Use go.step.sm/crypto to set the permanent identifier

This commit is contained in:
Mariano Cano 2022-08-10 17:38:18 -07:00 committed by max furman
parent 2b3b2c283a
commit 191d9e8629
No known key found for this signature in database
4 changed files with 8 additions and 497 deletions

View file

@ -1,4 +1,4 @@
package acme cpackage acme
import ( import (
"bytes" "bytes"

View file

@ -973,11 +973,7 @@ func TestHandler_UpdateProvisioner(t *testing.T) {
CreatedAt: timestamppb.New(createdAt), CreatedAt: timestamppb.New(createdAt),
DeletedAt: timestamppb.New(deletedAt), DeletedAt: timestamppb.New(deletedAt),
X509Template: &linkedca.Template{ X509Template: &linkedca.Template{
<<<<<<< HEAD
Template: []byte("{ {{ missingFunction }} }"), Template: []byte("{ {{ missingFunction }} }"),
=======
Template: []byte("{!?}"),
>>>>>>> 440ac4b2 (Add provisioner template validation)
}, },
} }
body, err := protojson.Marshal(prov) body, err := protojson.Marshal(prov)
@ -1014,11 +1010,7 @@ func TestHandler_UpdateProvisioner(t *testing.T) {
Type: "badRequest", Type: "badRequest",
Status: 400, Status: 400,
Detail: "bad request", Detail: "bad request",
<<<<<<< HEAD
Message: "invalid template: invalid X.509 template: error parsing template: template: template:1: function \"missingFunction\" not defined", Message: "invalid template: invalid X.509 template: error parsing template: template: template:1: function \"missingFunction\" not defined",
=======
Message: "invalid template: invalid X.509 template: invalid JSON: invalid character '!' looking for beginning of object key string",
>>>>>>> 440ac4b2 (Add provisioner template validation)
}, },
} }
}, },
@ -1228,7 +1220,6 @@ func Test_validateTemplates(t *testing.T) {
err: nil, err: nil,
}, },
{ {
<<<<<<< HEAD
name: "fail/x509-template-missing-quote", name: "fail/x509-template-missing-quote",
args: args{ args: args{
x509: &linkedca.Template{ x509: &linkedca.Template{
@ -1236,15 +1227,6 @@ func Test_validateTemplates(t *testing.T) {
}, },
}, },
err: errors.New("invalid X.509 template: error parsing template: template: template:1: unterminated quoted string"), err: errors.New("invalid X.509 template: error parsing template: template: template:1: unterminated quoted string"),
=======
name: "fail/x509-template-trailing-comma",
args: args{
x509: &linkedca.Template{
Template: []byte(`{"x": 1,}`),
},
},
err: errors.New("invalid X.509 template: invalid JSON: invalid character '}' looking for beginning of object key string"),
>>>>>>> 440ac4b2 (Add provisioner template validation)
}, },
{ {
name: "fail/x509-template-data", name: "fail/x509-template-data",
@ -1253,7 +1235,6 @@ func Test_validateTemplates(t *testing.T) {
Data: []byte(`{!?}`), Data: []byte(`{!?}`),
}, },
}, },
<<<<<<< HEAD
err: errors.New("invalid X.509 template data: error validating json template data"), err: errors.New("invalid X.509 template data: error validating json template data"),
}, },
{ {
@ -1264,18 +1245,6 @@ func Test_validateTemplates(t *testing.T) {
}, },
}, },
err: errors.New("invalid SSH template: error parsing template: template: template:1: function \"unknownFunction\" not defined"), err: errors.New("invalid SSH template: error parsing template: template: template:1: function \"unknownFunction\" not defined"),
=======
err: errors.New("invalid X.509 template data: invalid JSON: invalid character '!' looking for beginning of object key string"),
},
{
name: "fail/ssh-template-trailing-comma",
args: args{
ssh: &linkedca.Template{
Template: []byte(`{"x": 1,}`),
},
},
err: errors.New("invalid SSH template: invalid JSON: invalid character '}' looking for beginning of object key string"),
>>>>>>> 440ac4b2 (Add provisioner template validation)
}, },
{ {
name: "fail/ssh-template-data", name: "fail/ssh-template-data",
@ -1284,11 +1253,7 @@ func Test_validateTemplates(t *testing.T) {
Data: []byte(`{!?}`), Data: []byte(`{!?}`),
}, },
}, },
<<<<<<< HEAD
err: errors.New("invalid SSH template data: error validating json template data"), err: errors.New("invalid SSH template data: error validating json template data"),
=======
err: errors.New("invalid SSH template data: invalid JSON: invalid character '!' looking for beginning of object key string"),
>>>>>>> 440ac4b2 (Add provisioner template validation)
}, },
} }
for _, tt := range tests { for _, tt := range tests {

13
go.mod
View file

@ -15,15 +15,12 @@ require (
github.com/dgraph-io/ristretto v0.0.4-0.20200906165740-41ebdbffecfd // indirect github.com/dgraph-io/ristretto v0.0.4-0.20200906165740-41ebdbffecfd // indirect
github.com/fatih/color v1.9.0 // indirect github.com/fatih/color v1.9.0 // indirect
github.com/fxamacker/cbor/v2 v2.4.0 github.com/fxamacker/cbor/v2 v2.4.0
github.com/go-chi/chi v4.0.2+incompatible
github.com/go-chi/chi v4.1.2+incompatible github.com/go-chi/chi v4.1.2+incompatible
github.com/go-kit/kit v0.10.0 // indirect github.com/go-kit/kit v0.10.0 // indirect
github.com/go-piv/piv-go v1.10.0 // indirect github.com/go-piv/piv-go v1.10.0 // indirect
github.com/go-sql-driver/mysql v1.6.0 // indirect github.com/go-sql-driver/mysql v1.6.0 // indirect
github.com/golang/mock v1.6.0 github.com/golang/mock v1.6.0
github.com/google/go-attestation v0.4.4-0.20220404204839-8820d49b18d9
github.com/google/go-cmp v0.5.8 github.com/google/go-cmp v0.5.8
github.com/google/go-tpm v0.3.3
github.com/google/uuid v1.3.0 github.com/google/uuid v1.3.0
github.com/googleapis/gax-go/v2 v2.4.0 github.com/googleapis/gax-go/v2 v2.4.0
github.com/hashicorp/vault/api v1.3.1 github.com/hashicorp/vault/api v1.3.1
@ -34,8 +31,6 @@ require (
github.com/mattn/go-colorable v0.1.8 // indirect github.com/mattn/go-colorable v0.1.8 // indirect
github.com/mattn/go-isatty v0.0.13 // indirect github.com/mattn/go-isatty v0.0.13 // indirect
github.com/micromdm/scep/v2 v2.1.0 github.com/micromdm/scep/v2 v2.1.0
github.com/micromdm/scep/v2 v2.1.0
github.com/newrelic/go-agent v2.15.0+incompatible
github.com/newrelic/go-agent/v3 v3.18.0 github.com/newrelic/go-agent/v3 v3.18.0
github.com/pkg/errors v0.9.1 github.com/pkg/errors v0.9.1
github.com/rs/xid v1.2.1 github.com/rs/xid v1.2.1
@ -46,13 +41,12 @@ require (
github.com/stretchr/testify v1.7.1 github.com/stretchr/testify v1.7.1
github.com/urfave/cli v1.22.4 github.com/urfave/cli v1.22.4
go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352
go.step.sm/cli-utils v0.7.0
go.step.sm/cli-utils v0.7.4 go.step.sm/cli-utils v0.7.4
go.step.sm/crypto v0.19.0 go.step.sm/crypto v0.19.0
go.step.sm/linkedca v0.19.0-rc.1 go.step.sm/linkedca v0.19.0-rc.1
golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90
golang.org/x/net v0.0.0-20220909164309-bea034e7d591 golang.org/x/net v0.0.0-20220909164309-bea034e7d591
golang.org/x/sys v0.0.0-20220405052023-b1e9470b6e64 // indirect golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10 // indirect
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
google.golang.org/api v0.84.0 google.golang.org/api v0.84.0
google.golang.org/genproto v0.0.0-20220617124728-180714bec0ad google.golang.org/genproto v0.0.0-20220617124728-180714bec0ad
@ -146,7 +140,6 @@ require (
go.opencensus.io v0.23.0 // indirect go.opencensus.io v0.23.0 // indirect
go.uber.org/atomic v1.9.0 // indirect go.uber.org/atomic v1.9.0 // indirect
golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb // indirect golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb // indirect
golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10 // indirect
golang.org/x/text v0.3.8-0.20211004125949-5bd84dd9b33b // indirect golang.org/x/text v0.3.8-0.20211004125949-5bd84dd9b33b // indirect
google.golang.org/appengine v1.6.7 // indirect google.golang.org/appengine v1.6.7 // indirect
gopkg.in/yaml.v3 v3.0.0 // indirect gopkg.in/yaml.v3 v3.0.0 // indirect
@ -159,7 +152,3 @@ require (
// use github.com/smallstep/pkcs7 fork with patches applied // use github.com/smallstep/pkcs7 fork with patches applied
replace go.mozilla.org/pkcs7 => github.com/smallstep/pkcs7 v0.0.0-20211016004704-52592125d6f6 replace go.mozilla.org/pkcs7 => github.com/smallstep/pkcs7 v0.0.0-20211016004704-52592125d6f6
replace go.step.sm/crypto => github.com/brandonweeks/crypto v0.16.2-0.20220531234114-45e4f06ca16b
replace github.com/google/go-attestation => github.com/brandonweeks/go-attestation v0.0.0-20220602235615-164122a1d59b

455
go.sum

File diff suppressed because it is too large Load diff