search

PeculiarVentures / fortify-tools

Fortify enables web applications to use smart cards, local certificate stores and do certificate enrollment. This is the "Tool" application used in the Fortify desktop application.
https://tools.fortifyapp.com
MIT License
15 stars 7 forks source link

Remove Friendly name & Description for certificate creation #155

Closed OleksandrSPV closed 1 month ago

OleksandrSPV commented 3 months ago

There is no way to add Friendly name & Description when certificate create method calls. Should be add support in @peculiar/fortify-client-core

OleksandrSPV commented 3 months ago

@donskov Could you please help with it?

donskov commented 3 months ago

@OleksandrSPV Unfortunately, I don't know what certificate fields can be used to set this data. Could you please attach the screenshot of the certificate creation form and maybe @microshine could help us with it?

donskov commented 3 months ago

I just spoke with @microshine and we came to the conclusion that it is also not clear what exactly to do with these fields. Let's clarify this issue with the designer.

alexgbv commented 3 months ago

What exactly the issue with adding fields? In which part of certificate details to put it? I'm not sure I understand.

If it's a deep problem and we can easily resolve this we can remove those fields since they are not mandatory.

microshine commented 3 months ago

It is possible that these fields are intended to provide additional information that can be used after the certificate request is generated. Specifically, the friendly name and description can be saved along with the generated certificate request in the client's database. This allows for further management and identification of certificates. However, this option should be optional, as it is not necessary if the client only needs the certificate request file.

From the Fortify perspective, Fortify allows setting a label for PKCS#11 objects. Here is an example:

provider.certStorage.importCert('raw', data, {name: 'ECDSA', namedCurve: 'P-256', label: 'My Friendly Name'}, ['verify']);

Reference to the relevant code: https://github.com/PeculiarVentures/node-webcrypto-p11/blob/0990e44961d04e28afc80cadb5455eec4541ee8c/src/certs/csr.ts#L56

alexgbv commented 3 months ago

Does it mean we can leave these fields?

microshine commented 3 months ago

I don't know the original purpose of adding these fields, but in the context of Fortify, they don't carry much significance. I believe they can be removed.

alexgbv commented 3 months ago

Ok, let's just remove.

OleksandrSPV commented 3 months ago

Ok folks, I'll remove these fields and close this task, thanks for help everyone.

OleksandrSPV commented 3 months ago

@donskov Here is the PR https://github.com/PeculiarVentures/fortify-tools/pull/156, thanks.