Commit graph

1657 commits

Author SHA1 Message Date
Mariano Cano
6c113542c8 Fix ecdsa signature verification test. 2021-01-28 11:38:21 -08:00
Carl Tashian
9fd0964e1c Add SystemCallFilter=@system-service 2021-01-28 09:45:20 -08:00
Carl Tashian
2af73881d7 Add ProtectHome=true 2021-01-28 07:48:21 -08:00
Mariano Cano
35bf9b787e Implement ecdsa.VerifyASN1 to be compatible with go < 1.15 2021-01-27 20:35:42 -08:00
Mariano Cano
d9da150a5f Fix test. 2021-01-27 20:23:45 -08:00
Mariano Cano
294f84b8d4 Add initial set of unit tests for pkcs11 kms. 2021-01-27 20:17:14 -08:00
Carl Tashian
82f82d438c Add systemd files 2021-01-27 17:29:29 -08:00
Mariano Cano
6c0cf99b24 Upgrade nosql with a 32-bit version of badger. 2021-01-27 11:02:56 -08:00
Mariano Cano
a6c784d5dd Add missing pkcs11 package. 2021-01-26 20:15:57 -08:00
Mariano Cano
8dca652bc7 Add support for PKCS #11 KMS.
The implementation works with YubiHSM2. Unit tests are still pending.

Fixes #301
2021-01-26 20:03:53 -08:00
Mariano Cano
c61222de1d Upgrade nosql version.
nosql has newer version of badgers v1 and v2.
2021-01-21 18:03:55 -08:00
Max
fc93d60c5d
Merge pull request #453 from smallstep/max/csr-san-empty
Allow empty SAN in CSR for validation ...
2021-01-14 19:30:11 -06:00
max furman
16665c97f0 Allow empty SAN in CSR for validation ...
- The default template will always use the SANs from the token.
- If there are any SANs they must be validated against the token.
2021-01-14 15:26:46 -06:00
Mariano Cano
00c6f08612
Merge pull request #440 from mkkeffeler/smallstep-by-provisioner-appendedcert
Begins to fix issue 87
2020-12-28 17:49:00 -08:00
Miclain Keffeler
ffbfcfb1f2 format. 2020-12-28 18:46:21 -06:00
Miclain K Keffeler
7a1eb43bb1
Update options.go 2020-12-28 17:12:37 -06:00
Miclain K Keffeler
f3396bf964
Update softcas.go 2020-12-28 17:10:44 -06:00
Mariano Cano
71a8e87eec Update go.sum with new version of go-piv. 2020-12-28 14:50:33 -08:00
Mariano Cano
6598ea9d73
Merge pull request #441 from gaffneyd4/gaffneyd4/x32
Bump go-piv to v1.7.0 for x32 overflow fix
2020-12-28 14:49:23 -08:00
Derek Gaffney
8416bd633d Bump go-piv to v1.7.0 for x32 overflow fix 2020-12-27 20:27:39 -05:00
Miclain Keffeler
e9bfa061b8 Merge branch 'smallstep-by-provisioner-appendedcert' of https://github.com/mkkeffeler/certificates into smallstep-by-provisioner-appendedcert 2020-12-23 22:46:41 -06:00
Miclain Keffeler
cf063d1f4a Revert "Begins to fix issue 87"
This reverts commit e2ba4159c3.
2020-12-23 22:46:21 -06:00
Miclain Keffeler
21dc406382 Begins to fix issue 87 2020-12-23 22:46:21 -06:00
Miclain Keffeler
bfd13f1f72 Revert "Begins to fix issue 87"
This reverts commit e2ba4159c3.
2020-12-23 22:43:47 -06:00
Miclain Keffeler
393c43201f Merge branch 'smallstep-by-provisioner-appendedcert' of https://github.com/mkkeffeler/certificates into smallstep-by-provisioner-appendedcert 2020-12-23 22:41:36 -06:00
Miclain Keffeler
7545b4a625 leverage intermediate_ca.crt for appending certs. 2020-12-23 22:41:10 -06:00
Miclain Keffeler
e2ba4159c3 Begins to fix issue 87 2020-12-22 16:39:39 -06:00
Max
c255863816
Merge pull request #438 from smallstep/max/broken-validate-challenge-test
Fix broken ValidateChallenge test
2020-12-18 18:24:47 -05:00
max furman
265d49dbf8 Remove debug statement 2020-12-18 18:17:55 -05:00
max furman
1f9aa65d66 Add test case 2020-12-18 17:05:25 -05:00
max furman
20f8d950c4 Fix broken ValidateChallenge test 2020-12-18 11:18:42 -05:00
Mariano Cano
bae209741f
Merge pull request #436 from smallstep/upgrade-crypto
Upgrade crypto and validate token id
2020-12-17 15:12:32 -08:00
Mariano Cano
5017b7d21f Recalculate token id instead of validating it. 2020-12-17 14:52:34 -08:00
Mariano Cano
86c947babc Upgrade crypto and fix test. 2020-12-17 14:17:08 -08:00
Mariano Cano
0cf594a003 Validate payload ID.
Related to #435
2020-12-17 13:35:14 -08:00
Mariano Cano
d6ea8b13ab Upgrade crypto.
Related to #435
2020-12-17 13:34:50 -08:00
Mariano Cano
1feb4fcb26 Merge branch 'glance--sshagentkms' 2020-11-18 17:53:15 -08:00
Mariano Cano
ccc403cf89 Fix comments, and return an error instead of fatal. 2020-11-18 17:50:21 -08:00
Mariano Cano
7d9997618f Upgrade crypto to v0.7.1
Add basic constraints extensions if defined.
2020-11-18 16:57:24 -08:00
max furman
19a3cd10a1 [docs] provisioners fix attr dupe and give warning about stale docs 2020-11-18 16:57:24 -08:00
Mariano Cano
2c164f39cc Fix rebase. 2020-11-18 16:57:24 -08:00
Mariano Cano
317a6b6aca Fix mispell. 2020-11-18 16:57:24 -08:00
Mariano Cano
0fcf9f8bc4 Use test/bufconn instead of a real listener. 2020-11-18 16:57:24 -08:00
Mariano Cano
a0171c221e Add missing docs. 2020-11-18 16:57:24 -08:00
Mariano Cano
74111d4432 Enable default cas implementation. 2020-11-18 16:57:24 -08:00
Mariano Cano
dfdbf493ac Add some extra tests. 2020-11-18 16:57:24 -08:00
Mariano Cano
b4795fcd28 Complete tests for softCAS. 2020-11-18 16:57:24 -08:00
Mariano Cano
1c77538d48 Fix lint error. 2020-11-18 16:57:24 -08:00
Mariano Cano
a01c3defc0 Complete CloudCAS tests.
Upgrade cloud.google.com/go
2020-11-18 16:57:24 -08:00
Mariano Cano
fb1f37648f Add missing files, mocks created using mockgen. 2020-11-18 16:57:24 -08:00