fix: let client handle filenames

Author: binarycodes

server/ssh-key-signer-server/src/main/java/io/binarycodes/homelab/sshkeysigner/keymanagement/KeyController.java

@@ -38,7 +38,6 @@ public ResponseEntity<SignedPublicKeyDownload> signUserKey(final JwtAuthenticati
         }
 
         final var signed = keyService.signUserKey(
-                signPublicKeyRequest.filename(),
                 signPublicKeyRequest.publicKey(),
                 principal.getToken().getId(),
                 signPublicKeyRequest.principal()
@@ -58,7 +57,6 @@ public ResponseEntity<SignedPublicKeyDownload> signHostKey(final JwtAuthenticati
         }
 
         final var signed = keyService.signHostKey(
-                signPublicKeyRequest.filename(),
                 signPublicKeyRequest.publicKey(),
                 principal.getToken().getId(),
                 signPublicKeyRequest.principal()

server/ssh-key-signer-server/src/main/java/io/binarycodes/homelab/sshkeysigner/keymanagement/KeyService.java

@@ -11,7 +11,6 @@
 import io.binarycodes.homelab.lib.SignedPublicKeyDownload;
 import io.binarycodes.homelab.sshkeysigner.config.ApplicationProperties;
 import lombok.extern.log4j.Log4j2;
-import org.apache.commons.io.FilenameUtils;
 import org.springframework.stereotype.Service;
 
 import java.io.IOException;
@@ -26,7 +25,6 @@
 public class KeyService {
     /* https://jadaptive.com/app/manpage/en/article/2895616 */
 
-    private static final String CERTIFICATE_FILE_NAME_SUFFIX = "cert";
     private final ApplicationProperties applicationProperties;
 
     public KeyService(final ApplicationProperties applicationProperties) {
@@ -113,48 +111,48 @@ private SshKeyPair keyInfoToKeyPair(final KeyInfo keyInfo, final String passphra
     /**
      * Signs the given key for user
      */
-    public Optional<SignedPublicKeyDownload> signUserKey(final String filename, final String pubKey, final String keyId, final String principal) {
-        return signUserKey(filename, pubKey, keyId, List.of(principal));
+    public Optional<SignedPublicKeyDownload> signUserKey(final String pubKey, final String keyId, final String principal) {
+        return signUserKey(pubKey, keyId, List.of(principal));
     }
 
     /**
      * Signs the given key for user
      */
-    public Optional<SignedPublicKeyDownload> signUserKey(final String filename, final String pubKey, final String keyId, final List<String> principals) {
+    public Optional<SignedPublicKeyDownload> signUserKey(final String pubKey, final String keyId, final List<String> principals) {
         final var bytes = pubKey.getBytes(StandardCharsets.UTF_8);
-        return signUserKey(filename, bytes, keyId, principals);
+        return signUserKey(bytes, keyId, principals);
     }
 
     /**
      * Signs the given key for user
      */
-    public Optional<SignedPublicKeyDownload> signUserKey(final String filename, final byte[] bytes, final String keyId, final List<String> principals) {
-        return signKey(SshCertificateType.USER, filename, bytes, keyId, principals, applicationProperties.caUserValidity());
+    public Optional<SignedPublicKeyDownload> signUserKey(final byte[] bytes, final String keyId, final List<String> principals) {
+        return signKey(SshCertificateType.USER, bytes, keyId, principals, applicationProperties.caUserValidity());
     }
 
     /**
      * Signs the given key for host
      */
-    public Optional<SignedPublicKeyDownload> signHostKey(final String filename, final String pubKey, final String keyId, final String principal) {
-        return signHostKey(filename, pubKey, keyId, List.of(principal));
+    public Optional<SignedPublicKeyDownload> signHostKey(final String pubKey, final String keyId, final String principal) {
+        return signHostKey(pubKey, keyId, List.of(principal));
     }
 
     /**
      * Signs the given key for host
      */
-    public Optional<SignedPublicKeyDownload> signHostKey(final String filename, final String pubKey, final String keyId, final List<String> principals) {
+    public Optional<SignedPublicKeyDownload> signHostKey(final String pubKey, final String keyId, final List<String> principals) {
         final var bytes = pubKey.getBytes(StandardCharsets.UTF_8);
-        return signHostKey(filename, bytes, keyId, principals);
+        return signHostKey(bytes, keyId, principals);
     }
 
     /**
      * Signs the given key for host
      */
-    public Optional<SignedPublicKeyDownload> signHostKey(final String filename, final byte[] bytes, final String keyId, final List<String> principals) {
-        return signKey(SshCertificateType.HOST, filename, bytes, keyId, principals, applicationProperties.caHostValidity());
+    public Optional<SignedPublicKeyDownload> signHostKey(final byte[] bytes, final String keyId, final List<String> principals) {
+        return signKey(SshCertificateType.HOST, bytes, keyId, principals, applicationProperties.caHostValidity());
     }
 
-    private Optional<SignedPublicKeyDownload> signKey(final SshCertificateType certType, final String filename, final byte[] bytes, final String keyId, final List<String> principals, final Duration validitySeconds) {
+    private Optional<SignedPublicKeyDownload> signKey(final SshCertificateType certType, final byte[] bytes, final String keyId, final List<String> principals, final Duration validitySeconds) {
         try {
             final var publicKeyFileToSign = SshPublicKeyFileFactory.parse(bytes);
             final var keyPairToSign = SshKeyPair.getKeyPair(null, publicKeyFileToSign.toPublicKey());
@@ -168,9 +166,8 @@ private Optional<SignedPublicKeyDownload> signKey(final SshCertificateType certT
 
             final var signedKey = SshPublicKeyFileFactory.create(signed.getCertificate(), publicKeyFileToSign.getComment(), SshPublicKeyFileFactory.OPENSSH_FORMAT);
             final var signedKeyString = new String(signedKey.getFormattedKey(), StandardCharsets.UTF_8);
-            final var downloadFilename = "%s-%s.%s".formatted(FilenameUtils.getBaseName(filename), CERTIFICATE_FILE_NAME_SUFFIX, FilenameUtils.getExtension(filename));
 
-            return Optional.of(new SignedPublicKeyDownload(downloadFilename, signedKeyString));
+            return Optional.of(new SignedPublicKeyDownload(signedKeyString));
         } catch (final IOException e) {
             log.error(e.getMessage(), e);
         } catch (final InvalidPassphraseException | SshException e) {

server/ssh-signer-common-lib/src/main/java/io/binarycodes/homelab/lib/SignPublicKeyRequest.java

@@ -1,4 +1,4 @@
 package io.binarycodes.homelab.lib;
 
-public record SignPublicKeyRequest(String filename, String publicKey, String principal) {
+public record SignPublicKeyRequest(String publicKey, String principal) {
 }

server/ssh-signer-common-lib/src/main/java/io/binarycodes/homelab/lib/SignedPublicKeyDownload.java

@@ -1,4 +1,4 @@
 package io.binarycodes.homelab.lib;
 
-public record SignedPublicKeyDownload(String filename, String signedKey) {
+public record SignedPublicKeyDownload(String signedKey) {
 }