Merge pull request #3107 from hosseinsh/ecc-support-for-authority-minting
adding the correct signing algorithm, and a missing key Type
This commit is contained in:
commit
7cad569114
|
@ -23,6 +23,7 @@ from lemur.common.schema import LemurInputSchema, LemurOutputSchema
|
||||||
from lemur.common import validators, missing
|
from lemur.common import validators, missing
|
||||||
|
|
||||||
from lemur.common.fields import ArrowDateTime
|
from lemur.common.fields import ArrowDateTime
|
||||||
|
from lemur.constants import CERTIFICATE_KEY_TYPES
|
||||||
|
|
||||||
|
|
||||||
class AuthorityInputSchema(LemurInputSchema):
|
class AuthorityInputSchema(LemurInputSchema):
|
||||||
|
@ -56,11 +57,12 @@ class AuthorityInputSchema(LemurInputSchema):
|
||||||
type = fields.String(validate=validate.OneOf(["root", "subca"]), missing="root")
|
type = fields.String(validate=validate.OneOf(["root", "subca"]), missing="root")
|
||||||
parent = fields.Nested(AssociatedAuthoritySchema)
|
parent = fields.Nested(AssociatedAuthoritySchema)
|
||||||
signing_algorithm = fields.String(
|
signing_algorithm = fields.String(
|
||||||
validate=validate.OneOf(["sha256WithRSA", "sha1WithRSA"]),
|
validate=validate.OneOf(["sha256WithRSA", "sha1WithRSA",
|
||||||
|
"sha256WithECDSA", "SHA384withECDSA", "SHA512withECDSA"]),
|
||||||
missing="sha256WithRSA",
|
missing="sha256WithRSA",
|
||||||
)
|
)
|
||||||
key_type = fields.String(
|
key_type = fields.String(
|
||||||
validate=validate.OneOf(["RSA2048", "RSA4096"]), missing="RSA2048"
|
validate=validate.OneOf(CERTIFICATE_KEY_TYPES), missing="RSA2048"
|
||||||
)
|
)
|
||||||
key_name = fields.String()
|
key_name = fields.String()
|
||||||
sensitivity = fields.String(
|
sensitivity = fields.String(
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
Signing Algorithm
|
Signing Algorithm
|
||||||
</label>
|
</label>
|
||||||
<div class="col-sm-10">
|
<div class="col-sm-10">
|
||||||
<select class="form-control" ng-model="authority.signingAlgorithm" ng-options="option for option in ['sha1WithRSA', 'sha256WithRSA']" ng-init="authority.signingAlgorithm = 'sha256WithRSA'"></select>
|
<select class="form-control" ng-model="authority.signingAlgorithm" ng-options="option for option in ['sha1WithRSA', 'sha256WithRSA', 'sha256WithECDSA', 'SHA384withECDSA', 'SHA512withECDSA']" ng-init="authority.signingAlgorithm = 'sha256WithRSA'"></select>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
|
|
|
@ -34,6 +34,29 @@ def test_authority_input_schema(client, role, issuer_plugin, logged_in_user):
|
||||||
assert not errors
|
assert not errors
|
||||||
|
|
||||||
|
|
||||||
|
def test_authority_input_schema_ecc(client, role, issuer_plugin, logged_in_user):
|
||||||
|
from lemur.authorities.schemas import AuthorityInputSchema
|
||||||
|
|
||||||
|
input_data = {
|
||||||
|
"name": "Example Authority",
|
||||||
|
"owner": "jim@example.com",
|
||||||
|
"description": "An example authority.",
|
||||||
|
"commonName": "An Example Authority",
|
||||||
|
"plugin": {
|
||||||
|
"slug": "test-issuer",
|
||||||
|
"plugin_options": [{"name": "test", "value": "blah"}],
|
||||||
|
},
|
||||||
|
"type": "root",
|
||||||
|
"signingAlgorithm": "sha256WithECDSA",
|
||||||
|
"keyType": "ECCPRIME256V1",
|
||||||
|
"sensitivity": "medium",
|
||||||
|
}
|
||||||
|
|
||||||
|
data, errors = AuthorityInputSchema().load(input_data)
|
||||||
|
|
||||||
|
assert not errors
|
||||||
|
|
||||||
|
|
||||||
def test_user_authority(session, client, authority, role, user, issuer_plugin):
|
def test_user_authority(session, client, authority, role, user, issuer_plugin):
|
||||||
u = user["user"]
|
u = user["user"]
|
||||||
u.roles.append(role)
|
u.roles.append(role)
|
||||||
|
|
Loading…
Reference in New Issue