Mariano Cano
|
a78f7e8913
|
Add template support on k8ssa provisioner.
|
2020-07-30 17:45:03 -07:00 |
|
Mariano Cano
|
6c36ceb158
|
Add initial template support for iid provisisioners.
|
2020-07-30 17:45:03 -07:00 |
|
Mariano Cano
|
8e7bf96769
|
Fix error prefix.
|
2020-07-30 17:45:03 -07:00 |
|
Mariano Cano
|
e0dce54338
|
Add missing argument.
|
2020-07-30 17:45:03 -07:00 |
|
Mariano Cano
|
c1fc45c872
|
Simplify SSH modifiers with options.
It also changes the behavior of the request options to modify only
the validity of the certificate.
|
2020-07-30 17:45:03 -07:00 |
|
Mariano Cano
|
df1f7e5a2e
|
Use CertificateRequest type as input for ssh NewCertificate.
SSH does not have a real concept of ssh certificate request, but
we are using the type to encapsulate the parameters coming in the
request.
|
2020-07-30 17:45:03 -07:00 |
|
Mariano Cano
|
ad28f0f59a
|
Move variable where it is used.
|
2020-07-30 17:45:03 -07:00 |
|
Mariano Cano
|
715eb4eacc
|
Add initial support for ssh templates on OIDC.
|
2020-07-30 17:45:03 -07:00 |
|
Mariano Cano
|
c2dc76550c
|
Add ssh certificate template to X5C provisioner.
|
2020-07-30 17:45:03 -07:00 |
|
Mariano Cano
|
380a0d6daf
|
Add ssh certificate templates to JWK provisioner.
|
2020-07-30 17:45:03 -07:00 |
|
Mariano Cano
|
f75a12e10a
|
Add omitempty tag option.
|
2020-07-30 17:45:03 -07:00 |
|
Mariano Cano
|
d7e590908e
|
Use sshutil for ssh renewing and rekeying.
|
2020-07-30 17:45:02 -07:00 |
|
Mariano Cano
|
b66d123572
|
Use sshutil for SSH certificate signing.
|
2020-07-30 17:45:02 -07:00 |
|
Mariano Cano
|
570ede45e7
|
Do not enforce number of principals or extensions.
|
2020-07-30 17:45:02 -07:00 |
|
Mariano Cano
|
631f1612a1
|
Add TemplateData to SignSSHOptions.
|
2020-07-30 17:45:02 -07:00 |
|
Mariano Cano
|
fdd0eb6773
|
Create method CertTypeFromString(s string).
|
2020-07-30 17:45:02 -07:00 |
|
Mariano Cano
|
c6746425a3
|
Add methods to initialize ssh templates in provisioners.
|
2020-07-30 17:45:02 -07:00 |
|
Mariano Cano
|
af3eeb870e
|
Add package to generate ssh certificate for templates.
|
2020-07-30 17:45:02 -07:00 |
|
Mariano Cano
|
3e80f41c19
|
Change provisioner options to have X509 as a field.
|
2020-07-30 17:44:22 -07:00 |
|
Mariano Cano
|
a7b65f1e1e
|
Add authority.Sign test with custom templates.
|
2020-07-22 19:18:45 -07:00 |
|
Mariano Cano
|
6c64fb3ed2
|
Rename provisioner options structs:
* provisioner.ProvisionerOptions => provisioner.Options
* provisioner.Options => provisioner.SignOptions
* provisioner.SSHOptions => provisioner.SingSSHOptions
|
2020-07-22 18:24:45 -07:00 |
|
Mariano Cano
|
e0dd1bd132
|
Fix typo and add extra test with all fields.
|
2020-07-22 16:57:38 -07:00 |
|
Mariano Cano
|
e4ca83e8f9
|
Add marshalers and unmarshalers of defined types.
`type A B` does not inherit the methods from B.
|
2020-07-22 15:47:00 -07:00 |
|
Mariano Cano
|
3964125d47
|
Fix unmarshaling of Subject and Issuer.
|
2020-07-22 13:04:05 -07:00 |
|
Mariano Cano
|
978ad7e2b6
|
Fix merged tests.
|
2020-07-21 14:34:55 -07:00 |
|
Mariano Cano
|
44207523be
|
Add missing tests.
|
2020-07-21 14:21:54 -07:00 |
|
Mariano Cano
|
5ac3f8a160
|
Add provisioner options tests.
|
2020-07-21 14:21:54 -07:00 |
|
Mariano Cano
|
02c4f9817d
|
Set full token payload instead of only the known properties.
|
2020-07-21 14:21:54 -07:00 |
|
Mariano Cano
|
0c8376a7f6
|
Fix existing unit tests.
|
2020-07-21 14:21:54 -07:00 |
|
Mariano Cano
|
497158d0f6
|
Fail early on builds.
|
2020-07-21 14:21:54 -07:00 |
|
Mariano Cano
|
d64cb99a22
|
Fix authority package tests.
|
2020-07-21 14:21:48 -07:00 |
|
Mariano Cano
|
ccc705cdcd
|
Use alias x509legacy to cli x509util in tls.go.
|
2020-07-21 14:20:48 -07:00 |
|
Mariano Cano
|
ec5f155f8d
|
Add more tests and missing marshallers.
|
2020-07-21 14:20:48 -07:00 |
|
Mariano Cano
|
aafd6be44a
|
Add tests for SerialNumber.
|
2020-07-21 14:20:48 -07:00 |
|
Mariano Cano
|
b1a378c63b
|
Add unit tests for extensions.
|
2020-07-21 14:20:48 -07:00 |
|
Mariano Cano
|
14652b35be
|
Rename file.
|
2020-07-21 14:20:48 -07:00 |
|
Mariano Cano
|
5651873a38
|
Add certificate tests.
|
2020-07-21 14:20:48 -07:00 |
|
Mariano Cano
|
abaaec04f1
|
Move subject, issuer and serial number.
|
2020-07-21 14:20:48 -07:00 |
|
Mariano Cano
|
8069d1246b
|
Start working on x5099util unit tests.
|
2020-07-21 14:20:48 -07:00 |
|
Mariano Cano
|
0de15b0a42
|
Update cli dependency to master.
|
2020-07-21 14:20:27 -07:00 |
|
Mariano Cano
|
8f0dd811af
|
Allow to send errors from template to cli.
|
2020-07-21 14:18:06 -07:00 |
|
Mariano Cano
|
1a04d458ae
|
Leverage key usage options to template.
|
2020-07-21 14:18:06 -07:00 |
|
Mariano Cano
|
a7fe0104c4
|
Remove ACME restrictions and add proper template support.
|
2020-07-21 14:18:06 -07:00 |
|
Mariano Cano
|
6a09f11357
|
Use only the common name in iid subject..
|
2020-07-21 14:18:06 -07:00 |
|
Mariano Cano
|
8236765e9c
|
Use only key part to generate the SubjectKeyId.
This change generates the certificate subject key identifier using
the recommended method in the RFC 5280 section 4.2.1.2.
|
2020-07-21 14:18:06 -07:00 |
|
Mariano Cano
|
cf2989a848
|
Add token and subject to K8sSA provisioner to be used in custom
templates.
|
2020-07-21 14:18:06 -07:00 |
|
Mariano Cano
|
71be83b25e
|
Add iss#sub uri in OIDC certificates.
Admin will use the CR template if none is provided.
|
2020-07-21 14:18:06 -07:00 |
|
Mariano Cano
|
9bd576af2c
|
Fix build of SANs.
|
2020-07-21 14:18:06 -07:00 |
|
Mariano Cano
|
c58117b30d
|
Allow to use base64 when defining a template in the ca.json.
|
2020-07-21 14:18:06 -07:00 |
|
Mariano Cano
|
b2ca3176f5
|
Prepend insecure to user and CR variables names.
|
2020-07-21 14:18:06 -07:00 |
|