feat: 支持ECC类型

packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts

@@ -14,7 +14,7 @@ export type CertInfo = {
   csr: string;
 };
 export type SSLProvider = "letsencrypt" | "google" | "zerossl";
-export type PrivateKeyType = "rsa" | "ec";
+export type PrivateKeyType = "rsa_1024" | "rsa_2048" | "rsa_3072" | "rsa_4096" | "ec_256" | "ec_384" | "ec_521";
 type AcmeServiceOptions = {
   userContext: IContext;
   logger: Logger;
@@ -226,12 +226,16 @@ export class AcmeService {
     /* Create CSR */
     const { commonName, altNames } = this.buildCommonNameByDomains(domains);
     let privateKey = null;
-    if (options.privateKeyType == "ec") {
-      privateKey = await acme.crypto.createPrivateEcdsaKey();
+    const privateKeyArr = options.privateKeyType.split("_");
+    const type = privateKeyArr[0];
+    const size = parseInt(privateKeyArr[1]);
+    if (type == "ec") {
+      const name: any = "P-" + size;
+      privateKey = await acme.crypto.createPrivateEcdsaKey(name);
     } else {
-      privateKey = await acme.crypto.createPrivateRsaKey();
+      privateKey = await acme.crypto.createPrivateRsaKey(size);
     }
-    const [key, csr] = await acme.forge.createCsr(
+    const [key, csr] = await acme.crypto.createCsr(
       {
         commonName,
         ...csrInfo,

packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts

@@ -133,10 +133,10 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
     const cert: CertInfo = certReader.toCertInfo();
     this.cert = cert;
 
-    this._result.pipelineVars.certExpiresTime = dayjs(certReader.detail.validity.notAfter).valueOf();
+    this._result.pipelineVars.certExpiresTime = dayjs(certReader.detail.notAfter).valueOf();
 
     if (isNew) {
-      const applyTime = dayjs(certReader.detail.validity.notBefore).format("YYYYMMDD_HHmmss");
+      const applyTime = dayjs(certReader.detail.notBefore).format("YYYYMMDD_HHmmss");
       await this.zipCert(cert, applyTime);
     } else {
       this.extendsFiles();

packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts

@@ -1,8 +1,8 @@
 import { CertInfo } from "./acme.js";
 import fs from "fs";
 import os from "os";
-import forge from "node-forge";
 import path from "path";
+import { crypto } from "@certd/acme-client";
 export class CertReader implements CertInfo {
   crt: string;
   key: string;
@@ -29,9 +29,8 @@ export class CertReader implements CertInfo {
   }
 
   getCrtDetail(crt: string) {
-    const pki = forge.pki;
-    const detail = pki.certificateFromPem(crt.toString());
-    const expires = detail.validity.notAfter;
+    const detail = crypto.readCertificateInfo(crt.toString());
+    const expires = detail.notAfter;
     return { detail, expires };
   }
 

packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts

@@ -44,13 +44,18 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
 
   @TaskInput({
     title: "证书私钥类型",
-    value: "rsa",
+    value: "rsa_2048",
     component: {
       name: "a-select",
       vModel: "value",
       options: [
-        { value: "rsa", label: "RSA" },
-        { value: "ec", label: "EC" },
+        { value: "rsa_1024", label: "RSA 1024" },
+        { value: "rsa_2048", label: "RSA 2048" },
+        { value: "rsa_3072", label: "RSA 3072" },
+        { value: "rsa_4096", label: "RSA 4096" },
+        { value: "ec_256", label: "EC 256" },
+        { value: "ec_384", label: "EC 384" },
+        { value: "ec_521", label: "EC 521" },
       ],
     },
     required: true,