Herman Slatman
6e11657204
Refactor creation of (raw) EAB JWS contents
2021-12-07 14:57:39 +01:00
Herman Slatman
23898e9b76
Improve EAB JWS validation and increase test coverage
2021-12-07 12:17:41 +01:00
Herman Slatman
d0c23973cc
Merge branch 'master' into hs/acme-eab
2021-12-06 13:01:23 +01:00
Herman Slatman
e7a988b2cd
Pin golangci-lint to v1.43.0 and fix issues
2021-11-13 01:30:03 +01:00
Herman Slatman
dd4b4b0435
Fix remaining gocritic remarks
2021-10-11 23:34:23 +02:00
Herman Slatman
e0b495e4c8
Merge branch 'master' into hs/acme-eab
2021-10-09 01:06:49 +02:00
max furman
933b40a02a
Introduce gocritic linter and address warnings
2021-10-08 14:59:57 -04:00
Herman Slatman
0afea2e957
Improve tests for already bound EAB keys
2021-10-08 13:19:35 +02:00
Herman Slatman
02cd3b6b3b
Fix PR comments
2021-09-16 23:09:24 +02:00
Herman Slatman
f31ca4f6a4
Add tests for validateExternalAccountBinding
2021-08-10 12:39:44 +02:00
Herman Slatman
492256f2d7
Add first test cases for EAB and make provisioner unique per EAB
...
Before this commit, EAB keys could be used CA-wide, meaning that
an EAB credential could be used at any ACME provisioner. This
commit changes that behavior, so that EAB credentials are now
intended to be used with a specific ACME provisioner. I think
that makes sense, because from the perspective of an ACME client
the provisioner is like a distinct CA.
Besides that this commit also includes the first tests for EAB.
The logic for creating the EAB JWS as a client has been taken
from github.com/mholt/acmez. This logic may be moved or otherwise
sourced (i.e. from a vendor) as soon as the step client also
(needs to) support(s) EAB with ACME.
2021-08-09 10:37:32 +02:00
Herman Slatman
d44cd18b96
Add External Accounting Binding key "BoundAt" marking
2021-07-17 19:02:47 +02:00
max furman
672e3f976e
Few ACME fixes ...
...
- always URL escape linker output
- validateJWS should accept RSAPSS
- GetUpdateAccount -> GetOrUpdateAccount
2021-04-12 19:06:07 -07:00
max furman
b6ebc0fd25
more unit tests
2021-03-25 12:05:46 -07:00
max furman
074ab7b221
[acme db interface] add linker tests
2021-03-25 12:05:46 -07:00
max furman
8d2ebcfd49
[acme db interface] more unit tests
2021-03-25 12:05:46 -07:00
max furman
20b9785d20
[acme db interface] continuing unit test work
2021-03-25 12:05:46 -07:00
max furman
f71e27e787
[acme db interface] unit test progress
2021-03-25 12:05:46 -07:00
max furman
f20fcae80e
[acme db interface] wip unit test fixing
2021-03-25 12:05:46 -07:00
Mariano Cano
ba918100d0
Use go.step.sm/crypto/jose
...
Replace use of github.com/smallstep/cli/crypto with the new package
go.step.sm/crypto/jose.
2020-08-24 14:44:11 -07:00
max furman
e1409349f3
Allow relative URL for all links in ACME api ...
...
* Pass the request context all the way down the ACME stack.
* Save baseURL in context and use when generating ACME urls.
2020-05-14 17:32:54 -07:00
max furman
4cb777bdc1
ACME accountUpdate ignore fields not recognized by the server.
2020-05-08 11:52:30 -07:00
max furman
c255274572
Should be returning status code 400 for ACME Account Not Found.
...
Issue #173
2020-02-01 17:35:41 -08:00
max furman
e3826dd1c3
Add ACME CA capabilities
2019-09-13 15:48:33 -07:00