TrueCloudLab/certificates
16
0
Fork 2
Code Issues 1 Pull requests 1 Releases Activity Actions
2330 commits 34 branches 199 tags 42 MiB
Commit graph

29 commits

Author SHA1 Message Date
Herman Slatman
e0b495e4c8
Merge branch 'master' into hs/acme-eab 2021-10-09 01:06:49 +02:00
max furman
933b40a02a Introduce gocritic linter and address warnings 2021-10-08 14:59:57 -04:00
Herman Slatman
0afea2e957
Improve tests for already bound EAB keys 2021-10-08 13:19:35 +02:00
Herman Slatman
02cd3b6b3b
Fix PR comments 2021-09-16 23:09:24 +02:00
Herman Slatman
1dba8698e3
Use LinkedCA.EABKey type in ACME EAB API 2021-08-27 12:39:37 +02:00
Herman Slatman
f31ca4f6a4
Add tests for validateExternalAccountBinding 2021-08-10 12:39:44 +02:00
Herman Slatman
492256f2d7
Add first test cases for EAB and make provisioner unique per EAB 
Before this commit, EAB keys could be used CA-wide, meaning that
an EAB credential could be used at any ACME provisioner. This
commit changes that behavior, so that EAB credentials are now
intended to be used with a specific ACME provisioner. I think
that makes sense, because from the perspective of an ACME client
the provisioner is like a distinct CA.

Besides that this commit also includes the first tests for EAB.
The logic for creating the EAB JWS as a client has been taken
from github.com/mholt/acmez. This logic may be moved or otherwise
sourced (i.e. from a vendor) as soon as the step client also
(needs to) support(s) EAB with ACME.
 2021-08-09 10:37:32 +02:00
Herman Slatman
c6bfc6eac2
Fix PR comments 2021-07-22 23:48:41 +02:00
Herman Slatman
d669f3cb14
Fix misspelling 2021-07-17 20:39:12 +02:00
Herman Slatman
540d5fbbdc
Fix marshaling -> marshalling 2021-07-17 20:35:44 +02:00
Herman Slatman
2110c7722f
Fix JWK payload key equality check 2021-07-17 20:29:12 +02:00
Herman Slatman
d44cd18b96
Add External Accounting Binding key "BoundAt" marking 2021-07-17 19:02:47 +02:00
Herman Slatman
f81d49d963
Add first working version of External Account Binding 2021-07-17 17:35:44 +02:00
max furman
b1888fd34d Use different method for unescpaed paths for the router 2021-04-14 15:11:15 -07:00
max furman
672e3f976e Few ACME fixes ... 
- always URL escape linker output
- validateJWS should accept RSAPSS
- GetUpdateAccount -> GetOrUpdateAccount
 2021-04-12 19:06:07 -07:00
max furman
a785131d09 Fix lint issues 2021-03-25 15:15:32 -07:00
max furman
8d2ebcfd49 [acme db interface] more unit tests 2021-03-25 12:05:46 -07:00
max furman
20b9785d20 [acme db interface] continuing unit test work 2021-03-25 12:05:46 -07:00
max furman
f20fcae80e [acme db interface] wip unit test fixing 2021-03-25 12:05:46 -07:00
max furman
fc395f4d69 [acme db interface] compiles! 2021-03-25 12:05:46 -07:00
max furman
116869ebc5 [acme db interface] wip 2021-03-25 12:05:46 -07:00
max furman
80a6640103 [acme db interface] wip 2021-03-25 12:05:46 -07:00
max furman
1135ae04fc [acme db interface] wip 2021-03-25 12:05:46 -07:00
max furman
2ae43ef2dc [acme db interface] wip errors 2021-03-25 12:05:46 -07:00
max furman
e1409349f3 Allow relative URL for all links in ACME api ... 
* Pass the request context all the way down the ACME stack.
* Save baseURL in context and use when generating ACME urls.
 2020-05-14 17:32:54 -07:00
max furman
4cb777bdc1 ACME accountUpdate ignore fields not recognized by the server. 2020-05-08 11:52:30 -07:00
max furman
c255274572 Should be returning status code 400 for ACME Account Not Found. 
Issue #173
 2020-02-01 17:35:41 -08:00
max furman
d368791606 Add x5c provisioner capabilities 2019-10-14 14:51:37 -07:00
max furman
e3826dd1c3 Add ACME CA capabilities 2019-09-13 15:48:33 -07:00