Commit graph

10 commits

Author SHA1 Message Date
Mariano Cano
6d644880bd Allow to kms signers to define the SignatureAlgorithm
CloudKMS keys signs data using an specific signature algorithm, in RSA keys,
this can be PKCS#1 RSA or RSA-PSS, if the later is used, x509.CreateCertificate
will fail unless the template SignatureCertificate is properly set.

On contrast, AWSKMS RSA keys, are just RSA keys, and can sign with PKCS#1 or
RSA-PSS schemes, so right now the way to enforce one or the other is to used
templates.
2021-09-08 17:48:50 -07:00
Miclain Keffeler
ffbfcfb1f2 format. 2020-12-28 18:46:21 -06:00
Miclain K Keffeler
f3396bf964
Update softcas.go 2020-12-28 17:10:44 -06:00
Miclain Keffeler
7545b4a625 leverage intermediate_ca.crt for appending certs. 2020-12-23 22:41:10 -06:00
Mariano Cano
b2ae112dd2 Add initial tests for CreateCertificateAuthority. 2020-11-03 12:44:54 -08:00
Mariano Cano
2b4b902975 Add initial support for step ca init with cloud cas.
Fixes smallstep/cli#363
2020-11-03 12:44:28 -08:00
Mariano Cano
e146b3fe16 Add Unit tests for softcas. 2020-09-15 19:37:02 -07:00
Mariano Cano
1550a21f68 Fix unit tests. 2020-09-15 18:14:21 -07:00
Mariano Cano
aad8f9e582 Pass issuer and signer to softCAS options.
Remove commented code and initialize CAS properly.
Minor fixes in CloudCAS.
2020-09-10 19:09:46 -07:00
Mariano Cano
1b1f73dec6 Early attempt to develop a CAS interface. 2020-09-08 19:26:32 -07:00