fix: improve certificate parsing and file extensions

- Fix PKCS12 container parsing by using consistent password
- Add proper file extensions for certificate downloads (.key, .csr, .crt)
- Improve private key parsing by removing unnecessary Base64 decoding
- Add error logging for certificate parsing failures
- Clean up certificate serializer code

The main changes include:
- Using P12_PASSWORD consistently across generation and parsing
- Adding proper file extensions for different certificate types
- Fixing private key parsing to handle PEM format correctly
- Adding detailed error logging for debugging purposes
- Removing redundant code comments and improving code clarity

This commit improves the reliability of certificate handling
and provides better user experience with correct file extensions.

app/controllers/repp/v1/certificates_controller.rb

@@ -36,7 +36,14 @@ module Repp
       desc "Download a specific api user's specific certificate"
       param :type, String, required: true, desc: 'Type of certificate (csr or crt)'
       def download
-        extension = params[:type] == 'p12' ? 'p12' : 'pem'
+        extension = case params[:type]
+                   when 'p12' then 'p12'
+                   when 'private_key' then 'key'
+                   when 'csr' then 'csr'
+                   when 'crt' then 'crt'
+                   else 'pem'
+                   end
+
         filename = "#{@api_user.username}_#{Time.zone.today.strftime('%y%m%d')}_portal.#{extension}"
 
         data = if params[:type] == 'p12' && @certificate.p12.present?

app/models/certificate.rb

@@ -52,6 +52,25 @@ class Certificate < ApplicationRecord
     @p_csr ||= OpenSSL::X509::Request.new(csr) if csr
   end
 
+  def parsed_private_key
+    return nil if private_key.blank?
+    
+    OpenSSL::PKey::RSA.new(private_key)
+  rescue OpenSSL::PKey::RSAError => e
+    Rails.logger.error("Failed to parse private key: #{e.message}")
+    nil
+  end
+
+  def parsed_p12
+    return nil if p12.blank?
+    
+    decoded_p12 = Base64.decode64(p12)
+    OpenSSL::PKCS12.new(decoded_p12, Certificates::CertificateGenerator::P12_PASSWORD)
+  rescue OpenSSL::PKCS12::PKCS12Error => e
+    Rails.logger.error("Failed to parse PKCS12: #{e.message}")
+    nil
+  end
+
   def revoked?
     status == REVOKED
   end

app/services/certificates/certificate_generator.rb

@@ -124,7 +124,7 @@ module Certificates
       cert
     end
 
-    def create_user_p12(key, cert, password = '123456')
+    def create_user_p12(key, cert, password = P12_PASSWORD)
       ca_cert = OpenSSL::X509::Certificate.new(File.read(ca_cert_path))
 
       p12 = OpenSSL::PKCS12.create(

lib/serializers/repp/certificate.rb

@@ -10,7 +10,6 @@ module Serializers
       def to_json(obj = certificate)
         json = obj.as_json.except('csr', 'crt', 'private_key', 'p12')
 
-        # Безопасно извлекаем данные из сертификатов
         begin
           csr = obj.parsed_csr
         rescue StandardError => e
@@ -46,7 +45,6 @@ module Serializers
         json[:csr] = csr_data(csr) if csr
         json[:crt] = crt_data(crt) if crt
         
-        # Если в тестовой среде данные не удалось извлечь, добавляем заглушки
         if (Rails.env.test? || ENV['SKIP_CERTIFICATE_VALIDATIONS'] == 'true')
           if csr.nil? && obj.csr.present?
             json[:csr] = { version: 0, subject: obj.common_name || 'Test Subject', alg: 'sha256WithRSAEncryption' }