Expose ssh algorithm_signer in web interface (#10114) (#10299)

* Expose ssh algorithm_signer in web interface (#10114) * Adds allowed values for algorithm_signer to ssh plugin API * Adds algorithm_signer as field in UI * Add changelog entry Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
2025-10-29 01:32:33 +00:00 · 2022-11-10 14:24:53 -08:00
parent 467384d8d4
commit 467067371d
3 changed files with 8 additions and 0 deletions
--- a/builtin/logical/ssh/path_roles.go
+++ b/builtin/logical/ssh/path_roles.go
@@ -380,6 +380,7 @@ func pathRoles(b *backend) *framework.Path {
 				When supplied, this value specifies a signing algorithm for the key. Possible values:
 				ssh-rsa, rsa-sha2-256, rsa-sha2-512, default, or the empty string.
 				`,
+				AllowedValues: []interface{}{"", ssh.SigAlgoRSA, ssh.SigAlgoRSASHA2256, ssh.SigAlgoRSASHA2512},
 				DisplayAttrs: &framework.DisplayAttributes{
 					Name: "Signing Algorithm",
 				},
--- a/changelog/10299.txt
+++ b/changelog/10299.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+ui: Add algorithm-signer as a SSH Secrets Engine UI field
+```
--- a/ui/app/models/role-ssh.js
+++ b/ui/app/models/role-ssh.js
@@ -37,6 +37,7 @@ const CA_FIELDS = [
  'allowUserKeyIds',
  'keyIdFormat',
  'notBeforeDuration',
+  'algorithmSigner',
 ];

 export default Model.extend({
@@ -117,6 +118,9 @@ export default Model.extend({
  keyIdFormat: attr('string', {
    helpText: 'When supplied, this value specifies a custom format for the key id of a signed certificate',
  }),
+  algorithmSigner: attr('string', {
+    helpText: 'When supplied, this value specifies a signing algorithm for the key',
+  }),

  showFields: computed('keyType', function () {
    const keyType = this.keyType;