          )
+        }
        <Row style={{marginTop: "20px"}} >
          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
            {Setting.getLabel(i18next.t("cert:Expire in years"), i18next.t("cert:Expire in years - Tooltip"))} :
--- a/web/src/Setting.js
+++ b/web/src/Setting.js
@ -1101,7 +1101,9 @@ export function getProviderTypeOptions(category) {
 }

 export function getCryptoAlgorithmOptions(cryptoAlgorithm) {
-  if (cryptoAlgorithm === "RS256") {
+  if (cryptoAlgorithm.startsWith("ES")) {
+    return [];
+  } else {
    return (
      [
        {id: 1024, name: "1024"},
@ -1109,26 +1111,6 @@ export function getCryptoAlgorithmOptions(cryptoAlgorithm) {
        {id: 4096, name: "4096"},
      ]
    );
-  } else if (cryptoAlgorithm === "HS256" || cryptoAlgorithm === "ES256") {
-    return (
-      [
-        {id: 256, name: "256"},
-      ]
-    );
-  } else if (cryptoAlgorithm === "ES384") {
-    return (
-      [
-        {id: 384, name: "384"},
-      ]
-    );
-  } else if (cryptoAlgorithm === "ES521") {
-    return (
-      [
-        {id: 521, name: "521"},
-      ]
-    );
-  } else {
-    return [];
  }
 }