alexvanin/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity
2243 commits 34 branches 199 tags 41 MiB
Commit graph

5 commits

Author SHA1 Message Date
Mariano Cano
6d644880bd Allow to kms signers to define the SignatureAlgorithm 
CloudKMS keys signs data using an specific signature algorithm, in RSA keys,
this can be PKCS#1 RSA or RSA-PSS, if the later is used, x509.CreateCertificate
will fail unless the template SignatureCertificate is properly set.

On contrast, AWSKMS RSA keys, are just RSA keys, and can sign with PKCS#1 or
RSA-PSS schemes, so right now the way to enforce one or the other is to used
templates.
 2021-09-08 17:48:50 -07:00
Mariano Cano
163eb7029c Refactor cloudkms signer to return an error on the constructor. 2021-02-19 15:36:55 -08:00
Mariano Cano
d30a95236d Use always go.step.sm/crypto 2020-08-14 15:33:50 -07:00
Mariano Cano
fa8116497c Make Signer public and add contructor NewCloudKMS. 2020-01-21 19:09:21 -08:00
Mariano Cano
dff498f17f Add tests for cloudkms. 2020-01-15 19:32:26 -08:00