github-personal/certificates
1
0
Fork 0
mirror of https://github.com/outbackdingo/certificates.git synced 2026-01-27 10:18:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,310 Commits 1 Branch 0 Tags
master
Commit Graph

234 Commits

Author SHA1 Message Date
Herman Slatman
17a37a13bf Fix backdate support for ACME provisioner 
Other provisioners did take into account the authority-wide
certificate backdate configuration already, but the ACME
provisioner did not. This commit adds `authority.GetBackdate`,
so that the ACME provisioner can use it if set.

Fixes: #927
 2025-10-22 16:05:45 +02:00
Herman Slatman
f1092e103a Fix govet non-constant error format string issues 2025-09-09 01:38:33 +02:00
Mariano Cano
b7e59c97f3 Add support for YubiKeys 5.7.4+ 
This change adds the root certificate used on YubiKeys 5.7.4+. Now the
attestation certificate will be verified using two roots.

Attestation statements must contain all intermediates, see
smallstep/crypto#831

Fixes #2355
 2025-08-20 12:14:37 -07:00
Herman Slatman
acf4387180 Fix new golangci-lint v2 linter issues 2025-05-21 12:21:47 +02:00
Herman Slatman
27944b4eae Fix linter issues 2025-02-18 11:04:54 +01:00
Herman Slatman
aeb5e1b366 Address linter issues 2024-08-20 16:54:29 +02:00
Herman Slatman
cae47aa690 Merge branch 'master' into wire-acme-extensions 2024-08-02 22:58:56 +02:00
Mariano Cano
c8e65abfb1 Fix linter warnings 2024-06-12 16:03:01 -07:00
Mariano Cano
b4616ee8f1 Upgrade linkedca 
This commit upgrades go.step.sm/linkedca with dependencies required by
smallstep/certificates#1802. It also fixes some linter warnings.
 2024-06-12 15:54:17 -07:00
Mariano Cano
192e90eea7 Merge branch 'master' into mariano/account-provisioner 2024-05-16 14:25:57 -07:00
Mariano Cano
8673818980 Split provisioner check in two cases 2024-05-15 16:12:15 -07:00
Mariano Cano
f3f484cee2 Log errors using slog.Logger 
This commit allows logging errors in a slog.Logger injected in the
context. This type of logger is not currently used directly in step-ca,
but this will change in the future.
 2024-05-15 15:40:40 -07:00
Mariano Cano
5fa5a63de8 Verify provisioner with id if available 
This commit allows verifying the account provisioner with the request
provisioner using the ID instead of the name. When the provisioner are
stored in the DB, the provisioner ID is not mutable but the name is.
 2024-05-13 17:07:33 -07:00
Mariano Cano
b1e31b1726 Use always acme.IsErrNotFound 
This commit replaces the comparisons with acme.ErrNotFound and always
uses acme.IsErrNotFound.
 2024-05-06 15:11:58 -07:00
Mariano Cano
d037ed6ff2 Add provisioner id to acme accounts 
This commit adds a new field that allows to have a reference to
a provisioner id in the acme account.
 2024-05-06 11:58:22 -07:00
Herman Slatman
6646af6efd Merge branch 'master' into wire-acme-extensions 2024-03-27 18:27:59 +01:00
Mariano Cano
10f6a901ec Let the CA determine the RA lifetime 
When the RA mode with StepCAS is used, let the CA decide which lifetime
the RA should get instead of requiring always 24h.

This commit also fixes linter warnings.

Related to #1094
 2024-03-12 14:29:55 -07:00
Herman Slatman
c6c2c4a80e Fix ACME Wire Order tests 2024-03-06 16:30:43 +01:00
Herman Slatman
755ae0b7fa Fix Wire mock CA interface implementation 2024-03-04 14:47:33 +01:00
Herman Slatman
364566bb01 Merge branch 'master' into wire-acme-extensions 2024-03-04 14:36:07 +01:00
Herman Slatman
041b486c55 Remove usages of Sign without context 2024-02-27 14:16:21 +01:00
Herman Slatman
2a8b80a3e1 Merge branch 'master' into herman/webhook-request-id 2024-02-27 12:17:10 +01:00
Herman Slatman
194341e520 Address review comments 2024-02-07 00:54:29 +01:00
Herman Slatman
138c1013f6 Add validation for Wire UserID + DeviceID identifiers 2024-02-06 22:02:59 +01:00
Herman Slatman
2e78301189 Simplify the DPoP target provider functionality 2024-02-06 17:11:32 +01:00
Herman Slatman
c6a6622892 Improve test coverage for Wire authorizations 2024-02-06 16:56:30 +01:00
Herman Slatman
ef657d7d2d Fix OIDC target 2024-02-06 13:17:49 +01:00
Herman Slatman
8a9b1b3f79 Move Wire option validation to provisioner initialization 2024-01-29 16:45:13 +01:00
Herman Slatman
93ba1654ea Fix tests to work with Wire UserID and DeviceID 2024-01-24 13:45:20 +01:00
beltram
9eed61a9c5 use switch statement 2024-01-23 11:42:09 +01:00
beltram
a3de984ee3 fix: use 2 separate identifiers for Wire 2024-01-19 15:58:02 +01:00
Herman Slatman
2f3819aa4e Use key authorization from ID token and handle -> preferred_username 2024-01-17 14:13:55 +01:00
Herman Slatman
7680da7c57 Add realistic OIDC payload to Wire integration test 2024-01-16 16:32:35 +01:00
Herman Slatman
37106a438a Fix Wire integration test by acting on realistic access/dpop token 2024-01-16 14:52:07 +01:00
Herman Slatman
c46434f6e0 Make the example Wire handle consistent 2024-01-15 19:46:18 +01:00
Herman Slatman
bca179d611 Make the Wire API integration test a bit more like the real flow 2024-01-15 19:37:37 +01:00
Herman Slatman
0ad381b092 Add OIDC token template transformation 2024-01-12 16:48:21 +01:00
Herman Slatman
79739e5073 Change signature algorithm property name 2024-01-12 09:48:49 +01:00
Herman Slatman
1bf807add3 Use base64 encoded signing key format 2024-01-11 17:04:08 +01:00
Herman Slatman
1f5f756fce Make Wire options more robust 2024-01-11 16:14:53 +01:00
Herman Slatman
6ef64b6ed6 Refactor the Wire option configuration 2024-01-11 15:08:44 +01:00
Herman Slatman
acad227b25 Put Wire options in lower level wire struct 2024-01-11 13:18:43 +01:00
Herman Slatman
897688a831 Merge branch 'wire-acme-extensions' into herman/remove-rusty-cli 2024-01-11 12:03:52 +01:00
Herman Slatman
ca8855767d Fix and add more tests to Wire order identifier validation 2024-01-11 11:47:06 +01:00
Herman Slatman
70a2f431fa Address review remarks 2024-01-11 11:06:39 +01:00
Herman Slatman
de25740567 Change name of test for Wire Order 2024-01-10 21:16:04 +01:00
Herman Slatman
c7892e9cd3 Remove the rusty-jwt-cli configuration 2024-01-10 20:51:19 +01:00
Herman Slatman
ffd887f8cc Fix tests for ACME Wire provisioner 2024-01-10 20:23:01 +01:00
Herman Slatman
7a464cdb17 Use require to check for errors in Wire integration test 2024-01-09 21:52:00 +01:00
Herman Slatman
776a839a42 Fix linter issues and improve error handling 2024-01-09 21:31:19 +01:00