Raal Goff
8545adea92
change GenerateCertificateRevocationList to return DER, store DER in db instead of PEM, nicer PEM encoding of CRL, add Mock stubs
2021-11-02 13:26:07 +08:00
max furman
933b40a02a
Introduce gocritic linter and address warnings
2021-10-08 14:59:57 -04:00
max furman
9fdef64709
Admin level API for provisioner mgmt v1
2021-07-02 19:05:17 -07:00
Mariano Cano
c1c986922b
Show Ed25519 in the public-key log field.
2021-05-06 18:09:40 -07:00
max furman
f88f58440f
add //nolint for new 1.16 deprecation warnings
...
- dsa
- pem.DecryptPEMBlock
2021-02-18 20:14:20 -08:00
Mariano Cano
ba918100d0
Use go.step.sm/crypto/jose
...
Replace use of github.com/smallstep/cli/crypto with the new package
go.step.sm/crypto/jose.
2020-08-24 14:44:11 -07:00
Mariano Cano
4943ae58d8
Move TLSOption, TLSVersion, CipherSuites and ASN1DN to certificates.
2020-08-10 15:29:18 -07:00
Mariano Cano
e83e47a91e
Use sshutil and randutil from go.step.sm/crypto.
2020-08-10 11:26:51 -07:00
Mariano Cano
6c64fb3ed2
Rename provisioner options structs:
...
* provisioner.ProvisionerOptions => provisioner.Options
* provisioner.Options => provisioner.SignOptions
* provisioner.SSHOptions => provisioner.SingSSHOptions
2020-07-22 18:24:45 -07:00
max furman
fd05f3249b
A few last fixes and tests added for rekey/renew ...
...
- remove all `renewOrRekey`
- explicitly test difference between renew and rekey (diff pub keys)
- add back tests for renew
2020-07-09 12:11:40 -07:00
dharanikumar-s
dfda497929
Renamed RenewOrRekey to Rekey
2020-07-08 11:47:59 +05:30
dharanikumar-s
a3b5211e0f
gofmted the code
2020-07-05 22:40:36 +05:30
dharanikumar-s
954fda657b
Added renewOrRekey to mockAuthority. Added Test_caHandler_Rekey
2020-07-05 22:05:00 +05:30
Mariano Cano
fa416336a8
Add context to tests.
2020-03-10 19:17:32 -07:00
max furman
1cb8bb3ae1
Simplify statuscoder error generators.
2020-01-28 13:29:40 -08:00
max furman
dccbdf3a90
Introduce generalized statusCoder errors and loads of ssh unit tests.
...
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
2020-01-28 13:29:40 -08:00
Mariano Cano
dedf6b17be
Addapt tests to the api change.
2020-01-28 13:29:39 -08:00
Mariano Cano
b179ad3662
Fix api tests.
2020-01-28 13:29:39 -08:00
Mariano Cano
8bf3bf701e
Add support for /ssh/bastion method.
2020-01-28 13:28:16 -08:00
Mariano Cano
0ae9bab21e
Fix api tests.
2020-01-28 13:28:16 -08:00
Mariano Cano
d880a98295
Add tests for ssh api methods.
2020-01-28 13:28:16 -08:00
Mariano Cano
d08db4df23
Rename SSH methods.
2020-01-28 13:28:16 -08:00
Mariano Cano
91130b9c3f
Add support for user data in templates.
2020-01-28 13:28:16 -08:00
Mariano Cano
a35988ff08
Add initial support for ssh config.
...
Related to smallstep/cli#170
2020-01-28 13:28:16 -08:00
Mariano Cano
961be1fbc7
Add endpoint to return the SSH public keys.
...
Related to smallstep/ca-component#195
2020-01-28 13:28:16 -08:00
Jozef Kralik
bc6074f596
Change api of functions Authority.Sign, Authority.Renew
...
Returns certificate chain instead of 2 members.
Implements #126
2019-10-09 22:23:00 +02:00
max furman
e3826dd1c3
Add ACME CA capabilities
2019-09-13 15:48:33 -07:00
max furman
61d52a8510
Small fixes associated with PR review
...
* additions and grammar edits to documentation
* clarification of error msgs
2019-09-08 21:05:36 -07:00
Mariano Cano
10e7b81b9f
Merge branch 'master' into ssh-ca
2019-09-05 23:06:01 +02:00
max furman
2b41faa9cf
Enforce >= 2048 bit rsa keys at the provisioner layer
...
* Fixes #94
* In the future this should be configurable by provisioner
2019-08-27 14:44:59 -07:00
Mariano Cano
ca74bb1de5
Add ssh api tests.
2019-08-05 16:06:05 -07:00
Mariano Cano
ba2ba54928
Adapt api package to new interfaces.
2019-07-29 12:52:13 -07:00
max furman
ab4d569f36
Add /revoke API with interface db backend
2019-04-10 13:50:35 -07:00
Mariano Cano
64f2615864
Fix tests.
2019-03-25 12:35:21 -07:00
Mariano Cano
a97ea87caa
Move options to provisioner so we can set the duration of the cert.
2019-03-07 15:14:18 -08:00
Mariano Cano
aa8385b8ba
Fix api tests.
2019-03-07 13:15:07 -08:00
Mariano Cano
bcaba4f72a
Fix api tests.
2019-03-06 18:41:01 -08:00
Mariano Cano
adbc496b40
Improve tests
2019-02-20 12:18:13 -08:00
Mariano Cano
b974957868
Add certificate information to logs.
...
Fixes smallstep/ca-component#147
2019-02-19 19:48:18 -08:00
Mariano Cano
8252608ca2
Fix mock
2019-01-14 14:33:00 -08:00
Mariano Cano
518b597535
Remove mTLS client requirement in /roots and /federation
2019-01-11 19:08:08 -08:00
Mariano Cano
d296cf95a9
Add mTLS request to get all the root CAs, not the federated ones.
2019-01-07 17:48:56 -08:00
Mariano Cano
37149ed3ea
Add method to get all the certs.
2019-01-04 16:51:37 -08:00
max furman
c74fcd57a7
ca-component -> certificates
...
* fix redundant error check
* add README
2018-10-31 21:36:01 -07:00
max furman
0d9dd2d14b
provisioner issuer -> name
2018-10-29 18:00:30 -07:00
Mariano Cano
e54086662f
Add tests with cursors.
2018-10-25 19:28:45 -07:00
Mariano Cano
99cab73360
Remove unused import /provisioners/jwk-set-by-issuer
2018-10-25 18:55:18 -07:00
Mariano Cano
0ccf775f2e
Add support for cursors in the api.
2018-10-25 18:53:13 -07:00
max furman
ee7db4006a
change sign + authorize authority api | add provisioners
...
* authorize returns []interface{}
- operators in this list can conform to any interface the user decides
- our implementation has a combination of certificate claim validators
and certificate template modifiers.
* provisioners can set and enforce tls cert options
2018-10-18 22:26:39 -07:00
max furman
828798418c
gofmt
2018-10-15 15:27:14 -07:00