[csr] add private_server certificate type

go.mod

@@ -3,7 +3,7 @@ module github.com/android-sms-gateway/ca
 go 1.23.2
 
 require (
-	github.com/android-sms-gateway/client-go v1.5.0
+	github.com/android-sms-gateway/client-go v1.5.5-0.20250307091924-1076d115eb88
 	github.com/go-playground/validator/v10 v10.23.0
 	github.com/gofiber/contrib/fiberzap/v2 v2.1.4
 	github.com/gofiber/fiber/v2 v2.52.6

go.sum

@@ -2,6 +2,8 @@ github.com/KyleBanks/depth v1.2.1 h1:5h8fQADFrWtarTdtDudMmGsC7GPbOAu6RVB3ffsVFHc
 github.com/KyleBanks/depth v1.2.1/go.mod h1:jzSb9d0L43HxTQfT+oSA1EEp2q+ne2uh6XgeJcm8brE=
 github.com/android-sms-gateway/client-go v1.5.0 h1:CDREtWU2Z85dW7JcsW3a+vKZkj9g2Buq8vlrnEdGaoE=
 github.com/android-sms-gateway/client-go v1.5.0/go.mod h1:DQsReciU1xcaVW3T5Z2bqslNdsAwCFCtghawmA6g6L4=
+github.com/android-sms-gateway/client-go v1.5.5-0.20250307091924-1076d115eb88 h1:LmcJ8zpxKTHtwBLkQcmn1pEIgPEDCH5bY9ukYQAf+1c=
+github.com/android-sms-gateway/client-go v1.5.5-0.20250307091924-1076d115eb88/go.mod h1:DQsReciU1xcaVW3T5Z2bqslNdsAwCFCtghawmA6g6L4=
 github.com/andybalholm/brotli v1.1.1 h1:PR2pgnyFznKEugtsUo0xLdDop5SKXd5Qf5ysW+7XdTA=
 github.com/andybalholm/brotli v1.1.1/go.mod h1:05ib4cKhjx3OQYUY22hTVd34Bc8upXjOLL2rKwwZBoA=
 github.com/appleboy/com v0.2.1 h1:dHAHauX3eYDuheAahI83HIGFxpi0SEb2ZAu9EZ9hbUM=

internal/api/converters.go

@@ -0,0 +1,16 @@
+package api
+
+import (
+	"github.com/android-sms-gateway/ca/internal/csr"
+	"github.com/android-sms-gateway/client-go/ca"
+)
+
+func csrStatusToResponse(status csr.CSRStatus) ca.PostCSRResponse {
+	return ca.PostCSRResponse{
+		RequestID:   status.ID(),
+		Type:        status.Type(),
+		Status:      status.Status(),
+		Message:     status.Status().Description(),
+		Certificate: status.Certificate(),
+	}
+}

internal/api/csr.go

@@ -34,19 +34,14 @@ func (c *csrHandler) submit(ctx *fiber.Ctx) error {
 		return err
 	}
 
-	res, err := c.csrSvc.Create(ctx.Context(), csr.NewCSR(req.Content, req.Metadata))
+	res, err := c.csrSvc.Create(ctx.Context(), csr.NewCSR(req.Type, req.Content, req.Metadata))
 	if err != nil {
 		return err
 	}
 
 	return ctx.
 		Status(fiber.StatusAccepted).
-		JSON(ca.PostCSRResponse{
-			RequestID:   res.ID(),
-			Status:      res.Status(),
-			Message:     res.Status().Description(),
-			Certificate: res.Certificate(),
-		})
+		JSON(csrStatusToResponse(res))
 }
 
 //	@Summary	Get CSR Status
@@ -69,17 +64,10 @@ func (c *csrHandler) status(ctx *fiber.Ctx) error {
 		return err
 	}
 
-	return ctx.JSON(ca.GetCSRStatusResponse{
-		RequestID:   res.ID(),
-		Status:      res.Status(),
-		Message:     res.Status().Description(),
-		Certificate: res.Certificate(),
-	})
+	return ctx.JSON(csrStatusToResponse(res))
 }
 
 func (c *csrHandler) Register(router fiber.Router) {
-	// router.Use(limiter.New(1, time.Minute))
-
 	router.Use(c.handleError)
 
 	router.Post("", c.submit)

internal/csr/domain.go

@@ -7,17 +7,27 @@ import (
 )
 
 type CSR struct {
+	csrType  ca.CSRType
 	content  string
 	metadata map[string]string
 }
 
-func NewCSR(content string, metadata map[string]string) CSR {
+func NewCSR(csrType ca.CSRType, content string, metadata map[string]string) CSR {
+	if csrType == "" {
+		csrType = ca.CSRTypeWebhook
+	}
+
 	return CSR{
+		csrType:  csrType,
 		content:  content,
 		metadata: metadata,
 	}
 }
 
+func (c CSR) Type() ca.CSRType {
+	return c.csrType
+}
+
 func (c CSR) Content() string {
 	return c.content
 }
@@ -34,6 +44,7 @@ func (c CSR) toMap() map[string]string {
 	}
 
 	return map[string]string{
+		"type":     string(c.csrType),
 		"content":  c.content,
 		"metadata": metadata,
 	}
@@ -47,9 +58,10 @@ type CSRStatus struct {
 	reason      string
 }
 
-func NewCSRStatus(id string, content string, metadata map[string]string, status ca.CSRStatus, certificate string, reason string) CSRStatus {
+func NewCSRStatus(id string, csrType ca.CSRType, content string, metadata map[string]string, status ca.CSRStatus, certificate string, reason string) CSRStatus {
 	return CSRStatus{
 		CSR: CSR{
+			csrType:  csrType,
 			content:  content,
 			metadata: metadata,
 		},

internal/csr/repository.go

@@ -73,7 +73,7 @@ func (r *repository) Get(ctx context.Context, requestId string) (CSRStatus, erro
 		return CSRStatus{}, fmt.Errorf("failed to get csr: %w", err)
 	}
 
-	return NewCSRStatus(requestId, res["content"], metadata, ca.CSRStatus(status), res["certificate"], res["reason"]), nil
+	return NewCSRStatus(requestId, ca.CSRType(res["type"]), res["content"], metadata, ca.CSRStatus(status), res["certificate"], res["reason"]), nil
 }
 
 func (r *repository) SetCertificate(ctx context.Context, requestId string, certificate string) error {

internal/csr/service.go

@@ -62,7 +62,7 @@ func (s *Service) Create(ctx context.Context, csr CSR) (CSRStatus, error) {
 		s.log.Error("failed to queue csr", zap.Error(err))
 	}
 
-	return NewCSRStatus(id, csr.content, csr.metadata, ca.CSRStatusPending, "", ""), nil
+	return NewCSRStatus(id, csr.csrType, csr.content, csr.metadata, ca.CSRStatusPending, "", ""), nil
 }
 
 func (s *Service) Get(ctx context.Context, id string) (CSRStatus, error) {
@@ -92,7 +92,12 @@ func (s *Service) process(ctx context.Context, m core.TaskMessage) error {
 		return err
 	}
 
-	serialNumber, err := s.newSerialNumber(GroupWebhooks)
+	prefix, ok := csrTypeToPrefix[res.csrType]
+	if !ok {
+		return fmt.Errorf("unknown csr type: %s", res.csrType)
+	}
+
+	serialNumber, err := s.newSerialNumber(prefix)
 	if err != nil {
 		return err
 	}
@@ -137,7 +142,7 @@ func (s *Service) parseCsr(content string) (*x509.CertificateRequest, error) {
 	return x509.ParseCertificateRequest(block.Bytes)
 }
 
-func (s *Service) newSerialNumber(prefix uint8) (*big.Int, error) {
+func (s *Service) newSerialNumber(prefix SerialNumberPrefix) (*big.Int, error) {
 	serialNumberLimit := new(big.Int).
 		Lsh(big.NewInt(1), 120)
 	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)

internal/csr/types.go

@@ -0,0 +1,15 @@
+package csr
+
+import "github.com/android-sms-gateway/client-go/ca"
+
+type SerialNumberPrefix uint8
+
+const (
+	PrefixWebhooks       SerialNumberPrefix = 1
+	PrefixPrivateServers SerialNumberPrefix = 2
+)
+
+var csrTypeToPrefix = map[ca.CSRType]SerialNumberPrefix{
+	ca.CSRTypeWebhook:       PrefixWebhooks,
+	ca.CSRTypePrivateServer: PrefixPrivateServers,
+}

requests.http

@@ -8,8 +8,9 @@ POST {{baseUrl}}/csr HTTP/1.1
 Content-Type: application/json
 
 {
+    "type": "private_server",
     "content": "-----BEGIN CERTIFICATE REQUEST-----\nMIICnzCCAYcCAQAwFjEUMBIGA1UEAwwLMTkyLjE2OC4xLjIwggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQCp2+djjsAY9+PfCL25eoapngqpg/XqC0YdNM6O\n2PTh55LiONX7hZzln18JGsCt6VKqZJyltF0ucra4rn7+f9DMdIPG08BLjPiO/Bkx\nJE7YSJQEDOxXjhEQy94KYWs7gUaf1r2LG4vkEShpbpc8jr84UAbZjI7TC5sdprLE\nyyYcW1GWcBNFLwNvj5PN2ZHjAePQ9QkS/KFh2D/9RW+xoXPJerLrSz7vzewiIPw3\n6S2gEQuQ6p5QxXhH0kNKOsCAtp4IRSBp05luETxUHRPfY8stKtTsc7AX/uRI1Cer\nmWKrrr+bhroiWGt9D3QcYxevH4sId27YrudUvMUd1hFrfnr1AgMBAAGgRDBCBgkq\nhkiG9w0BCQ4xNTAzMAsGA1UdDwQEAwIF4DATBgNVHSUEDDAKBggrBgEFBQcDATAP\nBgNVHREECDAGhwTAqAECMA0GCSqGSIb3DQEBCwUAA4IBAQBhGkt/tyuxTcW2vXP/\nYbPn7H+KFcmuZi+3JGG3BneBmKt8f5Aoaxbb+X1H4BqbW1kpy4r1BGCMkJNzwsYX\nGaEjpLdpCLdna81pSx/5uF/FGnwXglOrqONBP9ijDHh1Ifbk3D9CVsqcaAclknZd\nQfCwUXhvUyGav+ibEF1W0JIMEABD7Hxtgkp/bt4n4JwBX9onH90O/WPiT66hlzQt\nSZCeoHYz5g+T9ZQvKHbKLcGJ7yiGMcdEblu2Dxm3sIR53Mp2K9JrdFSgucJPg7Vf\npnrBec47huevsj3xyiUvTu/766xlxrzmluEN7yiE/ovq+j+hmMJUds3gCKK3y+1m\nmp0q\n-----END CERTIFICATE REQUEST-----\n"
 }
 
 ###
-GET {{baseUrl}}/csr/GK7aCouDr8Ozxa1MUpwPJ HTTP/1.1
+GET {{baseUrl}}/csr/06xD5pQPeRDzu1uQvFVk2 HTTP/1.1