Merge pull request #3107 from hosseinsh/ecc-support-for-authority-minting
adding the correct signing algorithm, and a missing key Type
This commit is contained in:
commit
7cad569114
@ -23,6 +23,7 @@ from lemur.common.schema import LemurInputSchema, LemurOutputSchema
|
||||
from lemur.common import validators, missing
|
||||
|
||||
from lemur.common.fields import ArrowDateTime
|
||||
from lemur.constants import CERTIFICATE_KEY_TYPES
|
||||
|
||||
|
||||
class AuthorityInputSchema(LemurInputSchema):
|
||||
@ -56,11 +57,12 @@ class AuthorityInputSchema(LemurInputSchema):
|
||||
type = fields.String(validate=validate.OneOf(["root", "subca"]), missing="root")
|
||||
parent = fields.Nested(AssociatedAuthoritySchema)
|
||||
signing_algorithm = fields.String(
|
||||
validate=validate.OneOf(["sha256WithRSA", "sha1WithRSA"]),
|
||||
validate=validate.OneOf(["sha256WithRSA", "sha1WithRSA",
|
||||
"sha256WithECDSA", "SHA384withECDSA", "SHA512withECDSA"]),
|
||||
missing="sha256WithRSA",
|
||||
)
|
||||
key_type = fields.String(
|
||||
validate=validate.OneOf(["RSA2048", "RSA4096"]), missing="RSA2048"
|
||||
validate=validate.OneOf(CERTIFICATE_KEY_TYPES), missing="RSA2048"
|
||||
)
|
||||
key_name = fields.String()
|
||||
sensitivity = fields.String(
|
||||
|
@ -4,7 +4,7 @@
|
||||
Signing Algorithm
|
||||
</label>
|
||||
<div class="col-sm-10">
|
||||
<select class="form-control" ng-model="authority.signingAlgorithm" ng-options="option for option in ['sha1WithRSA', 'sha256WithRSA']" ng-init="authority.signingAlgorithm = 'sha256WithRSA'"></select>
|
||||
<select class="form-control" ng-model="authority.signingAlgorithm" ng-options="option for option in ['sha1WithRSA', 'sha256WithRSA', 'sha256WithECDSA', 'SHA384withECDSA', 'SHA512withECDSA']" ng-init="authority.signingAlgorithm = 'sha256WithRSA'"></select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
|
@ -34,6 +34,29 @@ def test_authority_input_schema(client, role, issuer_plugin, logged_in_user):
|
||||
assert not errors
|
||||
|
||||
|
||||
def test_authority_input_schema_ecc(client, role, issuer_plugin, logged_in_user):
|
||||
from lemur.authorities.schemas import AuthorityInputSchema
|
||||
|
||||
input_data = {
|
||||
"name": "Example Authority",
|
||||
"owner": "jim@example.com",
|
||||
"description": "An example authority.",
|
||||
"commonName": "An Example Authority",
|
||||
"plugin": {
|
||||
"slug": "test-issuer",
|
||||
"plugin_options": [{"name": "test", "value": "blah"}],
|
||||
},
|
||||
"type": "root",
|
||||
"signingAlgorithm": "sha256WithECDSA",
|
||||
"keyType": "ECCPRIME256V1",
|
||||
"sensitivity": "medium",
|
||||
}
|
||||
|
||||
data, errors = AuthorityInputSchema().load(input_data)
|
||||
|
||||
assert not errors
|
||||
|
||||
|
||||
def test_user_authority(session, client, authority, role, user, issuer_plugin):
|
||||
u = user["user"]
|
||||
u.roles.append(role)
|
||||
|
Loading…
Reference in New Issue
Block a user