github-personal/certificates
1
0
Fork 0
mirror of https://github.com/outbackdingo/certificates.git synced 2026-01-27 10:18:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,041 Commits 1 Branch 0 Tags
acf4387180f745702cd8a2ad79012ba6f3edc930
Commit Graph

244 Commits

Author SHA1 Message Date
Herman Slatman
acf4387180 Fix new golangci-lint v2 linter issues 2025-05-21 12:21:47 +02:00
Herman Slatman
27944b4eae Fix linter issues 2025-02-18 11:04:54 +01:00
Herman Slatman
f4736325fa Use github.com/smallstep/linkedca @ v0.23.0 2025-01-03 18:24:19 +01:00
Herman Slatman
aeb5e1b366 Address linter issues 2024-08-20 16:54:29 +02:00
Mariano Cano
6e7a186bde Apply suggestions from code review 
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
 2024-08-13 12:49:07 -07:00
Mariano Cano
d3acbe9cbd Add endpoints that return intermediate certificates 
This commit adds new endpoints that return the intermediate
certificates used in the CA.

Related to #1848
 2024-08-13 12:09:05 -07:00
Mariano Cano
88f161818d Merge pull request #1558 from adantop/feat/support-gcp-ssh-user-certs-opt-2 
Allowing GCP provisioner to issue SSH User Certificates - Option 2
 2024-07-23 11:13:51 -07:00
Mariano Cano
ffbbdf6f04 Update api/ssh.go 
Co-authored-by: Max <mx.furman@gmail.com>
 2024-07-11 12:35:39 -07:00
Mariano Cano
955338a80d Create identity uri on any provisioner 
This commit allows the creation of the identity certificate with the
host URI using any provisioner. Before, only the K8SSA provisioner could
create an identity certificate with the URI.
 2024-07-11 12:27:15 -07:00
Mariano Cano
c0b7c33a58 Use a function as the error logger 
This commit addresses comment in the code review. Now, instead of
injecting an slog.Logger we can inject any method that can use a more
flexible implementation.
 2024-05-16 11:00:36 -07:00
Mariano Cano
f3f484cee2 Log errors using slog.Logger 
This commit allows logging errors in a slog.Logger injected in the
context. This type of logger is not currently used directly in step-ca,
but this will change in the future.
 2024-05-15 15:40:40 -07:00
adantop
e8af03cd36 Allow User Certs for Service Accounts in the GCP provisioner 
adding tests

linting

refactor to generate just the sign options

fix linting and adding toggle for user and host certs

resolving linting error
 2024-05-08 08:34:58 -06:00
verytrap
db92404342 chore: fix function names in comment 
Signed-off-by: verytrap <wangqiuyue@outlook.com>
 2024-04-10 10:35:39 +08:00
Mariano Cano
10f6a901ec Let the CA determine the RA lifetime 
When the RA mode with StepCAS is used, let the CA decide which lifetime
the RA should get instead of requiring always 24h.

This commit also fixes linter warnings.

Related to #1094
 2024-03-12 14:29:55 -07:00
Herman Slatman
cf8a50157f Add a basic e2e test for X-Request-Id reflection 2024-02-28 01:05:38 +01:00
Herman Slatman
041b486c55 Remove usages of Sign without context 2024-02-27 14:16:21 +01:00
Herman Slatman
2a8b80a3e1 Merge branch 'master' into herman/webhook-request-id 2024-02-27 12:17:10 +01:00
Herman Slatman
3dbb4aad3d Change CRL unavailable case to HTTP 404 2024-02-14 10:49:18 +01:00
Herman Slatman
c76dad8a22 Improve tests for CRL HTTP handler 2024-02-08 15:03:57 +01:00
Herman Slatman
d1deb7f930 Add Expires header to CRL response 2024-02-08 14:10:48 +01:00
Mariano Cano
b20af51f32 Upgrade go.step.sm/crypto to use go-jose/v3 2023-12-12 16:36:48 -08:00
Max
9f84f7ce35 Allow for identity certificate signing (in sshSign) by skipping validators (#1572) 
- skip urisValidator for identity certificate signing. Implemented
  by building the validator with the context in a hacky way.
 2023-10-06 14:02:19 -07:00
Mariano Cano
52baf52f84 Change scep password type to string 
This commit changes the type of the decrypter key password to string to
be consistent with other passwords in the ca.json
 2023-09-26 10:36:58 -07:00
Mariano Cano
33bdae4a34 Fix redacted tests 2023-09-25 15:57:01 -07:00
Mariano Cano
4d5fbfa439 Fix redacted types in SCEP provisioner 
This commit uses the same types for the fields in the provisioner.SCEP
type and the "redacted" models.SCEP.
 2023-09-25 15:49:45 -07:00
Herman Slatman
ffe079f31b Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-23 00:06:56 +02:00
Herman Slatman
5fd70af2c8 Make API responses aware of the new SCEP decrypter properties 2023-09-22 11:38:03 +02:00
Herman Slatman
3ade92f8d5 Support both a decrypter key URI as well as PEM 2023-09-22 11:10:22 +02:00
Dominic Evans
231b5d8406 chore(deps): upgrade github.com/go-chi/chi to v5 
Upgrade chi to the v5 module path to avoid deprecation warning about v4
and earlier on the old module path.

See https://github.com/go-chi/chi/blob/v4.1.3/go.mod#L1-L4

Signed-off-by: Dominic Evans <dominic.evans@uk.ibm.com>
 2023-09-20 11:26:32 +01:00
Herman Slatman
4ef093dc4b Fix broken tests relying on Sign in mocks 2023-09-19 16:55:59 +02:00
Herman Slatman
9e3807eaa3 Use SignWithContext in the critical paths 2023-09-19 16:34:29 +02:00
Herman Slatman
4e06bdbc51 Add SignWithContext method to authority and mocks 2023-09-19 16:30:53 +02:00
Herman Slatman
98d015b5c3 Fix linting issues 2023-09-04 15:36:37 +02:00
Herman Slatman
d9f56cdbdc Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-04 15:24:19 +02:00
Herman Slatman
9d3b78ae49 Add excludeIntermediate to SCEP provisioner 2023-09-04 14:55:27 +02:00
Max
116ff8ed65 bump go.mod to go1.20 and associated linter fixes (#1518) 2023-08-29 11:52:13 -07:00
Herman Slatman
4186b2c2d0 Change JSON marshaling for SCEP provisioners 
Instead of the old method that redacted sensitive information
by overriding the value of the property and changing it back
to the original, the API now uses a model specifically meant
for API responses. This prevents potential race conditions.

This may be iterated on a bit so that we don't need to rely
on the [provisioner.Interface] interface, which requires the
API model to implement unnecessary methods.
 2023-08-03 17:21:50 +02:00
Herman Slatman
d754000a68 Fix SCEP provisioner API test 2023-08-03 16:20:04 +02:00
Herman Slatman
6985b4be62 Clean up the SCEP authority and provisioner 2023-06-01 14:43:32 +02:00
Herman Slatman
180162bd6a Refactor SCEP provisioner and decrypter 2023-06-01 12:10:54 +02:00
Herman Slatman
0377fe559b Add basic version of provisioner specific SCEP decrypter 2023-05-26 23:52:49 +02:00
Max
df13351586 Merge pull request #1381 from smallstep/max/go-1.19 
Bump go.mod golang version to 1.19
 2023-05-10 10:34:24 -07:00
max furman
8b256f0351 address linter warning for go 1.19 2023-05-09 23:47:28 -07:00
Herman Slatman
017c3273ef Merge pull request #1374 from smallstep/herman/log-ssh-certificate 
Log SSH certificates
 2023-05-09 17:21:03 +02:00
Herman Slatman
f17bfdf57d Reformat the SSH certificate logging output for read- and parsability 2023-05-08 13:46:20 +02:00
Herman Slatman
4c56877d97 Add SSH certificate logging to renew and rekey too 2023-05-05 11:06:01 +02:00
Panagiotis Siatras
2139121683 optimized render.JSON (#929) 
* api/render: render JSON directly to the underlying writer

* also consider json.MarshalerError a panic
 2023-05-04 22:16:12 +03:00
Herman Slatman
81140f859c Fix valid-from and valid-to times 2023-05-04 16:15:03 +02:00
Herman Slatman
39e658b527 Add test for LogSSHCertificate 2023-05-04 15:52:49 +02:00
Herman Slatman
922f702da3 Add logging for SSH certificate issuance 2023-05-04 15:33:06 +02:00