TPv2 Add the ability to inspect a cert/DS

[shamrickus]

This PR adds the ability to inspect a user provided cert chain or the one from a specific DS. This requires the use of a new library node-forge. This library is relatively large (~200Kb compressed) and as such the functionality is relegated to it's own module.

---

Which Traffic Control components are affected by this PR?

• Traffic Portal v2

What is the best way to verify this PR?

Ensure the SSL chunk is only loaded when navigating to one of the two endpoints, core/certs/ssl and core/certs/ssl/ds/:xmlId. The generic endpoint has a sidebar entry under Other and should work.

For DS cert (which needs to be navigated to manually), there should be two tabs. One displaying the information that TO provides, and the other displaying the processed cert info.
The generic cert also has two tabs, the processed tab like with DS cert, and an input tab where the user can input the cert. The only validation that should occur on this tab is ensuring the cert field is not empty.

The processed cert screen should always show the chain in root -> client order. It should also display the detected order (if possible). In case of a cert that doesn't match or a cert doesn't parse it should properly update the order to "Unknown" and that specific certs name to "Error".

PR submission checklist

• This PR has tests
• This PR has documentation
• This PR has a CHANGELOG.md entry
• This PR DOES NOT FIX A SERIOUS SECURITY VULNERABILITY (see the Apache Software Foundation's security guidelines for details)

[codecov]

Codecov Report

Merging #7555 (273f65d) into master (07cdf46) will increase coverage by 35.43%.
The diff coverage is 79.74%.

@@              Coverage Diff              @@
##             master    #7555       +/-   ##
=============================================
+ Coverage     29.84%   65.27%   +35.43%     
  Complexity       98       98               
=============================================
  Files           794      318      -476     
  Lines         84884    12531    -72353     
  Branches        908      931       +23     
=============================================
- Hits          25330     8180    -17150     
+ Misses        57424     3992    -53432     
+ Partials       2130      359     -1771     

Flag	Coverage Δ
golib_unit	?
grove_unit	?
t3c_unit	?
traffic_monitor_unit	?
traffic_ops_unit	?
traffic_portal_v2	74.09% <79.74%> (+0.16%)	⬆️
traffic_stats_unit	?
unit_tests	74.09% <79.74%> (+47.12%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Changed	Coverage Δ
...perimental/traffic-portal/src/app/app.ui.module.ts	100.00% <ø> (ø)
...tatuses/statuses-table/statuses-table.component.ts	82.35% <ø> (ø)
...al/src/app/shared/navigation/navigation.service.ts	61.22% <ø> (ø)
...al/src/app/api/testing/delivery-service.service.ts	59.81% <14.28%> (-3.19%)	⬇️
...pp/core/certs/cert-viewer/cert-viewer.component.ts	77.38% <77.38%> (ø)
...pp/core/certs/cert-detail/cert-detail.component.ts	86.00% <86.00%> (ø)
...fic-portal/src/app/api/delivery-service.service.ts	100.00% <100.00%> (ø)
...pp/core/certs/cert-author/cert-author.component.ts	100.00% <100.00%> (ø)
...tal/traffic-portal/src/app/core/certs/cert.util.ts	100.00% <100.00%> (ø)

... and 484 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[ocket8888]

node-forge is kinda big - I'm just wondering if the things you need to do can be accomplished with a SubtleCrypto interface? It's pretty basic, but if it does have the required functionality then it'd be the superior choice IMO.

[shamrickus]

node-forge is kinda big - I'm just wondering if the things you need to do can be accomplished with a SubtleCrypto interface? It's pretty basic, but if it does have the required functionality then it'd be the superior choice IMO.

I would've loved to use a native browser api but the ones that exist are insufficient and at best would require significant amounts of code to replicate the current behavior. SubtleCrypto in particular requires knowledge of the cert crypto algorithm to even call the constructors.

[rimashah25]

Logically the code LGTM. Tested it on local and the design (along with solution) works as expected.

[ocket8888]

the DS certtificate inspector looks to not be navigable to me; did you want to add a link on DS cards or details pages for content routing types that allow HTTPS?

[ocket8888]

Looks fine so far, need to test before I approve