Commit graph

37 commits

Author SHA1 Message Date
Mariano Cano
02c4f9817d Set full token payload instead of only the known properties. 2020-07-21 14:21:54 -07:00
Mariano Cano
0c8376a7f6 Fix existing unit tests. 2020-07-21 14:21:54 -07:00
Mariano Cano
ec5f155f8d Add more tests and missing marshallers. 2020-07-21 14:20:48 -07:00
Mariano Cano
aafd6be44a Add tests for SerialNumber. 2020-07-21 14:20:48 -07:00
Mariano Cano
b1a378c63b Add unit tests for extensions. 2020-07-21 14:20:48 -07:00
Mariano Cano
14652b35be Rename file. 2020-07-21 14:20:48 -07:00
Mariano Cano
5651873a38 Add certificate tests. 2020-07-21 14:20:48 -07:00
Mariano Cano
abaaec04f1 Move subject, issuer and serial number. 2020-07-21 14:20:48 -07:00
Mariano Cano
8069d1246b Start working on x5099util unit tests. 2020-07-21 14:20:48 -07:00
Mariano Cano
8f0dd811af Allow to send errors from template to cli. 2020-07-21 14:18:06 -07:00
Mariano Cano
1a04d458ae Leverage key usage options to template. 2020-07-21 14:18:06 -07:00
Mariano Cano
a7fe0104c4 Remove ACME restrictions and add proper template support. 2020-07-21 14:18:06 -07:00
Mariano Cano
6a09f11357 Use only the common name in iid subject.. 2020-07-21 14:18:06 -07:00
Mariano Cano
8236765e9c Use only key part to generate the SubjectKeyId.
This change generates the certificate subject key identifier using
the recommended method in the RFC 5280 section 4.2.1.2.
2020-07-21 14:18:06 -07:00
Mariano Cano
9bd576af2c Fix build of SANs. 2020-07-21 14:18:06 -07:00
Mariano Cano
b2ca3176f5 Prepend insecure to user and CR variables names. 2020-07-21 14:18:06 -07:00
Mariano Cano
69902b0153 For iid provisioners use only the csr name if custom sans is disabled.
The provisioner will validate the common name om a list of options.
2020-07-21 14:18:06 -07:00
Mariano Cano
eb8886d828 Add CR subject as iid default subject.
Add a minimal subject with just a common name to iid provisioners
in case we want to use it.
2020-07-21 14:18:06 -07:00
Mariano Cano
00fd41a3d0 Add template support to K8sSA provisioners. 2020-07-21 14:18:06 -07:00
Mariano Cano
13b704aeed Add template support for AWS provisioner. 2020-07-21 14:18:05 -07:00
Mariano Cano
e11160ebf1 Fix missing parenthesis. 2020-07-21 14:18:05 -07:00
Mariano Cano
a7e2ebb7d2 Fix creation of certificate without templates. 2020-07-21 14:18:05 -07:00
Mariano Cano
3c84453cf4 Move CreateTemplateData. 2020-07-21 14:18:05 -07:00
Mariano Cano
28ff122f83 Add certificate requests in the templates. 2020-07-21 14:18:05 -07:00
Mariano Cano
534a6b6c4c Add default templates for intermediate a root certificates. 2020-07-21 14:18:04 -07:00
Mariano Cano
0847af16cb Fix setter of basic constraints. 2020-07-21 14:18:04 -07:00
Mariano Cano
5a04e3b36d Add methods to add data to the template data. 2020-07-21 14:18:04 -07:00
Mariano Cano
ef0ed0ff95 Integrate simple templates in the JWK provisioner. 2020-07-21 14:18:04 -07:00
Mariano Cano
dcb962bdde Add TemplateData alias and some comments. 2020-07-21 14:18:04 -07:00
Mariano Cano
3ba1fbd881 Use local SplitSANs. 2020-07-21 14:18:04 -07:00
Mariano Cano
6eba0e0e0e Simplify default template. 2020-07-21 14:18:04 -07:00
Mariano Cano
abc0a63e32 Add wrapper around x509.CreateCertificate.
This wrapper generates some data if needed and cleans key usages
in templates.
2020-07-21 14:18:04 -07:00
Mariano Cano
3766702de9 Remove empty file. 2020-07-21 14:18:04 -07:00
Mariano Cano
208c351a39 Add sample leaf template. 2020-07-21 14:18:04 -07:00
Mariano Cano
70c0af8200 Use different options to load a template from a string or file. 2020-07-21 14:18:04 -07:00
Mariano Cano
738304bc6f Add support for SubjectalternativeName type.
Move code around and some fixes.
2020-07-21 14:18:04 -07:00
Mariano Cano
2556b57906 Add types for certificate flexibility.
This is a first implementation, not the final one.
2020-07-21 14:18:04 -07:00