feat (Private Key Editing): Added private key format normalization (#1080)

* feat (Private Key Editing): Added private key format normalization Added the _normalizePrivateKey method to normalize private key formats: - Removes whitespace characters from Base64 content - Ensures the standard format of 64 characters per line - Ensures that the private key ends with a newline character * fix(private_key): Fixes PEM private key formatting issues while preserving metadata headers Properly handles metadata headers (such as Proc-Type and DEK-Info) in encrypted PEM keys and preserves these headers when cleaning up Base64 content. Additionally, optimizes the logic for removing whitespace characters and improves performance by using precompiled regular expressions. * refactor(ui): Remove unused ctx parameters and optimize the selection window caching logic - Remove unused egui::Context parameters from functions related to settings_page - Add a check for the length of items in the selection window cache to improve cache validity - Simplify the cache data structure and remove unnecessary online data validation logic * fix(private_key): Fixed an issue with matching header and footer tags in PEM-format private keys Added validation for consistency of header and footer tags in PEM-format private keys to ensure that the content following “BEGIN” and “END” is identical
2026-03-21 23:33:31 +08:00
parent 1bea565c21
commit 2f67938b09
1 changed files with 61 additions and 1 deletions
--- a/lib/view/page/private_key/edit.dart
+++ b/lib/view/page/private_key/edit.dart
@@ -12,6 +12,9 @@ import 'package:server_box/data/provider/private_key.dart';
 import 'package:server_box/data/res/misc.dart';

 const _format = 'text/plain';
+final _whitespaceRegex = RegExp(r'\s+');
+final _pemBeginRegex = RegExp(r'^-----BEGIN ([A-Z0-9 ]+)-----$');
+final _pemEndRegex = RegExp(r'^-----END ([A-Z0-9 ]+)-----$');

 final class PrivateKeyEditPageArgs {
  final PrivateKeyInfo? pki;
@@ -116,6 +119,63 @@ class _PrivateKeyEditPageState extends ConsumerState<PrivateKeyEditPage> {
    return value.replaceAll('\r\n', '\n').replaceAll('\r', '\n');
  }

+  /// Normalizes the private key format:
+  /// - Removes whitespace from Base64 content (spaces, tabs, etc.)
+  /// - Ensures the key ends with a newline
+  String _normalizePrivateKey(String key) {
+    final lines = key.split('\n');
+    // Guard: need at least header + body + footer (3 lines) for valid PEM
+    if (lines.length < 3) return key;
+
+    final header = lines.first;
+    final footer = lines.last;
+
+    // Validate PEM boundaries before mutating input
+    final headerMatch = _pemBeginRegex.firstMatch(header);
+    final footerMatch = _pemEndRegex.firstMatch(footer);
+    if (headerMatch == null || footerMatch == null) {
+      return key;
+    }
+
+    // Ensure header and footer labels match
+    final headerLabel = headerMatch.group(1);
+    final footerLabel = footerMatch.group(1);
+    if (headerLabel != footerLabel) {
+      return key;
+    }
+
+    // Extract Base64 content (everything between header and footer)
+    final bodyLines = lines.sublist(1, lines.length - 1);
+
+    // Check for RFC 1421 metadata headers (e.g., Proc-Type, DEK-Info)
+    // These appear in encrypted PEM keys and must be preserved
+    final hasMetadataHeaders = bodyLines.any(
+      (line) => line.contains(':') && !line.startsWith('-----'),
+    );
+
+    if (hasMetadataHeaders) {
+      // For encrypted keys, preserve structure and just ensure trailing newline
+      if (!key.endsWith('\n')) {
+        return '$key\n';
+      }
+      return key;
+    }
+
+    // Remove all whitespace from Base64 content
+    final cleanBody = bodyLines.join('').replaceAll(_whitespaceRegex, '');
+
+    // Rebuild the key with standard formatting (64 chars per line)
+    final buffer = StringBuffer();
+    buffer.writeln(header);
+    for (var i = 0; i < cleanBody.length; i += 64) {
+      final end = (i + 64 < cleanBody.length) ? i + 64 : cleanBody.length;
+      buffer.writeln(cleanBody.substring(i, end));
+    }
+    buffer.writeln(footer);
+
+    return buffer.toString();
+  }
+
  Widget _buildFAB() {
    return FloatingActionButton(tooltip: l10n.save, onPressed: _onTapSave, child: const Icon(Icons.save));
  }
@@ -186,7 +246,7 @@ class _PrivateKeyEditPageState extends ConsumerState<PrivateKeyEditPage> {

  void _onTapSave() async {
    final name = _nameController.text;
-    final key = _standardizeLineSeparators(_keyController.text.trim());
+    final key = _normalizePrivateKey(_standardizeLineSeparators(_keyController.text.trim()));
    final pwd = _pwdController.text;
    if (name.isEmpty || key.isEmpty) {
      context.showSnackBar(libL10n.empty);