max furman
933b40a02a
Introduce gocritic linter and address warnings
2021-10-08 14:59:57 -04:00
Mariano Cano
ba918100d0
Use go.step.sm/crypto/jose
...
Replace use of github.com/smallstep/cli/crypto with the new package
go.step.sm/crypto/jose.
2020-08-24 14:44:11 -07:00
Mariano Cano
d30a95236d
Use always go.step.sm/crypto
2020-08-14 15:33:50 -07:00
Mariano Cano
533ad0ca20
Use always go.step.sm/crypto/x509util
2020-08-11 17:59:33 -07:00
Mariano Cano
4943ae58d8
Move TLSOption, TLSVersion, CipherSuites and ASN1DN to certificates.
2020-08-10 15:29:18 -07:00
Mariano Cano
e83e47a91e
Use sshutil and randutil from go.step.sm/crypto.
2020-08-10 11:26:51 -07:00
Mariano Cano
0c8376a7f6
Fix existing unit tests.
2020-07-21 14:21:54 -07:00
max furman
495e60a44b
Extraneous fmt.Sprintf
2020-03-23 12:15:46 -07:00
max furman
dccbdf3a90
Introduce generalized statusCoder errors and loads of ssh unit tests.
...
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
2020-01-28 13:29:40 -08:00
Mariano Cano
2fe07cd79c
Fix tests.
2020-01-28 13:29:39 -08:00
Mariano Cano
64f2615864
Fix tests.
2019-03-25 12:35:21 -07:00
Mariano Cano
b07fe546fd
Fix types in tests.
2019-03-07 15:58:56 -08:00
max furman
ab78534b08
add test for SAN backwards compatibility with CLI
...
* new provisioner tokens always contain the crt.Subject.CommonName
in the SANS attribute of the token claims. added tests that verifies
backwards compatibility still works in cases where the token does not
contain the subject as a SAN claim.
2019-02-01 12:24:21 -06:00
max furman
e6e8443f3c
allow multiple identical SANs in cert
2019-01-31 11:20:21 -06:00
max furman
c74fcd57a7
ca-component -> certificates
...
* fix redundant error check
* add README
2018-10-31 21:36:01 -07:00
Mariano Cano
99cab73360
Remove unused import /provisioners/jwk-set-by-issuer
2018-10-25 18:55:18 -07:00
max furman
ee7db4006a
change sign + authorize authority api | add provisioners
...
* authorize returns []interface{}
- operators in this list can conform to any interface the user decides
- our implementation has a combination of certificate claim validators
and certificate template modifiers.
* provisioners can set and enforce tls cert options
2018-10-18 22:26:39 -07:00
max furman
0b5f6487e1
change provisioners api
...
* /provisioners -> /provisioners/jwk-set-by-issuer
* /provisioners now returns a list of Provisioners
2018-10-11 23:03:00 -07:00
max furman
378166a3b2
add full stack tests for multiple provisioners api
...
* /provisioners and /provisioners/<key-id>/encrypted-key
2018-10-09 13:37:47 -07:00
max furman
c284a2c0ab
first commit
2018-10-05 21:48:36 +00:00