Skip to content

Commit

Permalink
UI/Fix parsing CRL in PKI engine (#13913)
Browse files Browse the repository at this point in the history
* fix parsing of CRLs

* removes tests

* update comment
  • Loading branch information
hellobontempo authored and fairclothjm committed Feb 12, 2022
1 parent 26217f7 commit 4c8784a
Show file tree
Hide file tree
Showing 4 changed files with 4 additions and 21 deletions.
5 changes: 3 additions & 2 deletions ui/app/helpers/parse-pki-cert.js
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ import { Certificate } from 'pkijs';

export function parsePkiCert([model]) {
// model has to be the responseJSON from PKI serializer
if (!model.certificate) {
// return if no certificate or if the "certificate" is actually a CRL
if (!model.certificate || model.certificate.includes('BEGIN X509 CRL')) {
return;
}
let cert;
Expand All @@ -15,7 +16,7 @@ export function parsePkiCert([model]) {
let cert_asn1 = asn1js.fromBER(stringToArrayBuffer(cert_der));
cert = new Certificate({ schema: cert_asn1.result });
} catch (error) {
console.log('Error parsing certificate:', error, model.certificate);
console.debug('DEBUG: Parsing Certificate', error);
return {
can_parse: false,
};
Expand Down
2 changes: 1 addition & 1 deletion ui/app/serializers/pki-certificate.js
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ export default RESTSerializer.extend({
const responseJSON = this.normalizeItems(payload);
const { modelName } = primaryModelClass;
let transformedPayload, certMetadata;
// hits cert/list endpoint first which returns an array, only want to parse if response is not an array
// hits cert/list endpoint first which returns an array of keys, only want to parse if response contains certificates
if (!Array.isArray(responseJSON)) {
certMetadata = parsePkiCert([responseJSON]);
transformedPayload = { [modelName]: { ...certMetadata, ...responseJSON } };
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -94,17 +94,6 @@ BXUV2Uwtxf+QCphnlht9muX2fsLIzDJea0JipWj1uf2H8OZsjE8=
);
});

test('EC cert config: generate', async function (assert) {
await mountAndNav(assert);
await settled();
assert.equal(currentRouteName(), 'vault.cluster.settings.configure-secret-backend.section');

await page.form.generateCAKeyTypeEC();
await settled();

assert.dom('[data-test-warning]').exists('Info banner renders when unable to parse certificate metadata');
});

test('cert config: upload', async function (assert) {
await mountAndNav(assert);
await settled();
Expand Down
7 changes: 0 additions & 7 deletions ui/tests/pages/components/config-pki-ca.js
Original file line number Diff line number Diff line change
Expand Up @@ -32,9 +32,6 @@ export default {
enterCertAsText: clickable('[data-test-text-toggle]'),
pemBundle: fillable('[data-test-text-file-textarea]'),
commonName: fillable('[data-test-input="commonName"]'),
toggleOptions: clickable('[data-test-toggle-group="Options"]'),
keyType: fillable('[data-test-input="keyType"]'),
keyBits: fillable('[data-test-input="keyBits"]'),

issueDateIsPresent: text('[data-test-row-value="Issue date"]'),
expiryDateIsPresent: text('[data-test-row-value="Expiration date"]'),
Expand All @@ -46,10 +43,6 @@ export default {
return await this.replaceCA().commonName(commonName).submit();
},

async generateCAKeyTypeEC(commonName = 'PKI CA EC') {
return await this.replaceCA().commonName(commonName).toggleOptions().keyType('ec').keyBits(256).submit();
},

async uploadCA(pem) {
return await this.replaceCA().uploadCert().enterCertAsText().pemBundle(pem).submit();
},
Expand Down

0 comments on commit 4c8784a

Please sign in to comment.