Andrew Reed
52d7f084d2
Add /roots.pem handler ( #866 )
...
* Add /roots.pem handler
* Review changes
* Remove no peer cert test case
2022-03-28 14:55:40 -07:00
Panagiotis Siatras
29092b9d8a
api: refactored to use the read package
2022-03-18 20:20:59 +02:00
Mariano Cano
616490a9c6
Refactor renew after expiry token authorization
...
This changes adds a new authority method that authorizes the
renew after expiry tokens.
2022-03-10 20:21:01 -08:00
Mariano Cano
afb5d36206
Allow to renew certificates using an x5c-like token.
2022-03-09 20:37:41 -08:00
Herman Slatman
5fe9909174
Refactor AdminAuthority interface
2021-12-22 15:30:40 +01:00
Herman Slatman
2215a05c28
Add tests for ACME EAB Admin
...
Refactored some of the existing bits for testing the Authority
API by creation of a new LinkedAuthority interface and changing
visibility of the MockAuthority to be usable by other packages.
At this time, not all of the functions of MockAuthority it usable
yet. Will refactor when needed or requested.
2021-12-08 15:19:38 +01:00
Mariano Cano
8c8db0d4b7
Modify errs.BadRequestErr() to always return an error to the client.
2021-11-18 18:17:36 -08:00
Mariano Cano
8ce807a6cb
Modify errs.BadRequest() calls to always send an error to the client.
2021-11-18 15:12:44 -08:00
Herman Slatman
e7a988b2cd
Pin golangci-lint to v1.43.0 and fix issues
2021-11-13 01:30:03 +01:00
max furman
933b40a02a
Introduce gocritic linter and address warnings
2021-10-08 14:59:57 -04:00
max furman
9fdef64709
Admin level API for provisioner mgmt v1
2021-07-02 19:05:17 -07:00
Mariano Cano
c1c986922b
Show Ed25519 in the public-key log field.
2021-05-06 18:09:40 -07:00
max furman
f88f58440f
add //nolint for new 1.16 deprecation warnings
...
- dsa
- pem.DecryptPEMBlock
2021-02-18 20:14:20 -08:00
Mariano Cano
ba918100d0
Use go.step.sm/crypto/jose
...
Replace use of github.com/smallstep/cli/crypto with the new package
go.step.sm/crypto/jose.
2020-08-24 14:44:11 -07:00
Mariano Cano
4943ae58d8
Move TLSOption, TLSVersion, CipherSuites and ASN1DN to certificates.
2020-08-10 15:29:18 -07:00
Mariano Cano
e83e47a91e
Use sshutil and randutil from go.step.sm/crypto.
2020-08-10 11:26:51 -07:00
Mariano Cano
6c64fb3ed2
Rename provisioner options structs:
...
* provisioner.ProvisionerOptions => provisioner.Options
* provisioner.Options => provisioner.SignOptions
* provisioner.SSHOptions => provisioner.SingSSHOptions
2020-07-22 18:24:45 -07:00
max furman
fd05f3249b
A few last fixes and tests added for rekey/renew ...
...
- remove all `renewOrRekey`
- explicitly test difference between renew and rekey (diff pub keys)
- add back tests for renew
2020-07-09 12:11:40 -07:00
dharanikumar-s
dfda497929
Renamed RenewOrRekey to Rekey
2020-07-08 11:47:59 +05:30
dharanikumar-s
a3b5211e0f
gofmted the code
2020-07-05 22:40:36 +05:30
dharanikumar-s
954fda657b
Added renewOrRekey to mockAuthority. Added Test_caHandler_Rekey
2020-07-05 22:05:00 +05:30
Mariano Cano
fa416336a8
Add context to tests.
2020-03-10 19:17:32 -07:00
max furman
1cb8bb3ae1
Simplify statuscoder error generators.
2020-01-28 13:29:40 -08:00
max furman
dccbdf3a90
Introduce generalized statusCoder errors and loads of ssh unit tests.
...
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
2020-01-28 13:29:40 -08:00
Mariano Cano
dedf6b17be
Addapt tests to the api change.
2020-01-28 13:29:39 -08:00
Mariano Cano
b179ad3662
Fix api tests.
2020-01-28 13:29:39 -08:00
Mariano Cano
8bf3bf701e
Add support for /ssh/bastion method.
2020-01-28 13:28:16 -08:00
Mariano Cano
0ae9bab21e
Fix api tests.
2020-01-28 13:28:16 -08:00
Mariano Cano
d880a98295
Add tests for ssh api methods.
2020-01-28 13:28:16 -08:00
Mariano Cano
d08db4df23
Rename SSH methods.
2020-01-28 13:28:16 -08:00
Mariano Cano
91130b9c3f
Add support for user data in templates.
2020-01-28 13:28:16 -08:00
Mariano Cano
a35988ff08
Add initial support for ssh config.
...
Related to smallstep/cli#170
2020-01-28 13:28:16 -08:00
Mariano Cano
961be1fbc7
Add endpoint to return the SSH public keys.
...
Related to smallstep/ca-component#195
2020-01-28 13:28:16 -08:00
Jozef Kralik
bc6074f596
Change api of functions Authority.Sign, Authority.Renew
...
Returns certificate chain instead of 2 members.
Implements #126
2019-10-09 22:23:00 +02:00
max furman
e3826dd1c3
Add ACME CA capabilities
2019-09-13 15:48:33 -07:00
max furman
61d52a8510
Small fixes associated with PR review
...
* additions and grammar edits to documentation
* clarification of error msgs
2019-09-08 21:05:36 -07:00
Mariano Cano
10e7b81b9f
Merge branch 'master' into ssh-ca
2019-09-05 23:06:01 +02:00
max furman
2b41faa9cf
Enforce >= 2048 bit rsa keys at the provisioner layer
...
* Fixes #94
* In the future this should be configurable by provisioner
2019-08-27 14:44:59 -07:00
Mariano Cano
ca74bb1de5
Add ssh api tests.
2019-08-05 16:06:05 -07:00
Mariano Cano
ba2ba54928
Adapt api package to new interfaces.
2019-07-29 12:52:13 -07:00
max furman
ab4d569f36
Add /revoke API with interface db backend
2019-04-10 13:50:35 -07:00
Mariano Cano
64f2615864
Fix tests.
2019-03-25 12:35:21 -07:00
Mariano Cano
a97ea87caa
Move options to provisioner so we can set the duration of the cert.
2019-03-07 15:14:18 -08:00
Mariano Cano
aa8385b8ba
Fix api tests.
2019-03-07 13:15:07 -08:00
Mariano Cano
bcaba4f72a
Fix api tests.
2019-03-06 18:41:01 -08:00
Mariano Cano
adbc496b40
Improve tests
2019-02-20 12:18:13 -08:00
Mariano Cano
b974957868
Add certificate information to logs.
...
Fixes smallstep/ca-component#147
2019-02-19 19:48:18 -08:00
Mariano Cano
8252608ca2
Fix mock
2019-01-14 14:33:00 -08:00
Mariano Cano
518b597535
Remove mTLS client requirement in /roots and /federation
2019-01-11 19:08:08 -08:00
Mariano Cano
d296cf95a9
Add mTLS request to get all the root CAs, not the federated ones.
2019-01-07 17:48:56 -08:00