Commit graph

1800 commits

Author SHA1 Message Date
Mariano Cano
4bec2b04ec Add support for retired key management slots on yubikey.
Fixes #461
2021-02-16 14:47:34 -08:00
Mariano Cano
a947779795 Add uri support initializing cloudkms. 2021-02-16 13:11:47 -08:00
Mariano Cano
4902e45729 Add URI support initializing an awskms. 2021-02-16 13:10:53 -08:00
Mariano Cano
4745be2309
Merge pull request #474 from smallstep/cgo-or-not-cgo
Permit linting and testing without CGO support.
2021-02-12 16:09:29 -08:00
Mariano Cano
57075d9518 Phony travis. 2021-02-12 15:26:04 -08:00
Mariano Cano
1ddddb6bc7 Permit linting and testing without CGO support.
Use CGO for testing and building in travis.
Fixes #471
2021-02-12 13:18:30 -08:00
Mariano Cano
ddd6bc16d7
Merge pull request #457 from smallstep/pkcs11
Add support for PKCS #11 KMS.
2021-02-12 12:33:54 -08:00
Herman Slatman
713b571d7a
Refactor SCEP authority initialization and clean some code 2021-02-12 17:02:39 +01:00
Herman Slatman
ffdd58ea3c
Add rudimentary (and incomplete) support for SCEP 2021-02-12 12:03:08 +01:00
Mariano Cano
e446e22520 Remove extra default. 2021-02-11 19:25:16 -08:00
Mariano Cano
3648c3fab6 Fix error message when --kms is not passed. 2021-02-11 19:24:09 -08:00
Mariano Cano
d03c088ab7 Add test cases for uris with only the schema. 2021-02-11 19:14:35 -08:00
Mariano Cano
f6cbd9dc88 Fix typos. 2021-02-11 19:14:15 -08:00
Mariano Cano
b487edbd13 Clarify comment. 2021-02-11 17:38:14 -08:00
Mariano Cano
ebaeae9008 Avoid closing pkcs#11 context twice. 2021-02-08 19:16:57 -08:00
Mariano Cano
f289d1ee1f Update to crypto11 v1.2.4
This version now includes my changes to delete a certificate.
2021-02-08 12:01:21 -08:00
Carl Tashian
c1a2697806
Merge pull request #458 from smallstep/systemd
Add systemd files
2021-02-08 10:41:15 -08:00
Mariano Cano
f425a81d36 Enforce the use of id and label when generating objects. 2021-02-04 12:53:08 -08:00
Mariano Cano
dd6a43ad13 Add fake implementation of pkcs11 key manager without cgo.
This allows other binaries to import pkcs11 directly even if they
are compiled without cgo.
2021-02-04 12:32:30 -08:00
Mariano Cano
4fbf7569fa Merge branch 'master' into pkcs11 2021-02-01 18:13:16 -08:00
Mariano Cano
1d47a7284d Upgrade nosql with a version of badger compatible with 32bits 2021-02-01 18:09:28 -08:00
Mariano Cano
fbd2208044 Close key manager for safe reloads when a cgo module is used. 2021-02-01 17:14:44 -08:00
Mariano Cano
97c8cd10cd Test with CGO enabled 2021-02-01 17:04:07 -08:00
Mariano Cano
1d2146166b Close key manager. 2021-02-01 15:28:09 -08:00
Mariano Cano
3fdab93ab8 Add missing file. 2021-02-01 15:27:53 -08:00
Mariano Cano
a8260a3289 Add missing test. 2021-02-01 14:25:49 -08:00
Mariano Cano
41eff69fb3 Fix linting errors. 2021-02-01 14:22:53 -08:00
Mariano Cano
128d07f148 Use new GetEncoded method. 2021-02-01 14:17:39 -08:00
Mariano Cano
b28db61d5d Add missing close causing panic with softhsm2. 2021-02-01 14:16:55 -08:00
Mariano Cano
a74fc7a0b2 Remove unnecessary methods and add missing tests. 2021-02-01 14:16:08 -08:00
Carl Tashian
aaabdca61a Typofix 2021-02-01 13:47:55 -08:00
Carl Tashian
52a0edd29d Add readme 2021-02-01 13:11:14 -08:00
Carl Tashian
05daf22a1e Add SystemCallArchitectures=native 2021-02-01 13:07:52 -08:00
Carl Tashian
73fc350b84 Add note about PKCS#11 2021-02-01 11:56:24 -08:00
Mariano Cano
51ac28656e Fix protection level for host keys in cloudkms script.
Fixes #460
2021-01-29 16:11:25 -08:00
Mariano Cano
7f9d7eadc9 Attempt to delete key and certificate with the same name.
Nitrokey will override the label of the key with the certificate one.
If they are stored with the same id.
2021-01-29 13:31:07 -08:00
Mariano Cano
162c535705 Add option to not store certificates in the pkcs11 module. 2021-01-28 20:13:28 -08:00
Mariano Cano
50e9018a44 Fix missing return. 2021-01-28 19:53:25 -08:00
Mariano Cano
84a3c8c984 Rename nitrokey initialization to opensc. 2021-01-28 19:51:17 -08:00
Mariano Cano
b7afc92758 Complete tests. 2021-01-28 19:48:08 -08:00
Mariano Cano
3a479cb0e8 Add support for nitrokey. 2021-01-28 19:47:44 -08:00
Mariano Cano
e78d45a060 Add benchmarks for signing operations. 2021-01-28 19:46:48 -08:00
Mariano Cano
673675fa89 Convert pkcs11 tests to use tags. 2021-01-28 14:43:22 -08:00
Mariano Cano
6c113542c8 Fix ecdsa signature verification test. 2021-01-28 11:38:21 -08:00
Carl Tashian
9fd0964e1c Add SystemCallFilter=@system-service 2021-01-28 09:45:20 -08:00
Carl Tashian
2af73881d7 Add ProtectHome=true 2021-01-28 07:48:21 -08:00
Mariano Cano
35bf9b787e Implement ecdsa.VerifyASN1 to be compatible with go < 1.15 2021-01-27 20:35:42 -08:00
Mariano Cano
d9da150a5f Fix test. 2021-01-27 20:23:45 -08:00
Mariano Cano
294f84b8d4 Add initial set of unit tests for pkcs11 kms. 2021-01-27 20:17:14 -08:00
Carl Tashian
82f82d438c Add systemd files 2021-01-27 17:29:29 -08:00