open-vault/ui/app/models/pki-ca-certificate.js
Anner J. Bonilla 8c29f49e1a
Add support for ed25519 (#11780)
* update azure instructions

Update instructions in regards to azure AD Authentication and OIDC

* Initial pass of ed25519

* Fix typos on marshal function

* test wip

* typo

* fix tests

* missef changelog

* fix mismatch between signature and algo

* added test coverage for ed25519

* remove pkcs1 since does not exist for ed25519

* add ed25519 support to getsigner

* pull request feedback

Signed-off-by: Anner J. Bonilla <abonilla@hoyosintegrity.com>

* typo on key

Signed-off-by: Anner J. Bonilla <abonilla@hoyosintegrity.com>

* cast mistake

Signed-off-by: Anner J. Bonilla <abonilla@hoyosintegrity.com>

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2021-10-05 11:28:49 -04:00

157 lines
3.8 KiB
JavaScript

import { attr } from '@ember-data/model';
import { and } from '@ember/object/computed';
import { computed } from '@ember/object';
import Certificate from './pki-certificate';
import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities';
// TODO: alphabetize attrs
export default Certificate.extend({
DISPLAY_FIELDS: computed(function() {
return [
'csr',
'certificate',
'commonName',
'issueDate',
'expiryDate',
'issuingCa',
'caChain',
'privateKey',
'privateKeyType',
'serialNumber',
];
}),
addBasicConstraints: attr('boolean', {
label: 'Add a Basic Constraints extension with CA: true',
helpText:
'Only needed as a workaround in some compatibility scenarios with Active Directory Certificate Services',
}),
backend: attr('string', {
readOnly: true,
}),
caType: attr('string', {
possibleValues: ['root', 'intermediate'],
defaultValue: 'root',
label: 'CA Type',
readOnly: true,
}),
commonName: attr('string'),
expiryDate: attr('string', {
label: 'Expiration date',
}),
issueDate: attr('string'),
pemBundle: attr('string', {
label: 'PEM bundle',
editType: 'file',
}),
uploadPemBundle: attr('boolean', {
label: 'Upload PEM bundle',
readOnly: true,
}),
fieldDefinition: computed('caType', 'uploadPemBundle', function() {
const type = this.caType;
const isUpload = this.uploadPemBundle;
let groups = [{ default: ['caType', 'uploadPemBundle'] }];
if (isUpload) {
groups[0].default.push('pemBundle');
} else {
groups[0].default.push('type', 'commonName');
if (type === 'root') {
groups.push({
Options: [
'altNames',
'ipSans',
'ttl',
'format',
'privateKeyFormat',
'keyType',
'keyBits',
'maxPathLength',
'permittedDnsNames',
'excludeCnFromSans',
'ou',
'organization',
'otherSans',
],
});
}
if (type === 'intermediate') {
groups.push({
Options: [
'altNames',
'ipSans',
'format',
'privateKeyFormat',
'keyType',
'keyBits',
'excludeCnFromSans',
'addBasicConstraints',
'ou',
'organization',
'otherSans',
],
});
}
}
groups.push({
'Address Options': ['country', 'locality', 'province', 'streetAddress', 'postalCode'],
});
return groups;
}),
type: attr('string', {
possibleValues: ['internal', 'exported'],
defaultValue: 'internal',
}),
ou: attr({
label: 'OU (OrganizationalUnit)',
editType: 'stringArray',
}),
organization: attr({
editType: 'stringArray',
}),
country: attr({
editType: 'stringArray',
}),
locality: attr({
editType: 'stringArray',
label: 'Locality/City',
}),
province: attr({
editType: 'stringArray',
label: 'Province/State',
}),
streetAddress: attr({
editType: 'stringArray',
}),
postalCode: attr({
editType: 'stringArray',
}),
keyType: attr('string', {
possibleValues: ['rsa', 'ec','ed25519'],
defaultValue: 'rsa',
}),
keyBits: attr('number', {
defaultValue: 2048,
}),
privateKeyFormat: attr('string', {
possibleValues: ['', 'der', 'pem', 'pkcs8'],
defaultValue: '',
}),
maxPathLength: attr('number', {
defaultValue: -1,
}),
permittedDnsNames: attr('string', {
label: 'Permitted DNS domains',
}),
csr: attr('string', {
editType: 'textarea',
label: 'CSR',
masked: true,
}),
deletePath: lazyCapabilities(apiPath`${'backend'}/root`, 'backend'),
canDeleteRoot: and('deletePath.canDelete', 'deletePath.canSudo'),
});