Commit graph

70 commits

Author SHA1 Message Date
Mariano Cano
e4e799ca85 Fix typos in comment. 2021-09-09 12:45:29 -07:00
Mariano Cano
6d644880bd Allow to kms signers to define the SignatureAlgorithm
CloudKMS keys signs data using an specific signature algorithm, in RSA keys,
this can be PKCS#1 RSA or RSA-PSS, if the later is used, x509.CreateCertificate
will fail unless the template SignatureCertificate is properly set.

On contrast, AWSKMS RSA keys, are just RSA keys, and can sign with PKCS#1 or
RSA-PSS schemes, so right now the way to enforce one or the other is to used
templates.
2021-09-08 17:48:50 -07:00
Mariano Cano
de719eb6f0 Add an option to avoid password prompts on step cas
When we are using `step ca init` to create a stepcas RA we don't
have access to the password for verify the provisioner.
2021-08-04 16:16:35 -07:00
max furman
77fdfc9fa3 Merge branch 'master' into max/cert-mgr-crud 2021-07-02 20:26:46 -07:00
max furman
9fdef64709 Admin level API for provisioner mgmt v1 2021-07-02 19:05:17 -07:00
Mariano Cano
35e6cc275a Fix typos in comments. 2021-06-23 09:35:14 +02:00
Mariano Cano
dce1b290bd Remove debug statements. 2021-06-08 17:57:24 -07:00
Mariano Cano
ac3c754a6d Use known CA and add tier and gcs bucket options. 2021-06-08 17:43:52 -07:00
Mariano Cano
529eb4bae9 Rename CAPool to CaPool. 2021-06-07 19:20:23 -07:00
Mariano Cano
9db68db509 Add tests with cloudCAS EnableCertificateAuthority. 2021-06-07 19:17:30 -07:00
Mariano Cano
48bc4e549d Fix cloudcas tests. 2021-06-07 15:53:29 -07:00
Mariano Cano
072bd0dcf4 Add support for Google CAS v1 2021-06-03 19:31:19 -07:00
Herman Slatman
491c2b8d93 Improve initialization of SCEP authority 2021-05-26 16:10:21 -07:00
Herman Slatman
2a249d20de Refactor initialization of SCEP authority 2021-05-26 16:04:19 -07:00
Herman Slatman
c5e4ea08b3
Merge branch 'master' into hs/scep 2021-03-26 15:22:41 +01:00
Mariano Cano
84018ec71b Clarify comment. 2021-03-25 11:07:58 -07:00
Mariano Cano
a9297100d8 Allow to configure the JWK using the encrypted key. 2021-03-24 19:05:56 -07:00
Mariano Cano
d9f93ccfde Fix typo. 2021-03-24 12:06:29 -07:00
Mariano Cano
edc7c4d90e Add support for password encrypted files 2021-03-23 17:54:42 -07:00
Mariano Cano
80542d6d9a Add JWK as an issuer for stepcas. 2021-03-23 16:14:49 -07:00
Mariano Cano
ce3e6bfdf6 Fix linting errors. 2021-03-22 13:45:20 -07:00
Mariano Cano
96de4e6ec8 Return a non-implemented error in stepcas.RenewCertificate. 2021-03-22 12:56:12 -07:00
Mariano Cano
348815f4f6 Fix error message. 2021-03-22 11:51:11 -07:00
Herman Slatman
583d60dc0d
Address (most) PR comments 2021-03-21 16:42:41 +01:00
Mariano Cano
e7a6c46e54 Fix linting errors. 2021-03-19 14:21:47 -07:00
Mariano Cano
08e75b614e Do not depend on Go 1.16. 2021-03-19 13:23:32 -07:00
Mariano Cano
6fd6270e7d Remove debug statements. 2021-03-19 13:21:14 -07:00
Mariano Cano
7958f6ebb5 Add support for lifetime. 2021-03-19 13:19:49 -07:00
Mariano Cano
ae4b8f58b8 Add support for emails, ips and uris. 2021-03-19 12:02:03 -07:00
Mariano Cano
dbb48ecf8d Add tests for stepcas. 2021-03-18 18:01:38 -07:00
Mariano Cano
bcf70206ac Add support for revocation using an extra provisioner in the RA. 2021-03-17 19:47:36 -07:00
Mariano Cano
a6115e29c2 Add initial implementation of StepCAS.
StepCAS allows to configure step-ca as an RA using another step-ca
as the main CA.
2021-03-17 19:33:35 -07:00
Herman Slatman
e1cab4966f
Improve initialization of SCEP authority 2021-03-12 15:49:39 +01:00
Herman Slatman
7ad90d10b3
Refactor initialization of SCEP authority 2021-02-26 00:32:21 +01:00
Miclain Keffeler
ffbfcfb1f2 format. 2020-12-28 18:46:21 -06:00
Miclain K Keffeler
7a1eb43bb1
Update options.go 2020-12-28 17:12:37 -06:00
Miclain K Keffeler
f3396bf964
Update softcas.go 2020-12-28 17:10:44 -06:00
Miclain Keffeler
7545b4a625 leverage intermediate_ca.crt for appending certs. 2020-12-23 22:41:10 -06:00
Mariano Cano
a97fab4119 Fix mispell. 2020-11-03 12:48:48 -08:00
Mariano Cano
b057c6677a Use test/bufconn instead of a real listener. 2020-11-03 12:45:31 -08:00
Mariano Cano
4f9200cc47 Add missing docs. 2020-11-03 12:45:31 -08:00
Mariano Cano
41a46bbd75 Enable default cas implementation. 2020-11-03 12:45:31 -08:00
Mariano Cano
7020011842 Add some extra tests. 2020-11-03 12:45:31 -08:00
Mariano Cano
7aa8a8fe1e Complete tests for softCAS. 2020-11-03 12:45:31 -08:00
Mariano Cano
bb4f2aef2f Fix lint error. 2020-11-03 12:45:31 -08:00
Mariano Cano
b275758018 Complete CloudCAS tests.
Upgrade cloud.google.com/go
2020-11-03 12:45:31 -08:00
Mariano Cano
10c2ce3071 Add missing files, mocks created using mockgen. 2020-11-03 12:44:54 -08:00
Mariano Cano
b2ae112dd2 Add initial tests for CreateCertificateAuthority. 2020-11-03 12:44:54 -08:00
Mariano Cano
b68344ec36 Fix unexpected error. 2020-11-03 12:44:54 -08:00
Mariano Cano
dff00a0218 Add support for local signing or cloudCAS intermediates. 2020-11-03 12:44:54 -08:00