github-personal/certificates
1
0
Fork 0
mirror of https://github.com/outbackdingo/certificates.git synced 2026-01-27 18:18:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,155 Commits 1 Branch 0 Tags
bbb80cde166eea205853835264bdcb3fe9a4e1df
Commit Graph

230 Commits

Author SHA1 Message Date
Herman Slatman
cf8a50157f Add a basic e2e test for X-Request-Id reflection 2024-02-28 01:05:38 +01:00
Herman Slatman
041b486c55 Remove usages of Sign without context 2024-02-27 14:16:21 +01:00
Herman Slatman
2a8b80a3e1 Merge branch 'master' into herman/webhook-request-id 2024-02-27 12:17:10 +01:00
Herman Slatman
3dbb4aad3d Change CRL unavailable case to HTTP 404 2024-02-14 10:49:18 +01:00
Herman Slatman
c76dad8a22 Improve tests for CRL HTTP handler 2024-02-08 15:03:57 +01:00
Herman Slatman
d1deb7f930 Add Expires header to CRL response 2024-02-08 14:10:48 +01:00
Mariano Cano
b20af51f32 Upgrade go.step.sm/crypto to use go-jose/v3 2023-12-12 16:36:48 -08:00
Max
9f84f7ce35 Allow for identity certificate signing (in sshSign) by skipping validators (#1572) 
- skip urisValidator for identity certificate signing. Implemented
  by building the validator with the context in a hacky way.
 2023-10-06 14:02:19 -07:00
Mariano Cano
52baf52f84 Change scep password type to string 
This commit changes the type of the decrypter key password to string to
be consistent with other passwords in the ca.json
 2023-09-26 10:36:58 -07:00
Mariano Cano
33bdae4a34 Fix redacted tests 2023-09-25 15:57:01 -07:00
Mariano Cano
4d5fbfa439 Fix redacted types in SCEP provisioner 
This commit uses the same types for the fields in the provisioner.SCEP
type and the "redacted" models.SCEP.
 2023-09-25 15:49:45 -07:00
Herman Slatman
ffe079f31b Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-23 00:06:56 +02:00
Herman Slatman
5fd70af2c8 Make API responses aware of the new SCEP decrypter properties 2023-09-22 11:38:03 +02:00
Herman Slatman
3ade92f8d5 Support both a decrypter key URI as well as PEM 2023-09-22 11:10:22 +02:00
Dominic Evans
231b5d8406 chore(deps): upgrade github.com/go-chi/chi to v5 
Upgrade chi to the v5 module path to avoid deprecation warning about v4
and earlier on the old module path.

See https://github.com/go-chi/chi/blob/v4.1.3/go.mod#L1-L4

Signed-off-by: Dominic Evans <dominic.evans@uk.ibm.com>
 2023-09-20 11:26:32 +01:00
Herman Slatman
4ef093dc4b Fix broken tests relying on Sign in mocks 2023-09-19 16:55:59 +02:00
Herman Slatman
9e3807eaa3 Use SignWithContext in the critical paths 2023-09-19 16:34:29 +02:00
Herman Slatman
4e06bdbc51 Add SignWithContext method to authority and mocks 2023-09-19 16:30:53 +02:00
Herman Slatman
98d015b5c3 Fix linting issues 2023-09-04 15:36:37 +02:00
Herman Slatman
d9f56cdbdc Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-04 15:24:19 +02:00
Herman Slatman
9d3b78ae49 Add excludeIntermediate to SCEP provisioner 2023-09-04 14:55:27 +02:00
Max
116ff8ed65 bump go.mod to go1.20 and associated linter fixes (#1518) 2023-08-29 11:52:13 -07:00
Herman Slatman
4186b2c2d0 Change JSON marshaling for SCEP provisioners 
Instead of the old method that redacted sensitive information
by overriding the value of the property and changing it back
to the original, the API now uses a model specifically meant
for API responses. This prevents potential race conditions.

This may be iterated on a bit so that we don't need to rely
on the [provisioner.Interface] interface, which requires the
API model to implement unnecessary methods.
 2023-08-03 17:21:50 +02:00
Herman Slatman
d754000a68 Fix SCEP provisioner API test 2023-08-03 16:20:04 +02:00
Herman Slatman
6985b4be62 Clean up the SCEP authority and provisioner 2023-06-01 14:43:32 +02:00
Herman Slatman
180162bd6a Refactor SCEP provisioner and decrypter 2023-06-01 12:10:54 +02:00
Herman Slatman
0377fe559b Add basic version of provisioner specific SCEP decrypter 2023-05-26 23:52:49 +02:00
Max
df13351586 Merge pull request #1381 from smallstep/max/go-1.19 
Bump go.mod golang version to 1.19
 2023-05-10 10:34:24 -07:00
max furman
8b256f0351 address linter warning for go 1.19 2023-05-09 23:47:28 -07:00
Herman Slatman
017c3273ef Merge pull request #1374 from smallstep/herman/log-ssh-certificate 
Log SSH certificates
 2023-05-09 17:21:03 +02:00
Herman Slatman
f17bfdf57d Reformat the SSH certificate logging output for read- and parsability 2023-05-08 13:46:20 +02:00
Herman Slatman
4c56877d97 Add SSH certificate logging to renew and rekey too 2023-05-05 11:06:01 +02:00
Panagiotis Siatras
2139121683 optimized render.JSON (#929) 
* api/render: render JSON directly to the underlying writer

* also consider json.MarshalerError a panic
 2023-05-04 22:16:12 +03:00
Herman Slatman
81140f859c Fix valid-from and valid-to times 2023-05-04 16:15:03 +02:00
Herman Slatman
39e658b527 Add test for LogSSHCertificate 2023-05-04 15:52:49 +02:00
Herman Slatman
922f702da3 Add logging for SSH certificate issuance 2023-05-04 15:33:06 +02:00
Herman Slatman
f9ec62f46c Merge branch 'master' into herman/improve-scep-marshaling 2023-05-04 10:47:53 +02:00
Panagiotis Siatras
d797941137 do not render CRLs in memory (#1373) 2023-05-03 23:49:26 +03:00
Herman Slatman
c365d8580e Move provisioner marshaling logic to api package 2022-12-13 10:26:34 +01:00
Herman Slatman
b8c306ebfa Refactor tests stylistically 2022-11-18 10:26:03 +01:00
Panagiotis Siatras
9197de3e96 api/log: removed dependency to certificates/logging 2022-11-17 16:04:21 +02:00
Panagiotis Siatras
b7f4881972 merged log tests 2022-11-17 16:00:01 +02:00
Herman Slatman
27bbc3682b Improve error log test readability 2022-11-17 13:07:19 +01:00
Herman Slatman
362be72120 Fix StackTracedError logging 
When running with `STEPDEBUG=1`, a response with a `StackTracedError`
would result in a nil pointer error. This commit fixes the check and
adds a test case.
 2022-11-17 12:34:30 +01:00
Mariano Cano
c7f226bcec Add support for renew when using stepcas 
It supports renewing X.509 certificates when an RA is configured with stepcas.
This will only work when the renewal uses a token, and it won't work with mTLS.

The audience cannot be properly verified when an RA is used, to avoid this we
will get from the database if an RA was used to issue the initial certificate
and we will accept the renew token.

Fixes #1021 for stepcas
 2022-11-04 16:42:07 -07:00
Mariano Cano
59775fff0c Merge branch 'master' into crl-support 2022-10-27 10:13:19 -07:00
max furman
66858a3870 No longer need to ignore context warnings when context in request 
- after upgrade to golangci-lint 1.50.0
 2022-10-04 13:49:10 -07:00
Raal Goff
d0e81af524 Merge branch 'master' into crl-support 2022-09-30 08:45:48 +08:00
max furman
4c7a2ce3eb Fix errors.As linter warnings 2022-09-22 00:04:31 -07:00
max furman
7c5e5b2b87 Even more linter fixes 2022-09-20 21:48:04 -07:00