github-personal/certificates
1
0
Fork 0
mirror of https://github.com/outbackdingo/certificates.git synced 2026-01-27 10:18:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,310 Commits 1 Branch 0 Tags
master
Commit Graph

105 Commits

Author SHA1 Message Date
Herman Slatman
f1092e103a Fix govet non-constant error format string issues 2025-09-09 01:38:33 +02:00
Herman Slatman
27944b4eae Fix linter issues 2025-02-18 11:04:54 +01:00
Mariano Cano
1a2e64724a Change URN for acme errors 
This commit changes the urn suffix for acme errors to urn:smallstep:acme:error
 2024-11-15 15:53:31 -08:00
Max
73f97e244c Ignore non-constant format string linting error (#2068) 2024-11-15 10:42:50 -08:00
Mariano Cano
05295d9c6a Propagate human errors from webhooks 
This commit adds a new field error in the webhook response that allows
to propagate errors to the client. With ACME, webhook errors are as
a new subproblem.
 2024-11-14 18:29:36 -08:00
Herman Slatman
bb512e76c3 Change Wire DB operations into using a runtime type assertion 2024-08-13 11:11:08 +02:00
Herman Slatman
09e26d93d4 Fix linter issues 2024-08-02 23:05:01 +02:00
Herman Slatman
7426edb6d7 Merge branch 'master' into wire-acme-extensions 2024-04-22 20:36:25 +02:00
verytrap
db92404342 chore: fix function names in comment 
Signed-off-by: verytrap <wangqiuyue@outlook.com>
 2024-04-10 10:35:39 +08:00
Herman Slatman
364566bb01 Merge branch 'master' into wire-acme-extensions 2024-03-04 14:36:07 +01:00
Herman Slatman
194341e520 Address review comments 2024-02-07 00:54:29 +01:00
Herman Slatman
a38132aa58 Fix policy check for Wire user and device identifiers 2024-01-24 20:28:45 +01:00
Herman Slatman
93ba1654ea Fix tests to work with Wire UserID and DeviceID 2024-01-24 13:45:20 +01:00
beltram
b8eb559ee9 Update acme/order.go 
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
 2024-01-23 11:39:39 +01:00
beltram
a3de984ee3 fix: use 2 separate identifiers for Wire 2024-01-19 15:58:02 +01:00
Herman Slatman
70a2f431fa Address review remarks 2024-01-11 11:06:39 +01:00
Herman Slatman
776a839a42 Fix linter issues and improve error handling 2024-01-09 21:31:19 +01:00
Herman Slatman
eb9893bd21 Refactor logic for processing WireID identifiers in Order 
Processing `WireID` identifiers, the Wire subject, and the Wire
DPoP and OIDC tokens is now conditional.
 2024-01-09 18:22:21 +01:00
beltram
5fdf036a4d fix: invalid OID for display name in CSR 2024-01-08 22:03:03 +01:00
beltram
1b32957ff6 fix: verify custom display_name extension is present 2024-01-08 22:02:16 +01:00
beltram
7b5740153d support for oidc id token 2024-01-08 22:00:29 +01:00
beltram
8888262e45 cheat by allowing also looking up for ready orders 2024-01-08 21:43:43 +01:00
beltram
0bc530c98e log more things 2024-01-08 21:36:50 +01:00
beltram
abe86002ee try by storing everything in db 2024-01-08 21:33:53 +01:00
beltram
76dfcb00e4 try silencing template data for dichotomies 2024-01-08 21:23:09 +01:00
beltram
a32bb66e47 trying to pass access token to template 2024-01-08 21:22:50 +01:00
beltram
b58de27675 fix: do not convert URIs to lowercase for comparison purpose 2024-01-08 21:05:41 +01:00
beltram
3576cc30c8 forward displayName in CSR with custom OID 2024-01-08 20:58:32 +01:00
beltram
4172b69816 remove displayName validation, potentially harmful 2024-01-08 20:57:35 +01:00
beltram
79501df5a2 fix: exclude displayName from SAN DNS 2024-01-08 20:56:39 +01:00
Stefan Berthold
af31a167c6 skip empty entries for uniqueSortedLowerNames 2024-01-08 20:54:17 +01:00
beltram
cc5fd0a6a5 fix san validation 2024-01-08 20:52:52 +01:00
beltram
3eb0ff43c0 fix orderNames size 2024-01-08 20:47:51 +01:00
beltram
c41a99ad75 (finalize) have both display name & domain in SANs 2024-01-08 20:47:28 +01:00
beltram
5ba0ab3e44 fix csr domain validation in finalize 2024-01-08 20:46:48 +01:00
beltram
73ec6c89d0 fix csr org validation in finalize 2024-01-08 20:46:07 +01:00
Stefan Berthold
8e0e35532c Add Wire authz and challenges (OIDC+DPOP) 2024-01-08 20:27:16 +01:00
Herman Slatman
9e3807eaa3 Use SignWithContext in the critical paths 2023-09-19 16:34:29 +02:00
Mariano Cano
6ba20209c2 Verify CSR key fingerprint with attestation certificate key 
This commit makes sure that the attestation certificate key matches the
key used on the CSR on an ACME device attestation flow.
 2023-02-09 16:48:43 -08:00
Herman Slatman
64d9ad7b38 Validate Subject Common Name for Orders with Permanent Identifier 2023-01-20 16:54:55 +01:00
Andrew Reed
7101fbb0ee Provisioner webhooks (#1001) 2022-09-29 19:16:26 -05:00
max furman
f3d1863ec6 A few more linter errors 2022-09-20 21:01:55 -07:00
Mariano Cano
f0a24bd8ca Add acme property to enable challenges 
Fixes #1027
 2022-09-20 19:01:53 -07:00
Mariano Cano
191d9e8629 Use go.step.sm/crypto to set the permanent identifier 2022-09-20 18:57:43 -07:00
Mariano Cano
2b3b2c283a Add attestation certificate validation for Apple devices 2022-09-20 18:51:43 -07:00
Brandon Weeks
5f5315260a iOS 16 beta 1 support 2022-09-20 16:53:08 -07:00
Brandon Weeks
6f2b4d3042 Add ACME permanent-identifier identifier type 2022-09-20 16:48:28 -07:00
max furman
ab0d2503ae Standardize linting file and fix or ignore lots of linting errors 2022-09-20 16:35:41 -07:00
Mariano Cano
34c6c65671 Pass attestation information to the Sign method 
Attestation information might be useful in authorizing webhooks
 2022-09-16 12:37:41 -07:00
Mariano Cano
3cd72ac72a Remove debug statements 2022-09-08 10:44:48 -07:00