Mariano Cano
6ba20209c2
Verify CSR key fingerprint with attestation certificate key
...
This commit makes sure that the attestation certificate key matches the
key used on the CSR on an ACME device attestation flow.
2023-02-09 16:48:43 -08:00
dependabot[bot]
c9814be699
Bump google.golang.org/api from 0.108.0 to 0.109.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.108.0 to 0.109.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.108.0...v0.109.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 15:10:38 +00:00
Herman Slatman
da00046a61
Merge pull request #1235 from smallstep/herman/acme-da-subject-check
...
Improve validation and error messages for Orders with Permanent Identifier
2023-02-02 23:50:40 +01:00
Herman Slatman
0f1c509e4b
Remove debug utility
2023-01-31 23:48:53 +01:00
Max
0c5e7f1b5c
Merge pull request #1245 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.23.2
...
Bump go.step.sm/crypto from 0.23.1 to 0.23.2
2023-01-30 09:39:43 -08:00
dependabot[bot]
9a539f22fc
Bump go.step.sm/crypto from 0.23.1 to 0.23.2
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.23.1 to 0.23.2.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.23.1...v0.23.2 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-30 15:14:01 +00:00
dependabot[bot]
c32e84b436
Bump google.golang.org/grpc from 1.52.0 to 1.52.3
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.52.0 to 1.52.3.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.52.0...v1.52.3 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-30 15:13:21 +00:00
Herman Slatman
7c632629dd
Merge branch 'master' into herman/acme-da-subject-check
2023-01-26 15:52:45 +01:00
Herman Slatman
1c38113e44
Add ACME Subproblem
for more detailed ACME client-side errors
...
When validating an ACME challenge (`device-attest-01` in this case,
but it's also true for others), and validation fails, the CA didn't
return a lot of information about why the challenge had failed. By
introducing the ACME `Subproblem` type, an ACME `Error` can include
some additional information about what went wrong when validating
the challenge.
This is a WIP commit. The `Subproblem` isn't created in many code
paths yet, just for the `step` format at the moment. Will probably
follow up with some more improvements to how the ACME error is
handled. Also need to cleanup some debug things (q.Q)
2023-01-26 13:29:31 +01:00
Max
fc452e560c
Merge pull request #1236 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.20.3
...
Bump github.com/newrelic/go-agent/v3 from 3.20.2 to 3.20.3
2023-01-23 12:15:22 -08:00
Max
4621b95f38
Merge pull request #1237 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.12
...
Bump github.com/urfave/cli from 1.22.11 to 1.22.12
2023-01-23 12:12:38 -08:00
Max
2d174472e7
Merge pull request #1238 from smallstep/dependabot/go_modules/google.golang.org/api-0.108.0
...
Bump google.golang.org/api from 0.107.0 to 0.108.0
2023-01-23 12:07:26 -08:00
dependabot[bot]
cb8a2ee69f
Bump github.com/hashicorp/vault/api from 1.8.2 to 1.8.3
...
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault ) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.2...v1.8.3 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:07:04 +00:00
dependabot[bot]
626a3a87b4
Bump google.golang.org/api from 0.107.0 to 0.108.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.107.0 to 0.108.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.107.0...v0.108.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:06:54 +00:00
dependabot[bot]
925a228656
Bump github.com/urfave/cli from 1.22.11 to 1.22.12
...
Bumps [github.com/urfave/cli](https://github.com/urfave/cli ) from 1.22.11 to 1.22.12.
- [Release notes](https://github.com/urfave/cli/releases )
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md )
- [Commits](https://github.com/urfave/cli/compare/v1.22.11...v1.22.12 )
---
updated-dependencies:
- dependency-name: github.com/urfave/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:06:37 +00:00
dependabot[bot]
07fd03c3f3
Bump github.com/newrelic/go-agent/v3 from 3.20.2 to 3.20.3
...
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent ) from 3.20.2 to 3.20.3.
- [Release notes](https://github.com/newrelic/go-agent/releases )
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md )
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.2...v3.20.3 )
---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:06:26 +00:00
Max
5bab65aa49
Merge pull request #1232 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.11
...
Bump github.com/urfave/cli from 1.22.10 to 1.22.11
2023-01-18 14:09:29 -08:00
Max
925f32e82f
Merge pull request #1231 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.52.0
...
Bump google.golang.org/grpc from 1.51.0 to 1.52.0
2023-01-18 14:08:53 -08:00
dependabot[bot]
fb39fccf6a
Bump github.com/urfave/cli from 1.22.10 to 1.22.11
...
Bumps [github.com/urfave/cli](https://github.com/urfave/cli ) from 1.22.10 to 1.22.11.
- [Release notes](https://github.com/urfave/cli/releases )
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md )
- [Commits](https://github.com/urfave/cli/compare/v1.22.10...v1.22.11 )
---
updated-dependencies:
- dependency-name: github.com/urfave/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:56:04 +00:00
dependabot[bot]
29deb4befa
Bump google.golang.org/grpc from 1.51.0 to 1.52.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.51.0 to 1.52.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.51.0...v1.52.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:54:27 +00:00
dependabot[bot]
98cb439b41
Bump google.golang.org/api from 0.106.0 to 0.107.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.106.0 to 0.107.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.106.0...v0.107.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:51:18 +00:00
Max
ac4d5e63ab
Merge pull request #1221 from smallstep/dependabot/go_modules/google.golang.org/api-0.106.0
...
Bump google.golang.org/api from 0.105.0 to 0.106.0
2023-01-09 09:27:00 -08:00
Max
985a0e4858
Merge pull request #1220 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.5.0
...
Bump golang.org/x/crypto from 0.4.0 to 0.5.0
2023-01-09 09:26:27 -08:00
dependabot[bot]
34dc119cf7
Bump google.golang.org/api from 0.105.0 to 0.106.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.105.0 to 0.106.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.105.0...v0.106.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 17:21:18 +00:00
Max
9cc35d1505
Merge branch 'master' into dependabot/go_modules/golang.org/x/crypto-0.5.0
2023-01-09 09:20:07 -08:00
dependabot[bot]
e7a4a1f43c
Bump cloud.google.com/go/security from 1.10.0 to 1.11.0
...
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go ) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.10.0...asset/v1.11.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 17:19:52 +00:00
Max
8ba1b44cd8
Merge pull request #1218 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.4.0
...
Bump cloud.google.com/go/longrunning from 0.3.0 to 0.4.0
2023-01-09 09:16:41 -08:00
dependabot[bot]
dae0ba9008
Bump golang.org/x/crypto from 0.4.0 to 0.5.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 15:09:50 +00:00
dependabot[bot]
32f4908310
Bump cloud.google.com/go/longrunning from 0.3.0 to 0.4.0
...
Bumps [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/longrunning
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 15:09:21 +00:00
dependabot[bot]
c5c07be298
Bump golang.org/x/net from 0.4.0 to 0.5.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 15:08:56 +00:00
Max
85f6554c5e
Merge pull request #1210 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.4.0
...
Bump golang.org/x/crypto from 0.3.0 to 0.4.0
2022-12-20 12:23:22 -08:00
Max
001c156b28
Merge pull request #1208 from smallstep/dependabot/go_modules/google.golang.org/api-0.105.0
...
Bump google.golang.org/api from 0.104.0 to 0.105.0
2022-12-20 12:17:36 -08:00
dependabot[bot]
27a50d50d3
Bump golang.org/x/crypto from 0.3.0 to 0.4.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 15:06:33 +00:00
dependabot[bot]
75ffbae5a7
Bump github.com/newrelic/go-agent/v3 from 3.20.1 to 3.20.2
...
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent ) from 3.20.1 to 3.20.2.
- [Release notes](https://github.com/newrelic/go-agent/releases )
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md )
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.1...v3.20.2 )
---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 15:06:26 +00:00
dependabot[bot]
a4e64665da
Bump google.golang.org/api from 0.104.0 to 0.105.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.104.0 to 0.105.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.104.0...v0.105.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 15:06:20 +00:00
Max
3fb38a3c14
Merge pull request #1203 from smallstep/dependabot/go_modules/google.golang.org/api-0.104.0
...
Bump google.golang.org/api from 0.103.0 to 0.104.0
2022-12-14 09:38:21 -08:00
dependabot[bot]
e07734d90d
Bump google.golang.org/api from 0.103.0 to 0.104.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.103.0 to 0.104.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.103.0...v0.104.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-14 06:38:13 +00:00
dependabot[bot]
260f40c6bc
Bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3
...
Bumps [github.com/Masterminds/sprig/v3](https://github.com/Masterminds/sprig ) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/Masterminds/sprig/releases )
- [Changelog](https://github.com/Masterminds/sprig/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Masterminds/sprig/compare/v3.2.2...v3.2.3 )
---
updated-dependencies:
- dependency-name: github.com/Masterminds/sprig/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-14 06:38:00 +00:00
dependabot[bot]
47dad19bbc
Bump golang.org/x/net from 0.2.0 to 0.4.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.2.0 to 0.4.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.2.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-12 15:08:15 +00:00
Max
262814ac43
Merge pull request #1191 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.51.0
...
Bump google.golang.org/grpc from 1.50.1 to 1.51.0
2022-11-21 09:13:21 -08:00
dependabot[bot]
596be4bec7
Bump google.golang.org/grpc from 1.50.1 to 1.51.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.50.1 to 1.51.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.50.1...v1.51.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-21 15:23:16 +00:00
dependabot[bot]
afc81d96d8
Bump github.com/newrelic/go-agent/v3 from 3.20.0 to 3.20.1
...
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent ) from 3.20.0 to 3.20.1.
- [Release notes](https://github.com/newrelic/go-agent/releases )
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md )
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.0...v3.20.1 )
---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-21 15:23:08 +00:00
dependabot[bot]
51503dabac
Bump google.golang.org/api from 0.102.0 to 0.103.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.102.0 to 0.103.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.102.0...v0.103.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-14 17:23:29 +00:00
dependabot[bot]
f63a01a4de
Bump golang.org/x/net from 0.1.0 to 0.2.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.1.0 to 0.2.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.1.0...v0.2.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-14 15:07:09 +00:00
Mariano Cano
07c56f577a
Add support for linked RA renewals
2022-11-08 14:25:54 -08:00
Mariano Cano
b31cf1fc18
Fix merge and use last version of linkedca
2022-11-08 10:12:19 -08:00
Mariano Cano
3ef73fa66b
Upgrade go.step.sm/crypto
2022-11-07 17:51:19 -08:00
dependabot[bot]
ae684a557a
Bump cloud.google.com/go/security from 1.9.0 to 1.10.0
...
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go ) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.9.0...asset/v1.10.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 22:16:22 +00:00
max furman
d4e81723ee
Updates for deprecated google cloud security APIs
2022-11-07 11:31:57 -08:00
Max
55a684fe5a
Merge pull request #1162 from smallstep/dependabot/go_modules/google.golang.org/api-0.102.0
...
Bump google.golang.org/api from 0.101.0 to 0.102.0
2022-11-07 11:21:59 -08:00