scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2026-01-08 21:21:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,495 Commits 2,630 Branches 341 Tags
98fada78e46cdebeb80098ea44aae7b62ce937f3
Commit Graph

34 Commits

Author SHA1 Message Date
Andrew Stuart
fea21d9c08 Update PrivateKeyType to string, update switch statement. 2015-12-14 11:16:47 -07:00
Andrew Stuart
a73be107e1 Remove unnecessary cast 2015-12-14 06:17:20 -07:00
Andrew Stuart
44413fdb2f Remove printf call from test 2015-12-11 15:47:00 -07:00
Andrew Stuart
7b9a0e81e1 Merge branch 'pkcs8' 2015-12-11 15:22:43 -07:00
Andrew Stuart
1c41726766 Add benchmark for certutil bundle parsing 2015-12-11 15:17:49 -07:00
Andrew Stuart
166c7ac0f9 Remove debugging print statement in compareCertBundleToParsedCertBundle 2015-12-11 15:17:49 -07:00
Andrew Stuart
7065500d16 Remove flag check before trying pkcs8 parsing. 2015-12-11 15:17:49 -07:00
Andrew Stuart
c481955401 Add pkcs8 flag setting in ParsePEMBundle 2015-12-11 15:17:49 -07:00
Andrew Stuart
e38596fc1c Update tests and finish implementation of PKCS8 handling 2015-12-11 15:17:49 -07:00
Andrew Stuart
39a3a92e79 Update ParsePEMBundle to properly handle pkcs#8 
Implementation based on be16001187/src/crypto/tls/tls.go (L273-L290)
 2015-12-11 15:17:49 -07:00
Andrew Stuart
dfc052a755 Move to pem.Block.Type-based decoding 2015-12-11 14:57:33 -07:00
Andrew Stuart
ee563cdc32 Add benchmark for certutil bundle parsing 2015-12-11 09:58:49 -07:00
Andrew Stuart
1083c3b357 Merge branch 'master' into pkcs8 2015-12-10 21:02:59 -07:00
Andrew Stuart
ceb74f956c Update flag to field with format info 2015-12-10 21:02:31 -07:00
Andrew Stuart
a9723189a1 Remove debugging print statement in compareCertBundleToParsedCertBundle 2015-12-10 16:33:42 -07:00
Andrew Stuart
7bba342ee3 Remove flag check before trying pkcs8 parsing. 2015-12-09 19:41:32 -07:00
Andrew Stuart
50b7be1c9a Remove flag check before trying pkcs8 parsing. 2015-12-09 15:33:25 -07:00
Andrew Stuart
c8d49c2d66 Add pkcs8 flag setting in ParsePEMBundle 2015-12-09 15:33:25 -07:00
Andrew Stuart
5af21130d7 Update tests and finish implementation of PKCS8 handling 2015-12-09 15:33:25 -07:00
Andrew Stuart
b59e15c33d Update ParsePEMBundle to properly handle pkcs#8 
Implementation based on be16001187/src/crypto/tls/tls.go (L273-L290)
 2015-12-09 15:29:13 -07:00
Jeff Mitchell
4f2f7a0e3b Mostly revert changes to certutil as the embedded struct stuff was being 
problematic.
 2015-11-19 14:18:39 -05:00
Jeff Mitchell
fcbdb5f30a fix tests 2015-11-19 10:13:28 -05:00
Jeff Mitchell
cb5514f3f3 Move public key comparison logic to its own function 2015-11-19 09:51:18 -05:00
Jeff Mitchell
b5423493ca Move serial number generation and key validation into certutil; centralize format and key verification 2015-11-19 09:51:18 -05:00
Jeff Mitchell
ba37e4bcb5 Add unit tests for CSR bundle conversion 2015-11-19 09:51:18 -05:00
Jeff Mitchell
4e73187837 Add support for EC CA keys, output to base64-encoded DER instead of PEM, and tests for all of those. Also note that Go 1.5 is now required. 2015-11-19 09:51:17 -05:00
Jeff Mitchell
e45af0a17b Add unit tests to test signing logic, fix up test logic for names 2015-11-19 09:51:17 -05:00
Jeff Mitchell
55fc4ba898 Implement CA cert/CSR generation. CA certs can be self-signed or 
generate an intermediate CSR, which can be signed.
 2015-11-19 09:51:17 -05:00
Jeff Mitchell
2737066e09 Add delete method, and ability to delete only one serial as well as an entire set. 2015-11-03 10:52:20 -05:00
Jeff Mitchell
15594561ab Add unit tests for certutil, and fix a whitespace stripping issue. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-19 16:06:56 -04:00
Jeff Mitchell
435aefc072 A few things: 
* Add comments to every non-obvious (e.g. not basic read/write handler type) function
* Remove revoked/ endpoint, at least for now
* Add configurable CRL lifetime
* Cleanup
* Address some comments from code review

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-19 12:48:18 -04:00
Jeff Mitchell
23ba605068 Refactor to allow only issuing CAs to be set and not have things blow up. This is useful/important for e.g. the Cassandra backend, where you may want to do TLS with a specific CA cert for server validation, but not actually do client authentication with a client cert. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-18 15:22:58 -04:00
Jeff Mitchell
c4256601f2 Restructure a little bit to make the helper library fully standalone. This makes it easier to move around later if desired, and for use by external programs. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-18 06:42:57 -04:00
Jeff Mitchell
31e680048e A lot of refactoring: move PEM bundle parsing into helper/certutil, so that it is usable by other backends that want to use it to get the necessary data for TLS auth. 
Also, enhance the raw cert bundle => parsed cert bundle to make it more useful and perform more validation checks.

More refactoring could be done within the PKI backend itself, but that can wait.

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-17 16:07:20 -04:00