terraform-provider-tls Support x509/DER/SHA256 public key fingerprint

Support x509/DER/SHA256 public key fingerprint

Open alanraison opened this issue 2 years ago • 0 comments

Terraform CLI and Provider Versions

Terraform v1.1.9 on darwin_arm64

Use Cases or Problem Statement

When trying to configure an OIDC provider, I needed a particular checksum to be supported; namely the SHA256 hash of the DER-formatted public key.

Proposal

I propose that a new attribute, public_key_fingerprint_x509_sha256 is added to the tls_private_key resource and the tls_public_key data source.

The hash algorithm seems to use standard encryption methods and Go libraries and hence seems to align with the design guidelines. However, it may cause property bloat to the tls_private_key resource and tls_public_key data source.

How much impact is this issue causing?

Medium

Additional Information

I have proposed the change in this provider, rather than writing a separate one, as it already has access to the key material (and indeed uses the x509 package already).

Code of Conduct

[X] I agree to follow this project's Code of Conduct

May 04 '22 21:05 alanraison

terraform-provider-tls terraform-provider-tls copied to clipboard

Support x509/DER/SHA256 public key fingerprint

Terraform CLI and Provider Versions

Use Cases or Problem Statement

Proposal

How much impact is this issue causing?

Additional Information

Code of Conduct

terraform-provider-tls
terraform-provider-tls copied to clipboard