Commit graph

3574 commits

Author SHA1 Message Date
Herman Slatman
419478d1e5
Make SCEP webhook validation look better 2023-04-29 01:15:39 +02:00
Herman Slatman
27cdcaf5ee
Integrate the SCEP webhook with the existing webhook logic 2023-04-28 17:15:05 +02:00
Herman Slatman
05f7ab979f
Create basic webhook for SCEP challenge validation 2023-04-28 15:47:22 +02:00
Mariano Cano
1420c762e0
Merge pull request #1362 from smallstep/fix-1358
Upgrades azure-sdk-for-go to the version used in crypto
2023-04-24 15:45:43 -07:00
Mariano Cano
26afd6c932
Upgrades azure-sdk-for-go to the version used in crypto
This PR upgrades package sdk/keyvault/azkeys to v0.10.0, the same
version used in crypto.

This package wasn't upgraded in certificates and for some reason it
causes an authentication error if a client-id/client-secret is used for
authenticating with KeyVault. Managed identities or CLI authentication
works as expected.

Fixes #1358
2023-04-24 15:36:53 -07:00
github-actions[bot]
6bc2164ea1
Merge pull request #1361 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.9.1
Bump github.com/hashicorp/vault/api from 1.9.0 to 1.9.1
2023-04-24 10:30:37 -07:00
github-actions[bot]
91f51252c5
Merge pull request #1360 from smallstep/dependabot/go_modules/google.golang.org/api-0.119.0
Bump google.golang.org/api from 0.118.0 to 0.119.0
2023-04-24 10:29:36 -07:00
dependabot[bot]
a56b112216
Bump github.com/hashicorp/vault/api from 1.9.0 to 1.9.1
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.9.0 to 1.9.1.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.9.0...v1.9.1)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-24 16:01:08 +00:00
dependabot[bot]
f2fda93cad
Bump google.golang.org/api from 0.118.0 to 0.119.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.118.0 to 0.119.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.118.0...v0.119.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-24 16:00:06 +00:00
github-actions[bot]
4dedbf7678
Merge pull request #1356 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.29.3
Bump go.step.sm/crypto from 0.29.1 to 0.29.3
2023-04-17 09:48:15 -07:00
dependabot[bot]
74414e530b
Bump go.step.sm/crypto from 0.29.1 to 0.29.3
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.29.1 to 0.29.3.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.29.1...v0.29.3)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-17 16:43:02 +00:00
github-actions[bot]
a784038025
Merge pull request #1355 from smallstep/dependabot/go_modules/go.step.sm/cli-utils-0.7.6
Bump go.step.sm/cli-utils from 0.7.5 to 0.7.6
2023-04-17 09:41:31 -07:00
dependabot[bot]
9e198b0e4a
Bump go.step.sm/cli-utils from 0.7.5 to 0.7.6
Bumps [go.step.sm/cli-utils](https://github.com/smallstep/cli-utils) from 0.7.5 to 0.7.6.
- [Release notes](https://github.com/smallstep/cli-utils/releases)
- [Commits](https://github.com/smallstep/cli-utils/compare/v0.7.5...v0.7.6)

---
updated-dependencies:
- dependency-name: go.step.sm/cli-utils
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-17 16:30:29 +00:00
github-actions[bot]
631b773257
Merge pull request #1354 from smallstep/dependabot/go_modules/google.golang.org/api-0.118.0
Bump google.golang.org/api from 0.116.0 to 0.118.0
2023-04-17 09:29:26 -07:00
github-actions[bot]
b59a8f0a9f
Merge pull request #1353 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.14.0
Bump cloud.google.com/go/security from 1.13.0 to 1.14.0
2023-04-17 09:28:18 -07:00
github-actions[bot]
0099ec7244
Merge pull request #1352 from smallstep/dependabot/go_modules/github.com/rs/xid-1.5.0
Bump github.com/rs/xid from 1.4.0 to 1.5.0
2023-04-17 09:27:52 -07:00
dependabot[bot]
0c49d119d5
Bump google.golang.org/api from 0.116.0 to 0.118.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.116.0 to 0.118.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.116.0...v0.118.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-17 15:59:41 +00:00
dependabot[bot]
a7480ebe4f
Bump cloud.google.com/go/security from 1.13.0 to 1.14.0
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.13.0...video/v1.14.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-17 15:59:30 +00:00
dependabot[bot]
c2f2c7176c
Bump github.com/rs/xid from 1.4.0 to 1.5.0
Bumps [github.com/rs/xid](https://github.com/rs/xid) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/rs/xid/releases)
- [Commits](https://github.com/rs/xid/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/rs/xid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-17 15:59:21 +00:00
Max
7ad81a6c54
Merge pull request #1348 from smallstep/max/release-error
[action] Fix docker image name in release workflow
2023-04-12 18:35:43 -07:00
Max
99f9b2fb3e
Update .github/workflows/release.yml
Co-authored-by: Mariano Cano <mariano@smallstep.com>
2023-04-12 18:31:35 -07:00
max furman
574351a8f7
[action] Fix docker image name in release workflow 2023-04-12 18:26:19 -07:00
Mariano Cano
ef337f5285
Merge pull request #1347 from smallstep/v0.24.0-changelog
Add changelog for v0.24.0
2023-04-12 16:06:49 -07:00
Mariano Cano
b5dbeefcc6
Add changelog for v0.24.0 2023-04-12 16:02:31 -07:00
Max
5ec9e761ca
Merge pull request #1299 from smallstep/docker-hsm-glibc
Update Dockerfile.hsm to use debian:bullseye base image
2023-04-12 14:32:11 -07:00
Carl Tashian
3665616015
Deprecate the step-ca-hsm image in favor of step-ca:hsm 2023-04-11 09:40:49 -07:00
Mariano Cano
848e44e5c8
Merge pull request #1345 from smallstep/asn1-functions
Upgrade go.step.sm/crypto with new ASN.1 functions
2023-04-10 14:56:23 -07:00
Mariano Cano
b034c06ac8
Upgrade go.step.sm/crypto with new ASN.1 functions
This commit upgrades go.step.sm/crypto to v0.29.1. This version adds the
following template functions:
- asn1Enc
- asn1Marshal
- asn1Seq
- asn1Set
2023-04-10 14:42:20 -07:00
github-actions[bot]
38c715ca46
Merge pull request #1342 from smallstep/dependabot/go_modules/google.golang.org/api-0.116.0
Bump google.golang.org/api from 0.114.0 to 0.116.0
2023-04-10 12:06:11 -07:00
dependabot[bot]
4133e7d069
Bump google.golang.org/api from 0.114.0 to 0.116.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.114.0 to 0.116.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.114.0...v0.116.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-10 17:27:01 +00:00
github-actions[bot]
2e1e529731
Merge pull request #1343 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.8.0
Bump golang.org/x/crypto from 0.7.0 to 0.8.0
2023-04-10 10:25:43 -07:00
dependabot[bot]
f3bd1d3dbd
Bump golang.org/x/crypto from 0.7.0 to 0.8.0
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.7.0...v0.8.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-10 17:15:51 +00:00
github-actions[bot]
432dd7ce10
Merge pull request #1344 from smallstep/dependabot/go_modules/golang.org/x/net-0.9.0
Bump golang.org/x/net from 0.8.0 to 0.9.0
2023-04-10 10:14:19 -07:00
dependabot[bot]
aeb02e280e
Bump golang.org/x/net from 0.8.0 to 0.9.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-10 16:02:00 +00:00
Herman Slatman
64e39cb0c9
Merge pull request #1063 from smallstep/herman/acme-da-tpm
Add ACME DA TPM attestation
2023-04-07 00:17:03 +02:00
Herman Slatman
cfd65484fc
Update to v0.29.0 of go.step.sm/crypto 2023-04-06 23:41:39 +02:00
Herman Slatman
d9aa2c110f
Increase test coverage for AK certificate properties 2023-04-06 14:35:48 +02:00
Carl Tashian
a815039283
Merge pull request #1340 from smallstep/carl/cosign-flags-update
Update cosign usage note
2023-04-05 14:19:08 -07:00
Carl Tashian
b5baa55a60
Update cosign usage note 2023-04-05 13:09:58 -07:00
Herman Slatman
ed1a62206e
Add additional verification of AK certificate 2023-04-05 01:02:44 +02:00
Herman Slatman
1c38e252a6
Cast alg to a valid COSEAlgorithmIdentifier 2023-04-04 12:22:58 +02:00
Herman Slatman
e25acff13c
Simplify alg validity check 2023-04-03 22:32:26 +02:00
Herman Slatman
dfc56f21b8
Merge branch 'master' into herman/acme-da-tpm 2023-04-03 22:22:53 +02:00
Herman Slatman
9cd4b362f7
Extract the ParseSubjectAlternativeNames function 2023-04-03 22:21:29 +02:00
github-actions[bot]
b4da554aa6
Merge pull request #1337 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.21.0
Bump github.com/newrelic/go-agent/v3 from 3.20.4 to 3.21.0
2023-04-03 10:53:50 -07:00
dependabot[bot]
6905979537
Bump github.com/newrelic/go-agent/v3 from 3.20.4 to 3.21.0
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.20.4 to 3.21.0.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.4...v3.21.0)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-03 16:00:22 +00:00
Herman Slatman
827fcb6a06
Fix the go.mod
- Add comment to why we use fork of `github.com/google/go-attestation`
- Fix require and ordering of imports
2023-04-03 11:56:16 +02:00
Herman Slatman
b6957358fc
Fix PR remarks
- Root CA error message improved
- Looping through intermediate certs
- Change checking unhandled extensions to using `if`
2023-04-03 11:54:22 +02:00
Mariano Cano
023491bcf2
Merge pull request #1336 from smallstep/pr-1051
Remove unused certificate validators and modifiers
2023-04-02 12:15:20 -07:00
Mariano Cano
ac35f3489c
Remove unused certificate validators and modifiers
With the introduction of certificate templates some certificate
validators and modifiers are not used anymore. This commit deletes the
ones that are not used.
2023-03-31 14:54:49 -07:00