fix(server): simplify report tag and hide platformPublicKey in config output

apps/server/src/server/api/contracts/config.contract.ts

@@ -5,7 +5,6 @@ const configOutput = z
   .object({
     licence: z.string().nullable().describe('当前本地 licence，未设置时为 null'),
     fingerprint: z.string().describe('UX 本机计算得到的设备特征码（SHA-256）'),
-    platformPublicKey: z.string().nullable().describe('本地持久化的平台公钥（Base64 编码 SPKI DER），未设置时为 null'),
     hasPlatformPublicKey: z.boolean().describe('是否已配置平台公钥'),
     hasPgpPrivateKey: z.boolean().describe('是否已配置 OpenPGP 私钥'),
   })
@@ -15,15 +14,12 @@ const configOutput = z
       {
         licence: 'LIC-8F2A-XXXX',
         fingerprint: '9a3b7c1d2e4f5a6b8c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b',
-        platformPublicKey:
-          'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDlZvMDVaL+fjl05Hi182JOAUAaN4gh9rOF+1NhKfO4J6e0HLy8lBuylp3A4xoTiyUejNm22h0dqAgDSPnY/xZR76POFTD1soHr2LaFCN8JAbQ96P8gE7wC9qpoTssVvIVRH7QbVd260J6eD0Szwcx9cg591RSN69pMpe5IVRi8T99Hhql6/wnZHORPr18eESLOY93jRskLzc0q18r68RRoTJiQf+9YC8ub5iKp7rCjVnPi1UbIYmXmL08tk5mksYA0NqWQAa1ofKxx/9tQtB9uTjhTxuTu94XU9jlGU87qaHZs+kpqa8CAbYYJFbSP1xHwoZzpU2jpw2aF22HBYxwIDAQAB',
         hasPlatformPublicKey: true,
         hasPgpPrivateKey: true,
       },
       {
         licence: null,
         fingerprint: '9a3b7c1d2e4f5a6b8c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b',
-        platformPublicKey: null,
         hasPlatformPublicKey: false,
         hasPgpPrivateKey: false,
       },
@@ -37,7 +33,7 @@ export const get = oc
     operationId: 'configGet',
     summary: '读取本机身份配置',
     description:
-      '查询 UX 当前本地身份配置状态。\n\n典型用途：页面初始化时检测授权状态、加密前检查平台公钥、签名前检查私钥是否就绪。\n\n返回内容：\n- licence：当前持久化授权码，未设置时为 null；\n- fingerprint：设备特征码（本机自动计算）；\n- platformPublicKey：本地平台公钥（用于验签或加密前核对）；\n- hasPlatformPublicKey：是否已写入平台公钥；\n- hasPgpPrivateKey：是否已写入 OpenPGP 私钥。',
+      '查询 UX 当前本地身份配置状态。\n\n典型用途：页面初始化时检测授权状态、加密前检查平台公钥、签名前检查私钥是否就绪。\n\n返回内容：\n- licence：当前持久化授权码，未设置时为 null；\n- fingerprint：设备特征码（本机自动计算）；\n- hasPlatformPublicKey：是否已写入平台公钥；\n- hasPgpPrivateKey：是否已写入 OpenPGP 私钥。',
     tags: ['Config'],
   })
   .input(z.object({}).describe('空请求体，仅触发读取当前配置'))

apps/server/src/server/api/contracts/crypto.contract.ts

@@ -117,7 +117,26 @@ export const signAndPackReport = oc
     summary: '签名并打包检查报告',
     description:
       '对原始报告执行设备签名与 OpenPGP 签名并重新打包。\n\n处理流程：\n- 解析上传 ZIP 并提取 summary.json；\n- 用 licence/fingerprint 计算 deviceSignature(HKDF + HMAC-SHA256) 并回写 summary.json；\n- 生成 META-INF/manifest.json；\n- 使用本地 OpenPGP 私钥生成 detached signature(`META-INF/signature.asc`)；\n- 返回签名后 ZIP。\n\n适用场景：检查结果归档、可追溯签名分发。',
-    tags: ['Crypto', 'Report'],
+    tags: ['Report'],
+    spec: (current) => {
+      const multipartContent =
+        current.requestBody && !('$ref' in current.requestBody)
+          ? (current.requestBody.content?.['multipart/form-data'] ?? current.requestBody.content?.['application/json'])
+          : undefined
+
+      return {
+        ...current,
+        requestBody:
+          multipartContent && current.requestBody && !('$ref' in current.requestBody)
+            ? {
+                ...current.requestBody,
+                content: {
+                  'multipart/form-data': multipartContent,
+                },
+              }
+            : current.requestBody,
+      }
+    },
   })
   .input(
     z

apps/server/src/server/api/routers/config.router.ts

@@ -12,7 +12,6 @@ const toConfigOutput = (config: {
 }) => ({
   licence: config.licence,
   fingerprint: config.fingerprint,
-  platformPublicKey: config.platformPublicKey,
   hasPlatformPublicKey: config.platformPublicKey != null,
   hasPgpPrivateKey: config.pgpPrivateKey != null,
 })