Mariano Cano
6d644880bd
Allow to kms signers to define the SignatureAlgorithm
...
CloudKMS keys signs data using an specific signature algorithm, in RSA keys,
this can be PKCS#1 RSA or RSA-PSS, if the later is used, x509.CreateCertificate
will fail unless the template SignatureCertificate is properly set.
On contrast, AWSKMS RSA keys, are just RSA keys, and can sign with PKCS#1 or
RSA-PSS schemes, so right now the way to enforce one or the other is to used
templates.
2021-09-08 17:48:50 -07:00
Mariano Cano
de719eb6f0
Add an option to avoid password prompts on step cas
...
When we are using `step ca init` to create a stepcas RA we don't
have access to the password for verify the provisioner.
2021-08-04 16:16:35 -07:00
max furman
77fdfc9fa3
Merge branch 'master' into max/cert-mgr-crud
2021-07-02 20:26:46 -07:00
max furman
9fdef64709
Admin level API for provisioner mgmt v1
2021-07-02 19:05:17 -07:00
Mariano Cano
35e6cc275a
Fix typos in comments.
2021-06-23 09:35:14 +02:00
Mariano Cano
dce1b290bd
Remove debug statements.
2021-06-08 17:57:24 -07:00
Mariano Cano
ac3c754a6d
Use known CA and add tier and gcs bucket options.
2021-06-08 17:43:52 -07:00
Mariano Cano
529eb4bae9
Rename CAPool to CaPool.
2021-06-07 19:20:23 -07:00
Mariano Cano
9db68db509
Add tests with cloudCAS EnableCertificateAuthority.
2021-06-07 19:17:30 -07:00
Mariano Cano
48bc4e549d
Fix cloudcas tests.
2021-06-07 15:53:29 -07:00
Mariano Cano
072bd0dcf4
Add support for Google CAS v1
2021-06-03 19:31:19 -07:00
Herman Slatman
491c2b8d93
Improve initialization of SCEP authority
2021-05-26 16:10:21 -07:00
Herman Slatman
2a249d20de
Refactor initialization of SCEP authority
2021-05-26 16:04:19 -07:00
Herman Slatman
c5e4ea08b3
Merge branch 'master' into hs/scep
2021-03-26 15:22:41 +01:00
Mariano Cano
84018ec71b
Clarify comment.
2021-03-25 11:07:58 -07:00
Mariano Cano
a9297100d8
Allow to configure the JWK using the encrypted key.
2021-03-24 19:05:56 -07:00
Mariano Cano
d9f93ccfde
Fix typo.
2021-03-24 12:06:29 -07:00
Mariano Cano
edc7c4d90e
Add support for password encrypted files
2021-03-23 17:54:42 -07:00
Mariano Cano
80542d6d9a
Add JWK as an issuer for stepcas.
2021-03-23 16:14:49 -07:00
Mariano Cano
ce3e6bfdf6
Fix linting errors.
2021-03-22 13:45:20 -07:00
Mariano Cano
96de4e6ec8
Return a non-implemented error in stepcas.RenewCertificate.
2021-03-22 12:56:12 -07:00
Mariano Cano
348815f4f6
Fix error message.
2021-03-22 11:51:11 -07:00
Herman Slatman
583d60dc0d
Address (most) PR comments
2021-03-21 16:42:41 +01:00
Mariano Cano
e7a6c46e54
Fix linting errors.
2021-03-19 14:21:47 -07:00
Mariano Cano
08e75b614e
Do not depend on Go 1.16.
2021-03-19 13:23:32 -07:00
Mariano Cano
6fd6270e7d
Remove debug statements.
2021-03-19 13:21:14 -07:00
Mariano Cano
7958f6ebb5
Add support for lifetime.
2021-03-19 13:19:49 -07:00
Mariano Cano
ae4b8f58b8
Add support for emails, ips and uris.
2021-03-19 12:02:03 -07:00
Mariano Cano
dbb48ecf8d
Add tests for stepcas.
2021-03-18 18:01:38 -07:00
Mariano Cano
bcf70206ac
Add support for revocation using an extra provisioner in the RA.
2021-03-17 19:47:36 -07:00
Mariano Cano
a6115e29c2
Add initial implementation of StepCAS.
...
StepCAS allows to configure step-ca as an RA using another step-ca
as the main CA.
2021-03-17 19:33:35 -07:00
Herman Slatman
e1cab4966f
Improve initialization of SCEP authority
2021-03-12 15:49:39 +01:00
Herman Slatman
7ad90d10b3
Refactor initialization of SCEP authority
2021-02-26 00:32:21 +01:00
Miclain Keffeler
ffbfcfb1f2
format.
2020-12-28 18:46:21 -06:00
Miclain K Keffeler
7a1eb43bb1
Update options.go
2020-12-28 17:12:37 -06:00
Miclain K Keffeler
f3396bf964
Update softcas.go
2020-12-28 17:10:44 -06:00
Miclain Keffeler
7545b4a625
leverage intermediate_ca.crt for appending certs.
2020-12-23 22:41:10 -06:00
Mariano Cano
a97fab4119
Fix mispell.
2020-11-03 12:48:48 -08:00
Mariano Cano
b057c6677a
Use test/bufconn instead of a real listener.
2020-11-03 12:45:31 -08:00
Mariano Cano
4f9200cc47
Add missing docs.
2020-11-03 12:45:31 -08:00
Mariano Cano
41a46bbd75
Enable default cas implementation.
2020-11-03 12:45:31 -08:00
Mariano Cano
7020011842
Add some extra tests.
2020-11-03 12:45:31 -08:00
Mariano Cano
7aa8a8fe1e
Complete tests for softCAS.
2020-11-03 12:45:31 -08:00
Mariano Cano
bb4f2aef2f
Fix lint error.
2020-11-03 12:45:31 -08:00
Mariano Cano
b275758018
Complete CloudCAS tests.
...
Upgrade cloud.google.com/go
2020-11-03 12:45:31 -08:00
Mariano Cano
10c2ce3071
Add missing files, mocks created using mockgen.
2020-11-03 12:44:54 -08:00
Mariano Cano
b2ae112dd2
Add initial tests for CreateCertificateAuthority.
2020-11-03 12:44:54 -08:00
Mariano Cano
b68344ec36
Fix unexpected error.
2020-11-03 12:44:54 -08:00
Mariano Cano
dff00a0218
Add support for local signing or cloudCAS intermediates.
2020-11-03 12:44:54 -08:00
Mariano Cano
2b4b902975
Add initial support for step ca init
with cloud cas.
...
Fixes smallstep/cli#363
2020-11-03 12:44:28 -08:00