From e30f6b414242c0a8f8cad0c5b44cc2fce1b89547 Mon Sep 17 00:00:00 2001
From: murdle <admin@murdle.top>
Date: Tue, 16 Dec 2025 11:28:35 +0200
Subject: [PATCH] fix token keypair issue

---
 assets/public/custom/web/main.js |  2 +-
 src/util/util/Token.ts           | 41 +++++++++++++++++++-------------
 2 files changed, 25 insertions(+), 18 deletions(-)

diff --git a/assets/public/custom/web/main.js b/assets/public/custom/web/main.js
index 9f26d0b2..6a907d46 100644
--- a/assets/public/custom/web/main.js
+++ b/assets/public/custom/web/main.js
@@ -61,7 +61,7 @@
                 anchor.parentNode.insertBefore(infoSection, anchor);
             }
 
-            infoText.style.marginTop = isNewSection ? "0px" : "5px";
+            infoText.style.marginTop = isNewSection ? "0px" : "10px";
             infoSection.append(infoText, dateText);
         } else {
             anchor.parentNode.insertBefore(infoText, anchor);
diff --git a/src/util/util/Token.ts b/src/util/util/Token.ts
index 8184f9b8..3c3f859f 100644
--- a/src/util/util/Token.ts
+++ b/src/util/util/Token.ts
@@ -149,40 +149,47 @@ export async function generateToken(id: string) {
 
 // Get ECDSA keypair from file or generate it
 export async function loadOrGenerateKeypair() {
-	let privateKey: crypto.KeyObject;
-	let publicKey: crypto.KeyObject;
+	let privateKey: string | crypto.KeyObject;
+	let publicKey: string | crypto.KeyObject;
 
 	if (existsSync("jwt.key") && existsSync("jwt.key.pub")) {
 		const [loadedPrivateKey, loadedPublicKey] = await Promise.all([
-			fs.readFile("jwt.key"),
-			fs.readFile("jwt.key.pub"),
+			fs.readFile("jwt.key", "utf-8"),
+			fs.readFile("jwt.key.pub", "utf-8"),
 		]);
 
-		privateKey = crypto.createPrivateKey({ key: loadedPrivateKey, type: "sec1" });
-		publicKey = crypto.createPublicKey({ key: loadedPublicKey, type: "spki" });
+		privateKey = loadedPrivateKey;
+		publicKey = loadedPublicKey;
 	} else {
 		console.log("[JWT] Generating new keypair");
 		const res = crypto.generateKeyPairSync("ec", {
 			namedCurve: "secp521r1",
+			publicKeyEncoding: {
+				type: "spki",
+				format: "pem"
+			},
+			privateKeyEncoding: {
+				type: "pkcs8",
+				format: "pem"
+			}
 		});
-		privateKey = res.privateKey;
-		publicKey = res.publicKey;
 
 		await Promise.all([
-			fs.writeFile(
-				"jwt.key",
-				privateKey.export({ format: "pem", type: "sec1" }),
-			),
-			fs.writeFile(
-				"jwt.key.pub",
-				publicKey.export({ format: "pem", type: "spki" }),
-			),
+			fs.writeFile("jwt.key", res.privateKey),
+			fs.writeFile("jwt.key.pub", res.publicKey),
 		]);
+
+		privateKey = res.privateKey;
+		publicKey = res.publicKey;
 	}
 
+	const publicKeyForHash = typeof publicKey === 'string' 
+		? crypto.createPublicKey(publicKey)
+		: publicKey;
+	
 	const fingerprint = crypto
 		.createHash("sha256")
-		.update(publicKey.export({ format: "pem", type: "spki" }))
+		.update(publicKeyForHash.export({ format: "pem", type: "spki" }))
 		.digest("hex");
 
 	return { privateKey, publicKey, fingerprint };