2022-10-07 06:48:45 -07:00
|
|
|
import { OptionsWithUri } from 'request';
|
|
|
|
|
2022-11-22 04:43:28 -08:00
|
|
|
import { IExecuteFunctions, IExecuteSingleFunctions, ILoadOptionsFunctions } from 'n8n-core';
|
2022-10-07 06:48:45 -07:00
|
|
|
|
2022-10-11 07:07:36 -07:00
|
|
|
import { IDataObject, IHookFunctions, JsonObject, NodeApiError } from 'n8n-workflow';
|
2022-10-07 06:48:45 -07:00
|
|
|
|
|
|
|
import { get } from 'lodash';
|
|
|
|
|
|
|
|
import * as nacl_factory from 'js-nacl';
|
|
|
|
|
|
|
|
export async function venafiApiRequest(
|
2022-10-11 07:07:36 -07:00
|
|
|
this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions | IHookFunctions,
|
2022-10-07 06:48:45 -07:00
|
|
|
method: string,
|
|
|
|
resource: string,
|
|
|
|
body = {},
|
|
|
|
qs: IDataObject = {},
|
|
|
|
uri?: string,
|
|
|
|
option: IDataObject = {},
|
|
|
|
): Promise<any> {
|
2022-12-02 03:53:59 -08:00
|
|
|
const operation = this.getNodeParameter('operation', 0);
|
2022-10-07 06:48:45 -07:00
|
|
|
|
|
|
|
const options: OptionsWithUri = {
|
|
|
|
headers: {
|
|
|
|
Accept: 'application/json',
|
|
|
|
'content-type': 'application/json',
|
|
|
|
},
|
|
|
|
method,
|
|
|
|
body,
|
|
|
|
qs,
|
|
|
|
uri: `https://api.venafi.cloud${resource}`,
|
|
|
|
json: true,
|
|
|
|
};
|
|
|
|
|
|
|
|
if (Object.keys(option).length) {
|
|
|
|
Object.assign(options, option);
|
|
|
|
}
|
|
|
|
|
|
|
|
// For cert download we don't need any headers
|
|
|
|
// If we remove for everything the key fetch fails
|
|
|
|
if (operation === 'download') {
|
|
|
|
// We need content-type for keystore
|
|
|
|
if (!resource.endsWith('keystore')) {
|
2022-12-02 12:54:28 -08:00
|
|
|
delete options.headers!.Accept;
|
|
|
|
delete options.headers!['content-type'];
|
2022-10-07 06:48:45 -07:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
if (Object.keys(body).length === 0) {
|
|
|
|
delete options.body;
|
|
|
|
}
|
2022-12-23 10:09:52 -08:00
|
|
|
return await this.helpers.requestWithAuthentication.call(
|
|
|
|
this,
|
|
|
|
'venafiTlsProtectCloudApi',
|
|
|
|
options,
|
|
|
|
);
|
2022-10-07 06:48:45 -07:00
|
|
|
} catch (error) {
|
|
|
|
throw new NodeApiError(this.getNode(), error as JsonObject);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
export async function venafiApiRequestAllItems(
|
|
|
|
this: IExecuteFunctions | ILoadOptionsFunctions,
|
|
|
|
propertyName: string,
|
|
|
|
method: string,
|
|
|
|
endpoint: string,
|
2022-12-02 06:25:21 -08:00
|
|
|
|
2022-10-07 06:48:45 -07:00
|
|
|
body: any = {},
|
|
|
|
query: IDataObject = {},
|
|
|
|
): Promise<any> {
|
|
|
|
const returnData: IDataObject[] = [];
|
|
|
|
|
|
|
|
let responseData;
|
|
|
|
|
|
|
|
do {
|
|
|
|
responseData = await venafiApiRequest.call(this, method, endpoint, body, query);
|
|
|
|
endpoint = get(responseData, '_links[0].Next');
|
|
|
|
returnData.push.apply(returnData, responseData[propertyName]);
|
2022-12-02 12:54:28 -08:00
|
|
|
} while (responseData._links?.[0].Next);
|
2022-10-07 06:48:45 -07:00
|
|
|
|
|
|
|
return returnData;
|
|
|
|
}
|
|
|
|
|
|
|
|
export async function encryptPassphrase(
|
|
|
|
this: IExecuteFunctions | ILoadOptionsFunctions,
|
|
|
|
certificateId: string,
|
|
|
|
passphrase: string,
|
|
|
|
storePassphrase: string,
|
|
|
|
) {
|
|
|
|
let dekHash = '';
|
|
|
|
const dekResponse = await venafiApiRequest.call(
|
|
|
|
this,
|
|
|
|
'GET',
|
|
|
|
`/outagedetection/v1/certificates/${certificateId}`,
|
|
|
|
);
|
|
|
|
|
|
|
|
if (dekResponse.dekHash) {
|
|
|
|
dekHash = dekResponse.dekHash;
|
|
|
|
}
|
|
|
|
|
|
|
|
let pubKey = '';
|
|
|
|
const pubKeyResponse = await venafiApiRequest.call(
|
|
|
|
this,
|
|
|
|
'GET',
|
|
|
|
`/v1/edgeencryptionkeys/${dekHash}`,
|
|
|
|
);
|
|
|
|
|
|
|
|
if (pubKeyResponse.key) {
|
|
|
|
pubKey = pubKeyResponse.key;
|
|
|
|
}
|
|
|
|
|
|
|
|
let encryptedKeyPass = '';
|
|
|
|
let encryptedKeyStorePass = '';
|
|
|
|
|
2022-12-02 12:54:28 -08:00
|
|
|
const promise = async () => {
|
2022-10-07 06:48:45 -07:00
|
|
|
return new Promise((resolve, reject) => {
|
|
|
|
nacl_factory.instantiate((nacl: any) => {
|
|
|
|
try {
|
|
|
|
const passphraseUTF8 = nacl.encode_utf8(passphrase) as string;
|
|
|
|
const keyPassBuffer = nacl.crypto_box_seal(passphraseUTF8, Buffer.from(pubKey, 'base64'));
|
|
|
|
encryptedKeyPass = Buffer.from(keyPassBuffer).toString('base64');
|
|
|
|
|
|
|
|
const storePassphraseUTF8 = nacl.encode_utf8(storePassphrase) as string;
|
|
|
|
const keyStorePassBuffer = nacl.crypto_box_seal(
|
|
|
|
storePassphraseUTF8,
|
|
|
|
Buffer.from(pubKey, 'base64'),
|
|
|
|
);
|
|
|
|
encryptedKeyStorePass = Buffer.from(keyStorePassBuffer).toString('base64');
|
|
|
|
|
|
|
|
return resolve([encryptedKeyPass, encryptedKeyStorePass]);
|
|
|
|
} catch (error) {
|
|
|
|
return reject(error);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
});
|
|
|
|
};
|
2022-12-02 12:54:28 -08:00
|
|
|
return promise();
|
2022-10-07 06:48:45 -07:00
|
|
|
}
|