refactor: clean code

2025-06-07 21:19:51 +00:00 · 2025-04-22 21:18:16 +08:00 · 2025-04-22 21:18:16 +08:00 · 3189e65bad
commit 3189e65bad
parent 8fe942d8d5
243 changed files with 545 additions and 507 deletions
--- a/go.mod
+++ b/go.mod
@ -215,8 +215,8 @@ require (
 	modernc.org/sqlite v1.36.1 // indirect
 )

-replace github.com/Edgio/edgio-api v0.0.0-workspace => ./internal/pkg/vendors/edgio-sdk/edgio-api@v0.0.0-workspace
+replace github.com/Edgio/edgio-api v0.0.0-workspace => ./internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace

-replace gitlab.ecloud.com/ecloud/ecloudsdkcore v1.0.0 => ./internal/pkg/vendors/cmcc-sdk/ecloudsdkcore@v1.0.0
+replace gitlab.ecloud.com/ecloud/ecloudsdkcore v1.0.0 => ./internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0

-replace gitlab.ecloud.com/ecloud/ecloudsdkclouddns v1.0.1 => ./internal/pkg/vendors/cmcc-sdk/ecloudsdkclouddns@v1.0.1
+replace gitlab.ecloud.com/ecloud/ecloudsdkclouddns v1.0.1 => ./internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1
--- a/internal/applicant/acme_user.go
+++ b/internal/applicant/acme_user.go
@ -13,8 +13,8 @@ import (
 	"golang.org/x/sync/singleflight"

 	"github.com/usual2970/certimate/internal/domain"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
-	"github.com/usual2970/certimate/internal/pkg/utils/maputil"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
+	maputil "github.com/usual2970/certimate/internal/pkg/utils/map"
 	"github.com/usual2970/certimate/internal/repository"
 )

--- a/internal/applicant/applicant.go
+++ b/internal/applicant/applicant.go
@ -18,7 +18,7 @@ import (
 	"golang.org/x/time/rate"

 	"github.com/usual2970/certimate/internal/domain"
-	"github.com/usual2970/certimate/internal/pkg/utils/sliceutil"
+	sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice"
 	"github.com/usual2970/certimate/internal/repository"
 )

--- a/internal/applicant/providers.go
+++ b/internal/applicant/providers.go
@ -35,7 +35,7 @@ import (
 	pVercel "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/vercel"
 	pVolcEngine "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/volcengine"
 	pWestcn "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/westcn"
-	"github.com/usual2970/certimate/internal/pkg/utils/maputil"
+	maputil "github.com/usual2970/certimate/internal/pkg/utils/map"
 )

 func createApplicant(options *applicantOptions) (challenge.Provider, error) {
--- a/internal/certificate/service.go
+++ b/internal/certificate/service.go
@ -17,7 +17,7 @@ import (
 	"github.com/usual2970/certimate/internal/domain"
 	"github.com/usual2970/certimate/internal/domain/dtos"
 	"github.com/usual2970/certimate/internal/notify"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 	"github.com/usual2970/certimate/internal/repository"
 )

--- a/internal/deployer/providers.go
+++ b/internal/deployer/providers.go
@ -78,8 +78,8 @@ import (
 	pVolcEngineTOS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-tos"
 	pWangsuCDNPro "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/wangsu-cdnpro"
 	pWebhook "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/webhook"
-	"github.com/usual2970/certimate/internal/pkg/utils/maputil"
-	"github.com/usual2970/certimate/internal/pkg/utils/sliceutil"
+	maputil "github.com/usual2970/certimate/internal/pkg/utils/map"
+	sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice"
 )

 func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
@ -443,7 +443,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
 			deployer, err := pBunnyCDN.NewDeployer(&pBunnyCDN.DeployerConfig{
 				ApiKey:     access.ApiKey,
 				PullZoneId: maputil.GetString(options.ProviderDeployConfig, "pullZoneId"),
-				HostName:   maputil.GetString(options.ProviderDeployConfig, "hostName"),
+				Hostname:   maputil.GetString(options.ProviderDeployConfig, "hostname"),
 			})
 			return deployer, err
 		}
--- a/internal/domain/certificate.go
+++ b/internal/domain/certificate.go
@ -8,7 +8,7 @@ import (
 	"strings"
 	"time"

-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 const CollectionNameCertificate = "certificate"
--- a/internal/domain/workflow.go
+++ b/internal/domain/workflow.go
@ -3,7 +3,7 @@ package domain
 import (
 	"time"

-	"github.com/usual2970/certimate/internal/pkg/utils/maputil"
+	maputil "github.com/usual2970/certimate/internal/pkg/utils/map"
 )

 const CollectionNameWorkflow = "workflow"
--- a/internal/notify/notify.go
+++ b/internal/notify/notify.go
@ -9,7 +9,7 @@ import (

 	"github.com/usual2970/certimate/internal/domain"
 	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-	"github.com/usual2970/certimate/internal/pkg/utils/maputil"
+	maputil "github.com/usual2970/certimate/internal/pkg/utils/map"
 	"github.com/usual2970/certimate/internal/repository"
 )

--- a/internal/notify/providers.go
+++ b/internal/notify/providers.go
@ -17,7 +17,7 @@ import (
 	pTelegram "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/telegram"
 	pWebhook "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/webhook"
 	pWeCom "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/wecom"
-	"github.com/usual2970/certimate/internal/pkg/utils/maputil"
+	maputil "github.com/usual2970/certimate/internal/pkg/utils/map"
 )

 func createNotifier(channel domain.NotifyChannelType, channelConfig map[string]any) (notifier.Notifier, error) {
@ -67,7 +67,7 @@ func createNotifier(channel domain.NotifyChannelType, channelConfig map[string]a
 			ChannelId: maputil.GetString(channelConfig, "channelId"),
 			Username:  maputil.GetString(channelConfig, "username"),
 			Password:  maputil.GetString(channelConfig, "password"),
-    })
+		})
 	case domain.NotifyChannelTypePushover:
 		return pPushover.NewNotifier(&pPushover.NotifierConfig{
 			Token: maputil.GetString(channelConfig, "token"),
--- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/azure-dns/azure-dns.go
+++ b/internal/pkg/core/applicant/acme-dns-01/lego-providers/azure-dns/azure-dns.go
@ -6,7 +6,7 @@ import (
 	"github.com/go-acme/lego/v4/challenge"
 	"github.com/go-acme/lego/v4/providers/dns/azuredns"

-	azcommon "github.com/usual2970/certimate/internal/pkg/vendors/azure-sdk/common"
+	azcommon "github.com/usual2970/certimate/internal/pkg/sdk3rd/azure/common"
 )

 type ChallengeProviderConfig struct {
--- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/internal/lego.go
+++ b/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/internal/lego.go
@ -10,7 +10,7 @@ import (
 	"github.com/go-acme/lego/v4/challenge/dns01"
 	"github.com/go-acme/lego/v4/platform/config/env"

-	dnslasdk "github.com/usual2970/certimate/internal/pkg/vendors/dnsla-sdk"
+	dnslasdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dnsla"
 )

 const (
--- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/internal/lego.go
+++ b/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/internal/lego.go
@ -9,7 +9,7 @@ import (
 	"github.com/go-acme/lego/v4/challenge/dns01"
 	"github.com/go-acme/lego/v4/platform/config/env"

-	gnamesdk "github.com/usual2970/certimate/internal/pkg/vendors/gname-sdk"
+	gnamesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/gname"
 )

 const (
--- a/internal/pkg/core/deployer/deployer.go
+++ b/internal/pkg/core/deployer/deployer.go
@ -14,13 +14,13 @@ type Deployer interface {
 	//
 	// 入参：
 	//   - ctx：上下文。
-	//   - certPem：证书 PEM 内容。
-	//   - privkeyPem：私钥 PEM 内容。
+	//   - certPEM：证书 PEM 内容。
+	//   - privkeyPEM：私钥 PEM 内容。
 	//
 	// 出参：
 	//   - res：部署结果。
 	//   - err: 错误。
-	Deploy(ctx context.Context, certPem string, privkeyPem string) (res *DeployResult, err error)
+	Deploy(ctx context.Context, certPEM string, privkeyPEM string) (res *DeployResult, err error)
 }

 // 表示证书部署结果的数据结构。
--- a/internal/pkg/core/deployer/providers/1panel-console/1panel_console.go
+++ b/internal/pkg/core/deployer/providers/1panel-console/1panel_console.go
@ -10,7 +10,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	opsdk "github.com/usual2970/certimate/internal/pkg/vendors/1panel-sdk"
+	opsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel"
 )

 type DeployerConfig struct {
@ -58,11 +58,11 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 设置面板 SSL 证书
 	updateSystemSSLReq := &opsdk.UpdateSystemSSLRequest{
-		Cert:    certPem,
-		Key:     privkeyPem,
+		Cert:    certPEM,
+		Key:     privkeyPEM,
 		SSL:     "enable",
 		SSLType: "import-paste",
 	}
--- a/internal/pkg/core/deployer/providers/1panel-site/1panel_site.go
+++ b/internal/pkg/core/deployer/providers/1panel-site/1panel_site.go
@ -14,7 +14,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/1panel-ssl"
-	opsdk "github.com/usual2970/certimate/internal/pkg/vendors/1panel-sdk"
+	opsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel"
 )

 type DeployerConfig struct {
@ -79,16 +79,16 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 根据部署资源类型决定部署方式
 	switch d.config.ResourceType {
 	case RESOURCE_TYPE_WEBSITE:
-		if err := d.deployToWebsite(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToWebsite(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

 	case RESOURCE_TYPE_CERTIFICATE:
-		if err := d.deployToCertificate(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

@ -99,7 +99,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	return &deployer.DeployResult{}, nil
 }

-func (d *DeployerProvider) deployToWebsite(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToWebsite(ctx context.Context, certPEM string, privkeyPEM string) error {
 	if d.config.WebsiteId == 0 {
 		return errors.New("config `websiteId` is required")
 	}
@ -115,7 +115,7 @@ func (d *DeployerProvider) deployToWebsite(ctx context.Context, certPem string,
 	}

 	// 上传证书到面板
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
@ -143,7 +143,7 @@ func (d *DeployerProvider) deployToWebsite(ctx context.Context, certPem string,
 	return nil
 }

-func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error {
 	if d.config.CertificateId == 0 {
 		return errors.New("config `certificateId` is required")
 	}
@ -163,8 +163,8 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
 		Type:        "paste",
 		SSLID:       d.config.CertificateId,
 		Description: getWebsiteSSLResp.Data.Description,
-		Certificate: certPem,
-		PrivateKey:  privkeyPem,
+		Certificate: certPEM,
+		PrivateKey:  privkeyPEM,
 	}
 	uploadWebsiteSSLResp, err := d.sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq)
 	d.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp))
--- a/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go
+++ b/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go
@ -88,9 +88,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 CAS
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw.go
+++ b/internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw.go
@ -84,15 +84,15 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	switch d.config.ServiceType {
 	case SERVICE_TYPE_TRADITIONAL:
-		if err := d.deployToTraditional(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToTraditional(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

 	case SERVICE_TYPE_CLOUDNATIVE:
-		if err := d.deployToCloudNative(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToCloudNative(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

@ -103,7 +103,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	return &deployer.DeployResult{}, nil
 }

-func (d *DeployerProvider) deployToTraditional(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToTraditional(ctx context.Context, certPEM string, privkeyPEM string) error {
 	if d.config.GroupId == "" {
 		return errors.New("config `groupId` is required")
 	}
@ -117,8 +117,8 @@ func (d *DeployerProvider) deployToTraditional(ctx context.Context, certPem stri
 		GroupId:               tea.String(d.config.GroupId),
 		DomainName:            tea.String(d.config.Domain),
 		CertificateName:       tea.String(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())),
-		CertificateBody:       tea.String(certPem),
-		CertificatePrivateKey: tea.String(privkeyPem),
+		CertificateBody:       tea.String(certPEM),
+		CertificatePrivateKey: tea.String(privkeyPEM),
 	}
 	setDomainCertificateResp, err := d.sdkClients.TraditionalAPIGateway.SetDomainCertificate(setDomainCertificateReq)
 	d.logger.Debug("sdk request 'apigateway.SetDomainCertificate'", slog.Any("request", setDomainCertificateReq), slog.Any("response", setDomainCertificateResp))
@ -129,7 +129,7 @@ func (d *DeployerProvider) deployToTraditional(ctx context.Context, certPem stri
 	return nil
 }

-func (d *DeployerProvider) deployToCloudNative(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToCloudNative(ctx context.Context, certPEM string, privkeyPEM string) error {
 	if d.config.GatewayId == "" {
 		return errors.New("config `gatewayId` is required")
 	}
@ -188,7 +188,7 @@ func (d *DeployerProvider) deployToCloudNative(ctx context.Context, certPem stri
 	}

 	// 上传证书到 CAS
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go
+++ b/internal/pkg/core/deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go
@ -78,13 +78,13 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if len(d.config.ResourceIds) == 0 {
 		return nil, errors.New("config `resourceIds` is required")
 	}

 	// 上传证书到 CAS
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/aliyun-cas/aliyun_cas.go
+++ b/internal/pkg/core/deployer/providers/aliyun-cas/aliyun_cas.go
@ -59,9 +59,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 CAS
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn.go
+++ b/internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn.go
@ -58,7 +58,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// "*.example.com" → ".example.com"，适配阿里云 CDN 要求的泛域名格式
 	domain := strings.TrimPrefix(d.config.Domain, "*")

@ -69,8 +69,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 		CertName:    tea.String(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())),
 		CertType:    tea.String("upload"),
 		SSLProtocol: tea.String("on"),
-		SSLPub:      tea.String(certPem),
-		SSLPri:      tea.String(privkeyPem),
+		SSLPub:      tea.String(certPEM),
+		SSLPri:      tea.String(privkeyPEM),
 	}
 	setCdnDomainSSLCertificateResp, err := d.sdkClient.SetCdnDomainSSLCertificate(setCdnDomainSSLCertificateReq)
 	d.logger.Debug("sdk request 'cdn.SetCdnDomainSSLCertificate'", slog.Any("request", setCdnDomainSSLCertificateReq), slog.Any("response", setCdnDomainSSLCertificateResp))
--- a/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go
+++ b/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go
@ -82,9 +82,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 SLB
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn.go
+++ b/internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn.go
@ -58,7 +58,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// "*.example.com" → ".example.com"，适配阿里云 DCDN 要求的泛域名格式
 	domain := strings.TrimPrefix(d.config.Domain, "*")

@ -69,8 +69,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 		CertName:    tea.String(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())),
 		CertType:    tea.String("upload"),
 		SSLProtocol: tea.String("on"),
-		SSLPub:      tea.String(certPem),
-		SSLPri:      tea.String(privkeyPem),
+		SSLPub:      tea.String(certPEM),
+		SSLPri:      tea.String(privkeyPEM),
 	}
 	setDcdnDomainSSLCertificateResp, err := d.sdkClient.SetDcdnDomainSSLCertificate(setDcdnDomainSSLCertificateReq)
 	d.logger.Debug("sdk request 'dcdn.SetDcdnDomainSSLCertificate'", slog.Any("request", setDcdnDomainSSLCertificateReq), slog.Any("response", setDcdnDomainSSLCertificateResp))
--- a/internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa.go
+++ b/internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa.go
@ -71,13 +71,13 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.SiteId == 0 {
 		return nil, errors.New("config `siteId` is required")
 	}

 	// 上传证书到 CAS
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc.go
+++ b/internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc.go
@ -67,15 +67,15 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	switch d.config.ServiceVersion {
 	case "3", "3.0":
-		if err := d.deployToFC3(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToFC3(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

 	case "2", "2.0":
-		if err := d.deployToFC2(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToFC2(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

@ -86,7 +86,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	return &deployer.DeployResult{}, nil
 }

-func (d *DeployerProvider) deployToFC3(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToFC3(ctx context.Context, certPEM string, privkeyPEM string) error {
 	// 获取自定义域名
 	// REF: https://help.aliyun.com/zh/functioncompute/fc-3-0/developer-reference/api-fc-2023-03-30-getcustomdomain
 	getCustomDomainResp, err := d.sdkClients.FC3.GetCustomDomain(tea.String(d.config.Domain))
@ -101,8 +101,8 @@ func (d *DeployerProvider) deployToFC3(ctx context.Context, certPem string, priv
 		Body: &alifc3.UpdateCustomDomainInput{
 			CertConfig: &alifc3.CertConfig{
 				CertName:    tea.String(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())),
-				Certificate: tea.String(certPem),
-				PrivateKey:  tea.String(privkeyPem),
+				Certificate: tea.String(certPEM),
+				PrivateKey:  tea.String(privkeyPEM),
 			},
 			Protocol:  getCustomDomainResp.Body.Protocol,
 			TlsConfig: getCustomDomainResp.Body.TlsConfig,
@ -117,7 +117,7 @@ func (d *DeployerProvider) deployToFC3(ctx context.Context, certPem string, priv
 	return nil
 }

-func (d *DeployerProvider) deployToFC2(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToFC2(ctx context.Context, certPEM string, privkeyPEM string) error {
 	// 获取自定义域名
 	// REF: https://help.aliyun.com/zh/functioncompute/fc-2-0/developer-reference/api-fc-open-2021-04-06-getcustomdomain
 	getCustomDomainResp, err := d.sdkClients.FC2.GetCustomDomain(tea.String(d.config.Domain))
@ -131,8 +131,8 @@ func (d *DeployerProvider) deployToFC2(ctx context.Context, certPem string, priv
 	updateCustomDomainReq := &alifc2.UpdateCustomDomainRequest{
 		CertConfig: &alifc2.CertConfig{
 			CertName:    tea.String(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())),
-			Certificate: tea.String(certPem),
-			PrivateKey:  tea.String(privkeyPem),
+			Certificate: tea.String(certPEM),
+			PrivateKey:  tea.String(privkeyPEM),
 		},
 		Protocol:  getCustomDomainResp.Body.Protocol,
 		TlsConfig: getCustomDomainResp.Body.TlsConfig,
--- a/internal/pkg/core/deployer/providers/aliyun-live/aliyun_live.go
+++ b/internal/pkg/core/deployer/providers/aliyun-live/aliyun_live.go
@ -60,7 +60,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// "*.example.com" → ".example.com"，适配阿里云 Live 要求的泛域名格式
 	domain := strings.TrimPrefix(d.config.Domain, "*")

@ -71,8 +71,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 		CertName:    tea.String(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())),
 		CertType:    tea.String("upload"),
 		SSLProtocol: tea.String("on"),
-		SSLPub:      tea.String(certPem),
-		SSLPri:      tea.String(privkeyPem),
+		SSLPub:      tea.String(certPEM),
+		SSLPri:      tea.String(privkeyPEM),
 	}
 	setLiveDomainSSLCertificateResp, err := d.sdkClient.SetLiveDomainCertificate(setLiveDomainSSLCertificateReq)
 	d.logger.Debug("sdk request 'live.SetLiveDomainCertificate'", slog.Any("request", setLiveDomainSSLCertificateReq), slog.Any("response", setLiveDomainSSLCertificateResp))
--- a/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go
+++ b/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go
@ -76,9 +76,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 CAS
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss.go
+++ b/internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss.go
@ -59,7 +59,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.Bucket == "" {
 		return nil, errors.New("config `bucket` is required")
 	}
@ -72,8 +72,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	putBucketCnameWithCertificateReq := oss.PutBucketCname{
 		Cname: d.config.Domain,
 		CertificateConfiguration: &oss.CertificateConfiguration{
-			Certificate: certPem,
-			PrivateKey:  privkeyPem,
+			Certificate: certPEM,
+			PrivateKey:  privkeyPEM,
 			Force:       true,
 		},
 	}
--- a/internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod.go
+++ b/internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod.go
@ -59,7 +59,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 设置域名证书
 	// REF: https://help.aliyun.com/zh/vod/developer-reference/api-vod-2017-03-21-setvoddomainsslcertificate
 	setVodDomainSSLCertificateReq := &alivod.SetVodDomainSSLCertificateRequest{
@ -67,8 +67,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 		CertName:    tea.String(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())),
 		CertType:    tea.String("upload"),
 		SSLProtocol: tea.String("on"),
-		SSLPub:      tea.String(certPem),
-		SSLPri:      tea.String(privkeyPem),
+		SSLPub:      tea.String(certPEM),
+		SSLPri:      tea.String(privkeyPEM),
 	}
 	setVodDomainSSLCertificateResp, err := d.sdkClient.SetVodDomainSSLCertificate(setVodDomainSSLCertificateReq)
 	d.logger.Debug("sdk request 'live.SetVodDomainSSLCertificate'", slog.Any("request", setVodDomainSSLCertificateReq), slog.Any("response", setVodDomainSSLCertificateResp))
--- a/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go
+++ b/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go
@ -15,7 +15,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
-	"github.com/usual2970/certimate/internal/pkg/utils/sliceutil"
+	sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice"
 )

 type DeployerConfig struct {
@ -75,14 +75,14 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.InstanceId == "" {
 		return nil, errors.New("config `instanceId` is required")
 	}

 	switch d.config.ServiceVersion {
 	case "3", "3.0":
-		if err := d.deployToWAF3(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToWAF3(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

@ -93,9 +93,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	return &deployer.DeployResult{}, nil
 }

-func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPEM string, privkeyPEM string) error {
 	// 上传证书到 CAS
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/aws-acm/aws_acm.go
+++ b/internal/pkg/core/deployer/providers/aws-acm/aws_acm.go
@ -59,9 +59,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 ACM
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go
+++ b/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go
@ -74,13 +74,13 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.DistributionId == "" {
 		return nil, errors.New("config `distribuitionId` is required")
 	}

 	// 上传证书到 ACM
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/azure-keyvault/azure_keyvault.go
+++ b/internal/pkg/core/deployer/providers/azure-keyvault/azure_keyvault.go
@ -17,8 +17,8 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/azure-keyvault"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
-	azcommon "github.com/usual2970/certimate/internal/pkg/vendors/azure-sdk/common"
+	azcommon "github.com/usual2970/certimate/internal/pkg/sdk3rd/azure/common"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type DeployerConfig struct {
@ -85,22 +85,22 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 解析证书内容
-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}

 	// 转换证书格式
-	certPfx, err := certutil.TransformCertificateFromPEMToPFX(certPem, privkeyPem, "")
+	certPFX, err := certutil.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, "")
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to transform certificate from PEM to PFX")
 	}

 	if d.config.CertificateName == "" {
 		// 上传证书到 KeyVault
-		upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+		upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 		if err != nil {
 			return nil, xerrors.Wrap(err, "failed to upload certificate file")
 		} else {
@ -128,7 +128,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 		// 导入证书
 		// REF: https://learn.microsoft.com/en-us/rest/api/keyvault/certificates/import-certificate/import-certificate
 		importCertificateParams := azcertificates.ImportCertificateParameters{
-			Base64EncodedCertificate: to.Ptr(base64.StdEncoding.EncodeToString(certPfx)),
+			Base64EncodedCertificate: to.Ptr(base64.StdEncoding.EncodeToString(certPFX)),
 			CertificatePolicy: &azcertificates.CertificatePolicy{
 				SecretProperties: &azcertificates.SecretProperties{
 					ContentType: to.Ptr("application/x-pkcs12"),
--- a/internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb.go
+++ b/internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb.go
@ -15,7 +15,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/baiducloud-cert"
-	"github.com/usual2970/certimate/internal/pkg/utils/sliceutil"
+	sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice"
 )

 type DeployerConfig struct {
@ -82,9 +82,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 CAS
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb.go
+++ b/internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb.go
@ -15,7 +15,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/baiducloud-cert"
-	"github.com/usual2970/certimate/internal/pkg/utils/sliceutil"
+	sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice"
 )

 type DeployerConfig struct {
@ -82,9 +82,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 CAS
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn.go
+++ b/internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn.go
@ -56,15 +56,15 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 修改域名证书
 	// REF: https://cloud.baidu.com/doc/CDN/s/qjzuz2hp8
 	putCertResp, err := d.sdkClient.PutCert(
 		d.config.Domain,
 		&bcecdnapi.UserCertificate{
 			CertName:    fmt.Sprintf("certimate-%d", time.Now().UnixMilli()),
-			ServerData:  certPem,
-			PrivateData: privkeyPem,
+			ServerData:  certPEM,
+			PrivateData: privkeyPEM,
 		},
 		"ON",
 	)
--- a/internal/pkg/core/deployer/providers/baiducloud-cert/baiducloud_cert.go
+++ b/internal/pkg/core/deployer/providers/baiducloud-cert/baiducloud_cert.go
@ -55,9 +55,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 CAS
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go
+++ b/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go
@ -13,7 +13,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	bssdk "github.com/usual2970/certimate/internal/pkg/vendors/baishan-sdk"
+	bssdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/baishan"
 )

 type DeployerConfig struct {
@ -60,7 +60,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.Domain == "" {
 		return nil, errors.New("config `domain` is required")
 	}
@ -70,8 +70,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 		// REF: https://portal.baishancloud.com/track/document/downloadPdf/1441
 		certificateId := ""
 		createCertificateReq := &bssdk.CreateCertificateRequest{
-			Certificate: certPem,
-			Key:         privkeyPem,
+			Certificate: certPEM,
+			Key:         privkeyPEM,
 			Name:        fmt.Sprintf("certimate_%d", time.Now().UnixMilli()),
 		}
 		createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq)
@ -129,8 +129,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 		// REF: https://portal.baishancloud.com/track/document/downloadPdf/1441
 		createCertificateReq := &bssdk.CreateCertificateRequest{
 			CertificateId: &d.config.CertificateId,
-			Certificate:   certPem,
-			Key:           privkeyPem,
+			Certificate:   certPEM,
+			Key:           privkeyPEM,
 			Name:          fmt.Sprintf("certimate_%d", time.Now().UnixMilli()),
 		}
 		createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq)
--- a/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console.go
+++ b/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console.go
@ -10,7 +10,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	btsdk "github.com/usual2970/certimate/internal/pkg/vendors/btpanel-sdk"
+	btsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/btpanel"
 )

 type DeployerConfig struct {
@ -58,11 +58,11 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 设置面板 SSL 证书
 	configSavePanelSSLReq := &btsdk.ConfigSavePanelSSLRequest{
-		PrivateKey:  privkeyPem,
-		Certificate: certPem,
+		PrivateKey:  privkeyPEM,
+		Certificate: certPEM,
 	}
 	configSavePanelSSLResp, err := d.sdkClient.ConfigSavePanelSSL(configSavePanelSSLReq)
 	d.logger.Debug("sdk request 'bt.ConfigSavePanelSSL'", slog.Any("request", configSavePanelSSLReq), slog.Any("response", configSavePanelSSLResp))
--- a/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site.go
+++ b/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site.go
@ -11,8 +11,8 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/utils/sliceutil"
-	btsdk "github.com/usual2970/certimate/internal/pkg/vendors/btpanel-sdk"
+	btsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/btpanel"
+	sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice"
 )

 type DeployerConfig struct {
@ -64,7 +64,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	switch d.config.SiteType {
 	case "php":
 		{
@ -76,8 +76,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 			siteSetSSLReq := &btsdk.SiteSetSSLRequest{
 				SiteName:    d.config.SiteName,
 				Type:        "0",
-				Certificate: certPem,
-				PrivateKey:  privkeyPem,
+				Certificate: certPEM,
+				PrivateKey:  privkeyPEM,
 			}
 			siteSetSSLResp, err := d.sdkClient.SiteSetSSL(siteSetSSLReq)
 			d.logger.Debug("sdk request 'bt.SiteSetSSL'", slog.Any("request", siteSetSSLReq), slog.Any("response", siteSetSSLResp))
@ -94,8 +94,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe

 			// 上传证书
 			sslCertSaveCertReq := &btsdk.SSLCertSaveCertRequest{
-				Certificate: certPem,
-				PrivateKey:  privkeyPem,
+				Certificate: certPEM,
+				PrivateKey:  privkeyPEM,
 			}
 			sslCertSaveCertResp, err := d.sdkClient.SSLCertSaveCert(sslCertSaveCertReq)
 			d.logger.Debug("sdk request 'bt.SSLCertSaveCert'", slog.Any("request", sslCertSaveCertReq), slog.Any("response", sslCertSaveCertResp))
--- a/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn.go
+++ b/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn.go
@ -8,16 +8,16 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	bunnysdk "github.com/usual2970/certimate/internal/pkg/vendors/bunny-sdk"
+	bunnysdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/bunny"
 )

 type DeployerConfig struct {
-	// Bunny API Key
+	// Bunny API Key。
 	ApiKey string `json:"apiKey"`
-	// Bunny Pull Zone ID
+	// Bunny Pull Zone ID。
 	PullZoneId string `json:"pullZoneId"`
-	// Bunny CDN Hostname（支持泛域名）
-	HostName string `json:"hostName"`
+	// Bunny CDN Hostname（支持泛域名）。
+	Hostname string `json:"hostname"`
 }

 type DeployerProvider struct {
@ -49,21 +49,18 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
-	// Prepare
-	certPemBase64 := base64.StdEncoding.EncodeToString([]byte(certPem))
-	privkeyPemBase64 := base64.StdEncoding.EncodeToString([]byte(privkeyPem))
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书
 	createCertificateReq := &bunnysdk.AddCustomCertificateRequest{
-		Hostname:       d.config.HostName,
+		Hostname:       d.config.Hostname,
 		PullZoneId:     d.config.PullZoneId,
-		Certificate:    certPemBase64,
-		CertificateKey: privkeyPemBase64,
+		Certificate:    base64.StdEncoding.EncodeToString([]byte(certPEM)),
+		CertificateKey: base64.StdEncoding.EncodeToString([]byte(privkeyPEM)),
 	}
 	createCertificateResp, err := d.sdkClient.AddCustomCertificate(createCertificateReq)
-	d.logger.Debug("sdk request 'bunny-cdn.AddCustomCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
+	d.logger.Debug("sdk request 'bunny.AddCustomCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
 	if err != nil {
-		return nil, xerrors.Wrap(err, "failed to execute sdk request 'bunny-cdn.AddCustomCertificate'")
+		return nil, xerrors.Wrap(err, "failed to execute sdk request 'bunny.AddCustomCertificate'")
 	}

 	return &deployer.DeployResult{}, nil
--- a/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn_test.go
+++ b/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn_test.go
@ -55,7 +55,7 @@ func TestDeploy(t *testing.T) {
 		deployer, err := provider.NewDeployer(&provider.DeployerConfig{
 			ApiKey:     fApiKey,
 			PullZoneId: fPullZoneId,
-			HostName:   fHostName,
+			Hostname:   fHostName,
 		})
 		if err != nil {
 			t.Errorf("err: %+v", err)
--- a/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go
+++ b/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go
@ -67,9 +67,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 CDN
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/cachefly/cachefly.go
+++ b/internal/pkg/core/deployer/providers/cachefly/cachefly.go
@ -8,7 +8,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	cfsdk "github.com/usual2970/certimate/internal/pkg/vendors/cachefly-sdk"
+	cfsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/cachefly"
 )

 type DeployerConfig struct {
@ -50,11 +50,11 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书
 	createCertificateReq := &cfsdk.CreateCertificateRequest{
-		Certificate:    certPem,
-		CertificateKey: privkeyPem,
+		Certificate:    certPEM,
+		CertificateKey: privkeyPEM,
 	}
 	createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq)
 	d.logger.Debug("sdk request 'cachefly.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
--- a/internal/pkg/core/deployer/providers/cdnfly/cdnfly.go
+++ b/internal/pkg/core/deployer/providers/cdnfly/cdnfly.go
@ -12,7 +12,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	cfsdk "github.com/usual2970/certimate/internal/pkg/vendors/cdnfly-sdk"
+	cfsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/cdnfly"
 )

 type DeployerConfig struct {
@ -66,16 +66,16 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 根据部署资源类型决定部署方式
 	switch d.config.ResourceType {
 	case RESOURCE_TYPE_SITE:
-		if err := d.deployToSite(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToSite(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

 	case RESOURCE_TYPE_CERTIFICATE:
-		if err := d.deployToCertificate(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

@ -86,7 +86,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	return &deployer.DeployResult{}, nil
 }

-func (d *DeployerProvider) deployToSite(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToSite(ctx context.Context, certPEM string, privkeyPEM string) error {
 	if d.config.SiteId == "" {
 		return errors.New("config `siteId` is required")
 	}
@ -107,8 +107,8 @@ func (d *DeployerProvider) deployToSite(ctx context.Context, certPem string, pri
 	createCertificateReq := &cfsdk.CreateCertificateRequest{
 		Name: fmt.Sprintf("certimate-%d", time.Now().UnixMilli()),
 		Type: "custom",
-		Cert: certPem,
-		Key:  privkeyPem,
+		Cert: certPEM,
+		Key:  privkeyPEM,
 	}
 	createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq)
 	d.logger.Debug("sdk request 'cdnfly.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
@ -136,7 +136,7 @@ func (d *DeployerProvider) deployToSite(ctx context.Context, certPem string, pri
 	return nil
 }

-func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error {
 	if d.config.CertificateId == "" {
 		return errors.New("config `certificateId` is required")
 	}
@ -147,8 +147,8 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
 	updateCertificateReq := &cfsdk.UpdateCertificateRequest{
 		Id:   d.config.CertificateId,
 		Type: &updateCertificateType,
-		Cert: &certPem,
-		Key:  &privkeyPem,
+		Cert: &certPEM,
+		Key:  &privkeyPEM,
 	}
 	updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq)
 	d.logger.Debug("sdk request 'cdnfly.UpdateCertificate'", slog.Any("request", updateCertificateReq), slog.Any("response", updateCertificateResp))
--- a/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go
+++ b/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go
@ -10,7 +10,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/dogecloud"
-	dogesdk "github.com/usual2970/certimate/internal/pkg/vendors/dogecloud-sdk"
+	dogesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dogecloud"
 )

 type DeployerConfig struct {
@ -64,9 +64,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 CDN
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/edgio-applications/edgio_applications.go
+++ b/internal/pkg/core/deployer/providers/edgio-applications/edgio_applications.go
@ -9,7 +9,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type DeployerConfig struct {
@ -55,9 +55,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 提取 Edgio 所需的服务端证书和中间证书内容
-	privateCertPem, intermediateCertPem, err := certutil.ExtractCertificatesFromPEM(certPem)
+	privateCertPEM, intermediateCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}
@ -66,9 +66,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	// REF: https://docs.edg.io/rest_api/#tag/tls-certs/operation/postConfigV01TlsCerts
 	uploadTlsCertReq := edgiodtos.UploadTlsCertRequest{
 		EnvironmentID:    d.config.EnvironmentId,
-		PrimaryCert:      privateCertPem,
-		IntermediateCert: intermediateCertPem,
-		PrivateKey:       privkeyPem,
+		PrimaryCert:      privateCertPEM,
+		IntermediateCert: intermediateCertPEM,
+		PrivateKey:       privkeyPEM,
 	}
 	uploadTlsCertResp, err := d.sdkClient.UploadTlsCert(uploadTlsCertReq)
 	d.logger.Debug("sdk request 'edgio.UploadTlsCert'", slog.Any("request", uploadTlsCertReq), slog.Any("response", uploadTlsCertResp))
--- a/internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn.go
+++ b/internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn.go
@ -13,7 +13,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/gcore-cdn"
-	gcoresdk "github.com/usual2970/certimate/internal/pkg/vendors/gcore-sdk/common"
+	gcoresdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/gcore/common"
 )

 type DeployerConfig struct {
@ -67,13 +67,13 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.ResourceId == 0 {
 		return nil, errors.New("config `resourceId` is required")
 	}

 	// 上传证书到 CDN
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go
+++ b/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go
@ -13,7 +13,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-scm"
-	hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
+	hwsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/huaweicloud"
 )

 type DeployerConfig struct {
@ -76,9 +76,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 SCM
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go
+++ b/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go
@ -20,7 +20,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-elb"
-	hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
+	hwsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/huaweicloud"
 )

 type DeployerConfig struct {
@ -89,21 +89,21 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 根据部署资源类型决定部署方式
 	switch d.config.ResourceType {
 	case RESOURCE_TYPE_CERTIFICATE:
-		if err := d.deployToCertificate(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

 	case RESOURCE_TYPE_LOADBALANCER:
-		if err := d.deployToLoadbalancer(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToLoadbalancer(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

 	case RESOURCE_TYPE_LISTENER:
-		if err := d.deployToListener(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToListener(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

@ -114,7 +114,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	return &deployer.DeployResult{}, nil
 }

-func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error {
 	if d.config.CertificateId == "" {
 		return errors.New("config `certificateId` is required")
 	}
@ -125,8 +125,8 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
 		CertificateId: d.config.CertificateId,
 		Body: &hcelbmodel.UpdateCertificateRequestBody{
 			Certificate: &hcelbmodel.UpdateCertificateOption{
-				Certificate: hwsdk.StringPtr(certPem),
-				PrivateKey:  hwsdk.StringPtr(privkeyPem),
+				Certificate: hwsdk.StringPtr(certPEM),
+				PrivateKey:  hwsdk.StringPtr(privkeyPEM),
 			},
 		},
 	}
@ -139,7 +139,7 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
 	return nil
 }

-func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPEM string, privkeyPEM string) error {
 	if d.config.LoadbalancerId == "" {
 		return errors.New("config `loadbalancerId` is required")
 	}
@ -187,7 +187,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPem str
 	}

 	// 上传证书到 SCM
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
@ -215,13 +215,13 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPem str
 	return nil
 }

-func (d *DeployerProvider) deployToListener(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToListener(ctx context.Context, certPEM string, privkeyPEM string) error {
 	if d.config.ListenerId == "" {
 		return errors.New("config `listenerId` is required")
 	}

 	// 上传证书到 SCM
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/huaweicloud-scm/huaweicloud_scm.go
+++ b/internal/pkg/core/deployer/providers/huaweicloud-scm/huaweicloud_scm.go
@ -56,9 +56,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 SCM
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf.go
+++ b/internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf.go
@ -20,7 +20,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-waf"
-	hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
+	hwsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/huaweicloud"
 )

 type DeployerConfig struct {
@ -86,9 +86,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 WAF
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
@ -98,17 +98,17 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	// 根据部署资源类型决定部署方式
 	switch d.config.ResourceType {
 	case RESOURCE_TYPE_CERTIFICATE:
-		if err := d.deployToCertificate(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

 	case RESOURCE_TYPE_CLOUDSERVER:
-		if err := d.deployToCloudServer(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToCloudServer(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

 	case RESOURCE_TYPE_PREMIUMHOST:
-		if err := d.deployToPremiumHost(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToPremiumHost(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

@ -119,7 +119,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	return &deployer.DeployResult{}, nil
 }

-func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error {
 	if d.config.CertificateId == "" {
 		return errors.New("config `certificateId` is required")
 	}
@ -141,8 +141,8 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
 		CertificateId: d.config.CertificateId,
 		Body: &hcwafmodel.UpdateCertificateRequestBody{
 			Name:    *showCertificateResp.Name,
-			Content: hwsdk.StringPtr(certPem),
-			Key:     hwsdk.StringPtr(privkeyPem),
+			Content: hwsdk.StringPtr(certPEM),
+			Key:     hwsdk.StringPtr(privkeyPEM),
 		},
 	}
 	updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq)
@ -154,13 +154,13 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
 	return nil
 }

-func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPEM string, privkeyPEM string) error {
 	if d.config.Domain == "" {
 		return errors.New("config `domain` is required")
 	}

 	// 上传证书到 WAF
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
@ -221,13 +221,13 @@ func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPem stri
 	return nil
 }

-func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPEM string, privkeyPEM string) error {
 	if d.config.Domain == "" {
 		return errors.New("config `domain` is required")
 	}

 	// 上传证书到 WAF
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb.go
+++ b/internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb.go
@ -17,7 +17,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/jdcloud-ssl"
-	"github.com/usual2970/certimate/internal/pkg/utils/sliceutil"
+	sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice"
 )

 type DeployerConfig struct {
@ -85,9 +85,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn.go
+++ b/internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn.go
@ -68,7 +68,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 查询域名配置信息
 	// REF: https://docs.jdcloud.com/cn/cdn/api/querydomainconfig
 	queryDomainConfigReq := jdcdnapi.NewQueryDomainConfigRequest(d.config.Domain)
@ -79,7 +79,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	}

 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
@ -90,8 +90,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	// REF: https://docs.jdcloud.com/cn/cdn/api/sethttptype
 	setHttpTypeReq := jdcdnapi.NewSetHttpTypeRequest(d.config.Domain)
 	setHttpTypeReq.SetHttpType("https")
-	setHttpTypeReq.SetCertificate(certPem)
-	setHttpTypeReq.SetRsaKey(privkeyPem)
+	setHttpTypeReq.SetCertificate(certPEM)
+	setHttpTypeReq.SetRsaKey(privkeyPEM)
 	setHttpTypeReq.SetCertFrom("ssl")
 	setHttpTypeReq.SetSslCertId(upres.CertId)
 	setHttpTypeReq.SetJumpType(queryDomainConfigResp.Result.HttpsJumpType)
--- a/internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live.go
+++ b/internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live.go
@ -55,12 +55,12 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 设置直播证书
 	// REF: https://docs.jdcloud.com/cn/live-video/api/setlivedomaincertificate
 	setLiveDomainCertificateReq := jdliveapi.NewSetLiveDomainCertificateRequest(d.config.Domain, "on")
-	setLiveDomainCertificateReq.SetCert(certPem)
-	setLiveDomainCertificateReq.SetKey(privkeyPem)
+	setLiveDomainCertificateReq.SetCert(certPEM)
+	setLiveDomainCertificateReq.SetKey(privkeyPEM)
 	setLiveDomainCertificateResp, err := d.sdkClient.SetLiveDomainCertificate(setLiveDomainCertificateReq)
 	d.logger.Debug("sdk request 'live.SetLiveDomainCertificate'", slog.Any("request", setLiveDomainCertificateReq), slog.Any("response", setLiveDomainCertificateResp))
 	if err != nil {
--- a/internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod.go
+++ b/internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod.go
@ -58,7 +58,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 查询域名列表
 	// REF: https://docs.jdcloud.com/cn/video-on-demand/api/listdomains
 	var domainId int
@ -104,8 +104,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	// REF: https://docs.jdcloud.com/cn/video-on-demand/api/sethttpssl
 	setHttpSslReq := jdvodapi.NewSetHttpSslRequest(domainId)
 	setHttpSslReq.SetTitle(fmt.Sprintf("certimate-%d", time.Now().UnixMilli()))
-	setHttpSslReq.SetSslCert(certPem)
-	setHttpSslReq.SetSslKey(privkeyPem)
+	setHttpSslReq.SetSslCert(certPEM)
+	setHttpSslReq.SetSslKey(privkeyPEM)
 	setHttpSslReq.SetSource("default")
 	setHttpSslReq.SetJumpType(getHttpSslResp.Result.JumpType)
 	setHttpSslReq.SetEnabled(true)
--- a/internal/pkg/core/deployer/providers/k8s-secret/k8s_secret.go
+++ b/internal/pkg/core/deployer/providers/k8s-secret/k8s_secret.go
@ -14,7 +14,7 @@ import (
 	"k8s.io/client-go/tools/clientcmd"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type DeployerConfig struct {
@ -59,7 +59,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.Namespace == "" {
 		return nil, errors.New("config `namespace` is required")
 	}
@ -76,7 +76,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 		return nil, errors.New("config `secretDataKeyForKey` is required")
 	}

-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}
@ -111,8 +111,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 			Type: k8score.SecretType(d.config.SecretType),
 		}
 		secretPayload.Data = make(map[string][]byte)
-		secretPayload.Data[d.config.SecretDataKeyForCrt] = []byte(certPem)
-		secretPayload.Data[d.config.SecretDataKeyForKey] = []byte(privkeyPem)
+		secretPayload.Data[d.config.SecretDataKeyForCrt] = []byte(certPEM)
+		secretPayload.Data[d.config.SecretDataKeyForKey] = []byte(privkeyPEM)

 		secretPayload, err = client.CoreV1().Secrets(d.config.Namespace).Create(context.TODO(), secretPayload, k8smeta.CreateOptions{})
 		d.logger.Debug("k8s operate 'Secrets.Create'", slog.String("namespace", d.config.Namespace), slog.Any("secret", secretPayload))
@ -135,8 +135,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	if secretPayload.Data == nil {
 		secretPayload.Data = make(map[string][]byte)
 	}
-	secretPayload.Data[d.config.SecretDataKeyForCrt] = []byte(certPem)
-	secretPayload.Data[d.config.SecretDataKeyForKey] = []byte(privkeyPem)
+	secretPayload.Data[d.config.SecretDataKeyForCrt] = []byte(certPEM)
+	secretPayload.Data[d.config.SecretDataKeyForKey] = []byte(privkeyPEM)
 	secretPayload, err = client.CoreV1().Secrets(d.config.Namespace).Update(context.TODO(), secretPayload, k8smeta.UpdateOptions{})
 	d.logger.Debug("k8s operate 'Secrets.Update'", slog.String("namespace", d.config.Namespace), slog.Any("secret", secretPayload))
 	if err != nil {
--- a/internal/pkg/core/deployer/providers/local/local.go
+++ b/internal/pkg/core/deployer/providers/local/local.go
@ -11,8 +11,8 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
-	"github.com/usual2970/certimate/internal/pkg/utils/fileutil"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
+	fileutil "github.com/usual2970/certimate/internal/pkg/utils/file"
 )

 type DeployerConfig struct {
@ -70,7 +70,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 执行前置命令
 	if d.config.PreCommand != "" {
 		stdout, stderr, err := execCommand(d.config.ShellEnv, d.config.PreCommand)
@ -83,18 +83,18 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	// 写入证书和私钥文件
 	switch d.config.OutputFormat {
 	case OUTPUT_FORMAT_PEM:
-		if err := fileutil.WriteString(d.config.OutputCertPath, certPem); err != nil {
+		if err := fileutil.WriteString(d.config.OutputCertPath, certPEM); err != nil {
 			return nil, xerrors.Wrap(err, "failed to save certificate file")
 		}
 		d.logger.Info("ssl certificate file saved", slog.String("path", d.config.OutputCertPath))

-		if err := fileutil.WriteString(d.config.OutputKeyPath, privkeyPem); err != nil {
+		if err := fileutil.WriteString(d.config.OutputKeyPath, privkeyPEM); err != nil {
 			return nil, xerrors.Wrap(err, "failed to save private key file")
 		}
 		d.logger.Info("ssl private key file saved", slog.String("path", d.config.OutputKeyPath))

 	case OUTPUT_FORMAT_PFX:
-		pfxData, err := certutil.TransformCertificateFromPEMToPFX(certPem, privkeyPem, d.config.PfxPassword)
+		pfxData, err := certutil.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, d.config.PfxPassword)
 		if err != nil {
 			return nil, xerrors.Wrap(err, "failed to transform certificate to PFX")
 		}
@ -106,7 +106,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 		d.logger.Info("ssl certificate file saved", slog.String("path", d.config.OutputCertPath))

 	case OUTPUT_FORMAT_JKS:
-		jksData, err := certutil.TransformCertificateFromPEMToJKS(certPem, privkeyPem, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass)
+		jksData, err := certutil.TransformCertificateFromPEMToJKS(certPEM, privkeyPEM, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass)
 		if err != nil {
 			return nil, xerrors.Wrap(err, "failed to transform certificate to JKS")
 		}
--- a/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go
+++ b/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go
@ -11,7 +11,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/qiniu-sslcert"
-	qiniusdk "github.com/usual2970/certimate/internal/pkg/vendors/qiniu-sdk"
+	qiniusdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/qiniu"
 )

 type DeployerConfig struct {
@ -65,9 +65,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 CDN
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili.go
+++ b/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili.go
@ -65,9 +65,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 CDN
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn.go
+++ b/internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn.go
@ -11,7 +11,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/rainyun-sslcenter"
-	rainyunsdk "github.com/usual2970/certimate/internal/pkg/vendors/rainyun-sdk"
+	rainyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/rainyun"
 )

 type DeployerConfig struct {
@ -67,9 +67,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 SSL 证书
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/safeline/safeline.go
+++ b/internal/pkg/core/deployer/providers/safeline/safeline.go
@ -11,7 +11,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	safelinesdk "github.com/usual2970/certimate/internal/pkg/vendors/safeline-sdk"
+	safelinesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/safeline"
 )

 type DeployerConfig struct {
@ -62,11 +62,11 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 根据部署资源类型决定部署方式
 	switch d.config.ResourceType {
 	case RESOURCE_TYPE_CERTIFICATE:
-		if err := d.deployToCertificate(ctx, certPem, privkeyPem); err != nil {
+		if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil {
 			return nil, err
 		}

@ -77,7 +77,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	return &deployer.DeployResult{}, nil
 }

-func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem string, privkeyPem string) error {
+func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error {
 	if d.config.CertificateId == 0 {
 		return errors.New("config `certificateId` is required")
 	}
@ -87,8 +87,8 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
 		Id:   d.config.CertificateId,
 		Type: 2,
 		Manual: &safelinesdk.UpdateCertificateRequestBodyManul{
-			Crt: certPem,
-			Key: privkeyPem,
+			Crt: certPEM,
+			Key: privkeyPEM,
 		},
 	}
 	updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq)
--- a/internal/pkg/core/deployer/providers/ssh/ssh.go
+++ b/internal/pkg/core/deployer/providers/ssh/ssh.go
@ -14,7 +14,7 @@ import (
 	"golang.org/x/crypto/ssh"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type DeployerConfig struct {
@ -85,7 +85,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 连接
 	client, err := createSshClient(
 		d.config.SshHost,
@ -114,18 +114,18 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	// 上传证书和私钥文件
 	switch d.config.OutputFormat {
 	case OUTPUT_FORMAT_PEM:
-		if err := writeFileString(client, d.config.UseSCP, d.config.OutputCertPath, certPem); err != nil {
+		if err := writeFileString(client, d.config.UseSCP, d.config.OutputCertPath, certPEM); err != nil {
 			return nil, xerrors.Wrap(err, "failed to upload certificate file")
 		}
 		d.logger.Info("ssl certificate file uploaded", slog.String("path", d.config.OutputCertPath))

-		if err := writeFileString(client, d.config.UseSCP, d.config.OutputKeyPath, privkeyPem); err != nil {
+		if err := writeFileString(client, d.config.UseSCP, d.config.OutputKeyPath, privkeyPEM); err != nil {
 			return nil, xerrors.Wrap(err, "failed to upload private key file")
 		}
 		d.logger.Info("ssl private key file uploaded", slog.String("path", d.config.OutputKeyPath))

 	case OUTPUT_FORMAT_PFX:
-		pfxData, err := certutil.TransformCertificateFromPEMToPFX(certPem, privkeyPem, d.config.PfxPassword)
+		pfxData, err := certutil.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, d.config.PfxPassword)
 		if err != nil {
 			return nil, xerrors.Wrap(err, "failed to transform certificate to PFX")
 		}
@ -137,7 +137,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 		d.logger.Info("ssl certificate file uploaded", slog.String("path", d.config.OutputCertPath))

 	case OUTPUT_FORMAT_JKS:
-		jksData, err := certutil.TransformCertificateFromPEMToJKS(certPem, privkeyPem, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass)
+		jksData, err := certutil.TransformCertificateFromPEMToJKS(certPEM, privkeyPEM, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass)
 		if err != nil {
 			return nil, xerrors.Wrap(err, "failed to transform certificate to JKS")
 		}
--- a/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go
@ -76,9 +76,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go
@ -87,9 +87,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go
@ -74,7 +74,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.Bucket == "" {
 		return nil, errors.New("config `bucket` is required")
 	}
@ -83,7 +83,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	}

 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go
@ -68,9 +68,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go
@ -75,9 +75,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go
@ -77,13 +77,13 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.ZoneId == "" {
 		return nil, errors.New("config `zoneId` is required")
 	}

 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf.go
@ -70,7 +70,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 查看云函数自定义域名详情
 	// REF: https://cloud.tencent.com/document/product/583/111924
 	getCustomDomainReq := tcscf.NewGetCustomDomainRequest()
@ -82,7 +82,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	}

 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go
@ -75,7 +75,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.ResourceType == "" {
 		return nil, errors.New("config `resourceType` is required")
 	}
@ -84,7 +84,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	}

 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go
@ -56,9 +56,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod.go
@ -70,9 +70,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf.go
@ -75,7 +75,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.Domain == "" {
 		return nil, errors.New("config `domain` is required")
 	}
@ -87,7 +87,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	}

 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go
+++ b/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go
@ -73,9 +73,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 USSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go
+++ b/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go
@ -11,7 +11,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl"
-	usdkFile "github.com/usual2970/certimate/internal/pkg/vendors/ucloud-sdk/ufile"
+	usdkFile "github.com/usual2970/certimate/internal/pkg/sdk3rd/ucloud/ufile"
 )

 type DeployerConfig struct {
@ -75,9 +75,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 USSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn.go
+++ b/internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn.go
@ -11,7 +11,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/upyun-ssl"
-	upyunsdk "github.com/usual2970/certimate/internal/pkg/vendors/upyun-sdk/console"
+	upyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/upyun/console"
 )

 type DeployerConfig struct {
@ -68,9 +68,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb.go
+++ b/internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb.go
@ -14,7 +14,7 @@ import (
 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
 	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter"
-	"github.com/usual2970/certimate/internal/pkg/utils/sliceutil"
+	sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice"
 )

 type DeployerConfig struct {
@ -83,9 +83,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到证书中心
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go
+++ b/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go
@ -67,9 +67,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 CDN
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/volcengine-certcenter/volcengine_certcenter.go
+++ b/internal/pkg/core/deployer/providers/volcengine-certcenter/volcengine_certcenter.go
@ -59,9 +59,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到证书中心
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go
+++ b/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go
@ -79,9 +79,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到证书中心
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go
+++ b/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go
@ -72,9 +72,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到证书中心
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex.go
+++ b/internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex.go
@ -73,7 +73,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.ServiceId == "" {
 		return nil, errors.New("config `serviceId` is required")
 	}
@ -82,7 +82,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	}

 	// 上传证书到证书中心
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go
+++ b/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go
@ -68,9 +68,9 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	// 上传证书到 Live
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go
+++ b/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go
@ -73,7 +73,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.Bucket == "" {
 		return nil, errors.New("config `bucket` is required")
 	}
@ -82,7 +82,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	}

 	// 上传证书到证书中心
-	upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to upload certificate file")
 	} else {
--- a/internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go
+++ b/internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go
@ -20,8 +20,8 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
-	wangsucdn "github.com/usual2970/certimate/internal/pkg/vendors/wangsu-sdk/cdn"
+	wangsucdn "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/cdn"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type DeployerConfig struct {
@ -77,13 +77,13 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
 	if d.config.Domain == "" {
 		return nil, errors.New("config `domain` is required")
 	}

 	// 解析证书内容
-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}
@ -96,13 +96,13 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	}

 	// 生成网宿云证书参数
-	encryptedPrivateKey, err := encryptPrivateKey(privkeyPem, d.config.ApiKey, time.Now().Unix())
+	encryptedPrivateKey, err := encryptPrivateKey(privkeyPEM, d.config.ApiKey, time.Now().Unix())
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to encrypt private key")
 	}
 	certificateNewVersionInfo := &wangsucdn.CertificateVersion{
 		PrivateKey:  tea.String(encryptedPrivateKey),
-		Certificate: tea.String(certPem),
+		Certificate: tea.String(certPEM),
 		IdentificationInfo: &wangsucdn.CertificateVersionIdentificationInfo{
 			CommonName:              tea.String(certX509.Subject.CommonName),
 			SubjectAlternativeNames: &certX509.DNSNames,
@ -236,7 +236,7 @@ func createSdkClient(accessKeyId, accessKeySecret string) (*wangsucdn.Client, er
 	return wangsucdn.NewClient(accessKeyId, accessKeySecret), nil
 }

-func encryptPrivateKey(privkeyPem string, apiKey string, timestamp int64) (string, error) {
+func encryptPrivateKey(privkeyPEM string, apiKey string, timestamp int64) (string, error) {
 	date := time.Unix(timestamp, 0).UTC()
 	dateStr := date.Format("Mon, 02 Jan 2006 15:04:05 GMT")

@ -266,7 +266,7 @@ func encryptPrivateKey(privkeyPem string, apiKey string, timestamp int64) (strin
 		return "", err
 	}

-	plainBytes := []byte(privkeyPem)
+	plainBytes := []byte(privkeyPEM)
 	padlen := aes.BlockSize - len(plainBytes)%aes.BlockSize
 	if padlen > 0 {
 		paddata := bytes.Repeat([]byte{byte(padlen)}, padlen)
--- a/internal/pkg/core/deployer/providers/webhook/webhook.go
+++ b/internal/pkg/core/deployer/providers/webhook/webhook.go
@ -12,7 +12,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type DeployerConfig struct {
@ -61,8 +61,8 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
 	return d
 }

-func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to parse x509")
 	}
@ -76,8 +76,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	replaceJsonValueRecursively(webhookData, "${DOMAIN}", certX509.Subject.CommonName)
 	replaceJsonValueRecursively(webhookData, "${DOMAINS}", strings.Join(certX509.DNSNames, ";"))
 	replaceJsonValueRecursively(webhookData, "${SUBJECT_ALT_NAMES}", strings.Join(certX509.DNSNames, ";"))
-	replaceJsonValueRecursively(webhookData, "${CERTIFICATE}", certPem)
-	replaceJsonValueRecursively(webhookData, "${PRIVATE_KEY}", privkeyPem)
+	replaceJsonValueRecursively(webhookData, "${CERTIFICATE}", certPEM)
+	replaceJsonValueRecursively(webhookData, "${PRIVATE_KEY}", privkeyPEM)

 	resp, err := d.httpClient.R().
 		SetContext(ctx).
--- a/internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl.go
+++ b/internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl.go
@ -12,7 +12,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	opsdk "github.com/usual2970/certimate/internal/pkg/vendors/1panel-sdk"
+	opsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel"
 )

 type UploaderConfig struct {
@ -56,9 +56,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
 	return u
 }

-func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	// 遍历证书列表，避免重复上传
-	if res, err := u.getCertIfExists(ctx, certPem, privkeyPem); err != nil {
+	if res, err := u.getCertIfExists(ctx, certPEM, privkeyPEM); err != nil {
 		return nil, err
 	} else if res != nil {
 		u.logger.Info("ssl certificate already exists")
@ -72,8 +72,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 	uploadWebsiteSSLReq := &opsdk.UploadWebsiteSSLRequest{
 		Type:        "paste",
 		Description: certName,
-		Certificate: certPem,
-		PrivateKey:  privkeyPem,
+		Certificate: certPEM,
+		PrivateKey:  privkeyPEM,
 	}
 	uploadWebsiteSSLResp, err := u.sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq)
 	u.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp))
@ -82,7 +82,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 	}

 	// 遍历证书列表，获取刚刚上传证书 ID
-	if res, err := u.getCertIfExists(ctx, certPem, privkeyPem); err != nil {
+	if res, err := u.getCertIfExists(ctx, certPEM, privkeyPEM); err != nil {
 		return nil, err
 	} else if res == nil {
 		return nil, fmt.Errorf("no ssl certificate found, may be upload failed (code: %d, message: %s)", uploadWebsiteSSLResp.GetCode(), uploadWebsiteSSLResp.GetMessage())
@ -91,7 +91,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 	}
 }

-func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	searchWebsiteSSLPageNumber := int32(1)
 	searchWebsiteSSLPageSize := int32(100)
 	for {
@ -106,8 +106,8 @@ func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPem string,
 		}

 		for _, sslItem := range searchWebsiteSSLResp.Data.Items {
-			if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPem) &&
-				strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPem) {
+			if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPEM) &&
+				strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPEM) {
 				// 如果已存在相同证书，直接返回
 				return &uploader.UploadResult{
 					CertId:   fmt.Sprintf("%d", sslItem.ID),
--- a/internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go
+++ b/internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go
@ -13,7 +13,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type UploaderConfig struct {
@ -59,9 +59,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
 	return u
 }

-func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	// 解析证书内容
-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}
@ -99,7 +99,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 				}

 				var isSameCert bool
-				if *getUserCertificateDetailResp.Body.Cert == certPem {
+				if *getUserCertificateDetailResp.Body.Cert == certPEM {
 					isSameCert = true
 				} else {
 					oldCertX509, err := certutil.ParseCertificateFromPEM(*getUserCertificateDetailResp.Body.Cert)
@ -139,8 +139,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 	// REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-uploadusercertificate
 	uploadUserCertificateReq := &alicas.UploadUserCertificateRequest{
 		Name: tea.String(certName),
-		Cert: tea.String(certPem),
-		Key:  tea.String(privkeyPem),
+		Cert: tea.String(certPEM),
+		Key:  tea.String(privkeyPEM),
 	}
 	uploadUserCertificateResp, err := u.sdkClient.UploadUserCertificate(uploadUserCertificateReq)
 	u.logger.Debug("sdk request 'cas.UploadUserCertificate'", slog.Any("request", uploadUserCertificateReq), slog.Any("response", uploadUserCertificateResp))
--- a/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go
+++ b/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go
@ -16,7 +16,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type UploaderConfig struct {
@ -62,9 +62,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
 	return u
 }

-func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	// 解析证书内容
-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}
@ -105,16 +105,16 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 	// 去除证书和私钥内容中的空白行，以符合阿里云 API 要求
 	// REF: https://github.com/usual2970/certimate/issues/326
 	re := regexp.MustCompile(`(?m)^\s*$\n?`)
-	certPem = strings.TrimSpace(re.ReplaceAllString(certPem, ""))
-	privkeyPem = strings.TrimSpace(re.ReplaceAllString(privkeyPem, ""))
+	certPEM = strings.TrimSpace(re.ReplaceAllString(certPEM, ""))
+	privkeyPEM = strings.TrimSpace(re.ReplaceAllString(privkeyPEM, ""))

 	// 上传新证书
 	// REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-uploadservercertificate
 	uploadServerCertificateReq := &alislb.UploadServerCertificateRequest{
 		RegionId:              tea.String(u.config.Region),
 		ServerCertificateName: tea.String(certName),
-		ServerCertificate:     tea.String(certPem),
-		PrivateKey:            tea.String(privkeyPem),
+		ServerCertificate:     tea.String(certPEM),
+		PrivateKey:            tea.String(privkeyPEM),
 	}
 	uploadServerCertificateResp, err := u.sdkClient.UploadServerCertificate(uploadServerCertificateReq)
 	u.logger.Debug("sdk request 'slb.UploadServerCertificate'", slog.Any("request", uploadServerCertificateReq), slog.Any("response", uploadServerCertificateResp))
--- a/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go
+++ b/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go
@ -12,7 +12,7 @@ import (
 	"golang.org/x/exp/slices"

 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type UploaderConfig struct {
@ -58,16 +58,16 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
 	return u
 }

-func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	// 解析证书内容
-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}

 	// 生成 AWS 业务参数
-	scertPem, _ := certutil.ConvertCertificateToPEM(certX509)
-	bcertPem := certPem
+	scertPEM, _ := certutil.ConvertCertificateToPEM(certX509)
+	bcertPEM := certPEM

 	// 获取证书列表，避免重复上传
 	// REF: https://docs.aws.amazon.com/en_us/acm/latest/APIReference/API_ListCertificates.html
@ -107,12 +107,12 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 			if err != nil {
 				return nil, xerrors.Wrap(err, "failed to execute sdk request 'acm.GetCertificate'")
 			} else {
-				oldCertPem := aws.ToString(getCertificateResp.CertificateChain)
-				if oldCertPem == "" {
-					oldCertPem = aws.ToString(getCertificateResp.Certificate)
+				oldCertPEM := aws.ToString(getCertificateResp.CertificateChain)
+				if oldCertPEM == "" {
+					oldCertPEM = aws.ToString(getCertificateResp.Certificate)
 				}

-				oldCertX509, err := certutil.ParseCertificateFromPEM(oldCertPem)
+				oldCertX509, err := certutil.ParseCertificateFromPEM(oldCertPEM)
 				if err != nil {
 					continue
 				}
@ -139,9 +139,9 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 	// 导入证书
 	// REF: https://docs.aws.amazon.com/en_us/acm/latest/APIReference/API_ImportCertificate.html
 	importCertificateReq := &awsacm.ImportCertificateInput{
-		Certificate:      ([]byte)(scertPem),
-		CertificateChain: ([]byte)(bcertPem),
-		PrivateKey:       ([]byte)(privkeyPem),
+		Certificate:      ([]byte)(scertPEM),
+		CertificateChain: ([]byte)(bcertPEM),
+		PrivateKey:       ([]byte)(privkeyPEM),
 	}
 	importCertificateResp, err := u.sdkClient.ImportCertificate(context.TODO(), importCertificateReq)
 	u.logger.Debug("sdk request 'acm.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp))
--- a/internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault.go
+++ b/internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault.go
@ -15,8 +15,8 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
-	azcommon "github.com/usual2970/certimate/internal/pkg/vendors/azure-sdk/common"
+	azcommon "github.com/usual2970/certimate/internal/pkg/sdk3rd/azure/common"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type UploaderConfig struct {
@ -66,9 +66,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
 	return u
 }

-func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	// 解析证书内容
-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}
@ -145,7 +145,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 	// Azure Key Vault 不支持导入带有 Certificiate Chain 的 PEM 证书。
 	// Issue Link: https://github.com/Azure/azure-cli/issues/19017
 	// 暂时的解决方法是，将 PEM 证书转换成 PFX 格式，然后再导入。
-	certPfx, err := certutil.TransformCertificateFromPEMToPFX(certPem, privkeyPem, "")
+	certPFX, err := certutil.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, "")
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to transform certificate from PEM to PFX")
 	}
@ -153,7 +153,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 	// 导入证书
 	// REF: https://learn.microsoft.com/en-us/rest/api/keyvault/certificates/import-certificate/import-certificate
 	importCertificateParams := azcertificates.ImportCertificateParameters{
-		Base64EncodedCertificate: to.Ptr(base64.StdEncoding.EncodeToString(certPfx)),
+		Base64EncodedCertificate: to.Ptr(base64.StdEncoding.EncodeToString(certPFX)),
 		CertificatePolicy: &azcertificates.CertificatePolicy{
 			SecretProperties: &azcertificates.SecretProperties{
 				ContentType: to.Ptr("application/x-pkcs12"),
--- a/internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert.go
+++ b/internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert.go
@ -10,8 +10,8 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
-	bdsdk "github.com/usual2970/certimate/internal/pkg/vendors/baiducloud-sdk/cert"
+	bdsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/baiducloud/cert"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type UploaderConfig struct {
@ -55,9 +55,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
 	return u
 }

-func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	// 解析证书内容
-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}
@ -115,8 +115,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 	// REF: https://cloud.baidu.com/doc/Reference/s/Gjwvz27xu#31-%E5%88%9B%E5%BB%BA%E8%AF%81%E4%B9%A6
 	createCertReq := &bdsdk.CreateCertArgs{}
 	createCertReq.CertName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
-	createCertReq.CertServerData = certPem
-	createCertReq.CertPrivateData = privkeyPem
+	createCertReq.CertServerData = certPEM
+	createCertReq.CertPrivateData = privkeyPEM
 	createCertResp, err := u.sdkClient.CreateCert(createCertReq)
 	u.logger.Debug("sdk request 'cert.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp))
 	if err != nil {
--- a/internal/pkg/core/uploader/providers/byteplus-cdn/byteplus_cdn.go
+++ b/internal/pkg/core/uploader/providers/byteplus-cdn/byteplus_cdn.go
@ -14,7 +14,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type UploaderConfig struct {
@ -57,9 +57,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
 	return u
 }

-func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	// 解析证书内容
-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}
@ -114,8 +114,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 	// 上传新证书
 	// REF: https://docs.byteplus.com/en/docs/byteplus-cdn/reference-addcertificate
 	addCertificateReq := &bytepluscdn.AddCertificateRequest{
-		Certificate: certPem,
-		PrivateKey:  privkeyPem,
+		Certificate: certPEM,
+		PrivateKey:  privkeyPEM,
 		Source:      bytepluscdn.GetStrPtr("cert_center"),
 		Desc:        bytepluscdn.GetStrPtr(certName),
 	}
--- a/internal/pkg/core/uploader/providers/dogecloud/dogecloud.go
+++ b/internal/pkg/core/uploader/providers/dogecloud/dogecloud.go
@ -9,7 +9,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	dogesdk "github.com/usual2970/certimate/internal/pkg/vendors/dogecloud-sdk"
+	dogesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dogecloud"
 )

 type UploaderConfig struct {
@ -53,14 +53,14 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
 	return u
 }

-func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	// 生成新证书名（需符合多吉云命名规则）
 	var certId, certName string
 	certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli())

 	// 上传新证书
 	// REF: https://docs.dogecloud.com/cdn/api-cert-upload
-	uploadSslCertResp, err := u.sdkClient.UploadCdnCert(certName, certPem, privkeyPem)
+	uploadSslCertResp, err := u.sdkClient.UploadCdnCert(certName, certPEM, privkeyPEM)
 	u.logger.Debug("sdk request 'cdn.UploadCdnCert'", slog.Any("response", uploadSslCertResp))
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.UploadCdnCert'")
--- a/internal/pkg/core/uploader/providers/gcore-cdn/gcore_cdn.go
+++ b/internal/pkg/core/uploader/providers/gcore-cdn/gcore_cdn.go
@ -12,7 +12,7 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	gcoresdk "github.com/usual2970/certimate/internal/pkg/vendors/gcore-sdk/common"
+	gcoresdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/gcore/common"
 )

 type UploaderConfig struct {
@ -54,7 +54,7 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
 	return u
 }

-func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	// 生成新证书名（需符合 Gcore 命名规则）
 	var certId, certName string
 	certName = fmt.Sprintf("certimate_%d", time.Now().UnixMilli())
@ -63,8 +63,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 	// REF: https://api.gcore.com/docs/cdn#tag/CA-certificates/operation/ca_certificates-add
 	createCertificateReq := &gsslcerts.CreateRequest{
 		Name:           certName,
-		Cert:           certPem,
-		PrivateKey:     privkeyPem,
+		Cert:           certPEM,
+		PrivateKey:     privkeyPEM,
 		Automated:      false,
 		ValidateRootCA: false,
 	}
--- a/internal/pkg/core/uploader/providers/huaweicloud-elb/huaweicloud_elb.go
+++ b/internal/pkg/core/uploader/providers/huaweicloud-elb/huaweicloud_elb.go
@ -18,8 +18,8 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
-	hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
+	hwsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/huaweicloud"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type UploaderConfig struct {
@ -65,9 +65,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
 	return u
 }

-func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	// 解析证书内容
-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}
@ -91,7 +91,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 		if listCertificatesResp.Certificates != nil {
 			for _, certDetail := range *listCertificatesResp.Certificates {
 				var isSameCert bool
-				if certDetail.Certificate == certPem {
+				if certDetail.Certificate == certPEM {
 					isSameCert = true
 				} else {
 					oldCertX509, err := certutil.ParseCertificateFromPEM(certDetail.Certificate)
@ -138,8 +138,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 			Certificate: &hcelbmodel.CreateCertificateOption{
 				ProjectId:   hwsdk.StringPtr(projectId),
 				Name:        hwsdk.StringPtr(certName),
-				Certificate: hwsdk.StringPtr(certPem),
-				PrivateKey:  hwsdk.StringPtr(privkeyPem),
+				Certificate: hwsdk.StringPtr(certPEM),
+				PrivateKey:  hwsdk.StringPtr(privkeyPEM),
 			},
 		},
 	}
--- a/internal/pkg/core/uploader/providers/huaweicloud-scm/huaweicloud_scm.go
+++ b/internal/pkg/core/uploader/providers/huaweicloud-scm/huaweicloud_scm.go
@ -13,8 +13,8 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
-	hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
+	hwsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/huaweicloud"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type UploaderConfig struct {
@ -60,9 +60,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
 	return u
 }

-func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	// 解析证书内容
-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}
@ -100,7 +100,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 				}

 				var isSameCert bool
-				if *exportCertificateResp.Certificate == certPem {
+				if *exportCertificateResp.Certificate == certPEM {
 					isSameCert = true
 				} else {
 					oldCertX509, err := certutil.ParseCertificateFromPEM(*exportCertificateResp.Certificate)
@ -138,8 +138,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 	importCertificateReq := &hcscmmodel.ImportCertificateRequest{
 		Body: &hcscmmodel.ImportCertificateRequestBody{
 			Name:        certName,
-			Certificate: certPem,
-			PrivateKey:  privkeyPem,
+			Certificate: certPEM,
+			PrivateKey:  privkeyPEM,
 		},
 	}
 	importCertificateResp, err := u.sdkClient.ImportCertificate(importCertificateReq)
--- a/internal/pkg/core/uploader/providers/huaweicloud-waf/huaweicloud_waf.go
+++ b/internal/pkg/core/uploader/providers/huaweicloud-waf/huaweicloud_waf.go
@ -18,8 +18,8 @@ import (
 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
-	hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
+	hwsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/huaweicloud"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type UploaderConfig struct {
@ -65,9 +65,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
 	return u
 }

-func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	// 解析证书内容
-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}
@ -100,7 +100,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 				}

 				var isSameCert bool
-				if *showCertificateResp.Content == certPem {
+				if *showCertificateResp.Content == certPEM {
 					isSameCert = true
 				} else {
 					oldCertX509, err := certutil.ParseCertificateFromPEM(*showCertificateResp.Content)
@ -138,8 +138,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 	createCertificateReq := &hcwafmodel.CreateCertificateRequest{
 		Body: &hcwafmodel.CreateCertificateRequestBody{
 			Name:    certName,
-			Content: certPem,
-			Key:     privkeyPem,
+			Content: certPEM,
+			Key:     privkeyPEM,
 		},
 	}
 	createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq)
--- a/internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl.go
+++ b/internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl.go
@ -16,7 +16,7 @@ import (
 	"golang.org/x/exp/slices"

 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	"github.com/usual2970/certimate/internal/pkg/utils/certutil"
+	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
 )

 type UploaderConfig struct {
@ -60,18 +60,18 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
 	return u
 }

-func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
 	// 解析证书内容
-	certX509, err := certutil.ParseCertificateFromPEM(certPem)
+	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
 	if err != nil {
 		return nil, err
 	}

 	// 格式化私钥内容，以便后续计算私钥摘要
-	privkeyPem = strings.TrimSpace(privkeyPem)
-	privkeyPem = strings.ReplaceAll(privkeyPem, "\r", "")
-	privkeyPem = strings.ReplaceAll(privkeyPem, "\n", "\r\n")
-	privkeyPem = privkeyPem + "\r\n"
+	privkeyPEM = strings.TrimSpace(privkeyPEM)
+	privkeyPEM = strings.ReplaceAll(privkeyPEM, "\r", "")
+	privkeyPEM = strings.ReplaceAll(privkeyPEM, "\n", "\r\n")
+	privkeyPEM = privkeyPEM + "\r\n"

 	// 遍历查看证书列表，避免重复上传
 	// REF: https://docs.jdcloud.com/cn/ssl-certificate/api/describecerts
@ -107,7 +107,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
 			}

 			// 最后对比私钥摘要
-			newKeyDigest := sha256.Sum256([]byte(privkeyPem))
+			newKeyDigest := sha256.Sum256([]byte(privkeyPEM))
 			newKeyDigestHex := hex.EncodeToString(newKeyDigest[:])
 			if !strings.EqualFold(newKeyDigestHex, certDetail.Digest) {
 				continue
@ -133,7 +133,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe

 	// 上传证书
 	// REF: https://docs.jdcloud.com/cn/ssl-certificate/api/uploadcert
-	uploadCertReq := jdsslapi.NewUploadCertRequest(certName, privkeyPem, certPem)
+	uploadCertReq := jdsslapi.NewUploadCertRequest(certName, privkeyPEM, certPEM)
 	uploadCertResp, err := u.sdkClient.UploadCert(uploadCertReq)
 	u.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("request", uploadCertReq), slog.Any("response", uploadCertResp))
 	if err != nil {
--- a/Show More
+++ b/Show More