Mariano Cano
|
906c5067b9
|
Include attestation roots on provisioner converters
|
2022-09-29 16:12:55 -07:00 |
|
max furman
|
1e0ea6f958
|
more linting fixes
|
2022-09-20 19:05:12 -07:00 |
|
Mariano Cano
|
191d9e8629
|
Use go.step.sm/crypto to set the permanent identifier
|
2022-09-20 18:57:43 -07:00 |
|
Brandon Weeks
|
de5b0ef5c2
|
Verify key authorization is contained within the TPM quote extraData field
|
2022-09-20 16:51:55 -07:00 |
|
Brandon Weeks
|
248da10f32
|
Implement TPM attestation statement verification
|
2022-09-20 16:50:26 -07:00 |
|
Brandon Weeks
|
6f2b4d3042
|
Add ACME permanent-identifier identifier type
|
2022-09-20 16:48:28 -07:00 |
|
Herman Slatman
|
25cbe02b9e
|
Add provisioner template validation
Fixes #1012
|
2022-09-20 16:40:25 -07:00 |
|
Mariano Cano
|
df975122a0
|
Upgrade linkedca and add entry to changelog
|
2022-09-12 16:30:41 -07:00 |
|
Mariano Cano
|
bb0210e875
|
Fix typo in linkedca variable
|
2022-09-09 14:34:32 -07:00 |
|
Mariano Cano
|
66407139e5
|
Add methods to convert attestation formats
|
2022-09-08 17:49:24 -07:00 |
|
Mariano Cano
|
a2749ca8ed
|
Merge branch 'master' into device-attestation
|
2022-09-06 12:29:06 -07:00 |
|
Mariano Cano
|
45af68b244
|
Upgrade go.step.sm/crypto
|
2022-08-31 11:36:07 -07:00 |
|
Mariano Cano
|
6db631df51
|
Upgrade go.step.sm/crypto@attest
|
2022-08-30 15:49:10 -07:00 |
|
Mariano Cano
|
a893d6e7f7
|
Upgrade go.step.sm/cli-utils
Fixes issue with step path
|
2022-08-25 15:37:35 -07:00 |
|
Mariano Cano
|
1938b1bb34
|
Merge branch 'master' into herman/fix-template-validation
|
2022-08-25 13:31:33 -07:00 |
|
Mariano Cano
|
1d1e024b84
|
Upgrade to go.step.sm/crypto v0.18.0
|
2022-08-25 12:40:31 -07:00 |
|
Mariano Cano
|
bca311b05e
|
Add acme property to enable challenges
Fixes #1027
|
2022-08-23 17:11:40 -07:00 |
|
Herman Slatman
|
6b7b989988
|
Add provisioner template validation
Fixes #1012
|
2022-08-23 16:27:49 +02:00 |
|
Mariano Cano
|
693dc39481
|
Merge branch 'master' into device-attestation
|
2022-08-22 17:59:17 -07:00 |
|
Mariano Cano
|
6cab4d328e
|
Add a middleware to automatically route HEAD requests to GET
Fixes #992
|
2022-08-16 16:10:29 -07:00 |
|
Mariano Cano
|
0c7467ceb2
|
Allow to automatically configure and linked RA
|
2022-08-16 14:39:02 -07:00 |
|
Mariano Cano
|
5df1694250
|
Add endpoint id for the RA certificate
In a linked RA mode, send an endpoint id to group the server
certificates.
|
2022-08-11 14:47:11 -07:00 |
|
Mariano Cano
|
2f7cb9225f
|
Use go.step.sm/crypto to set the permanent identifier
|
2022-08-10 17:38:18 -07:00 |
|
Mariano Cano
|
369b8f81c3
|
Use go.step.sm/crypto/kms
Fixes #975
|
2022-08-08 17:58:18 -07:00 |
|
Mariano Cano
|
e02a190fa7
|
Merge branch 'master' into device-attestation
|
2022-08-08 17:29:59 -07:00 |
|
Mariano Cano
|
8445c29db6
|
Change actions to build using Go 1.19
Fixes #998
|
2022-08-08 12:01:18 -07:00 |
|
Mariano Cano
|
38fb92452f
|
Merge pull request #993 from smallstep/ra-ids
RA provisioner IDs
|
2022-08-04 11:26:59 -07:00 |
|
Mariano Cano
|
821743f71e
|
Upgrade newrelic to v3
|
2022-08-04 11:16:11 -07:00 |
|
Aaron Bieber
|
135c481893
|
Update deps to bring in support for OpenBSD
OpenBSD support was added to the following deps:
- github.com/go-piv/piv-go in https://github.com/go-piv/piv-go/pull/101
- github.com/newrelic/go-agent in https://github.com/newrelic/go-agent/pull/455
- github.com/miekg/pkcs11 in https://github.com/miekg/pkcs11/pull/140
With these deps bumped, tests all pass on OpenBSD amd64.
|
2022-08-04 11:38:15 -06:00 |
|
Mariano Cano
|
a2f7766943
|
Use released version of linkedca
|
2022-08-04 10:31:57 -07:00 |
|
Mariano Cano
|
64744562c6
|
Send RA provisioner to linkedca.
|
2022-08-03 18:44:25 -07:00 |
|
Brandon Weeks
|
77c6d10fd6
|
Verify key authorization is contained within the TPM quote extraData field
|
2022-06-23 05:19:36 +10:00 |
|
Brandon Weeks
|
e1ec31c0ed
|
Implement TPM attestation statement verification
|
2022-06-23 05:19:36 +10:00 |
|
Brandon Weeks
|
2ac8b69da2
|
Add ACME permanent-identifier identifier type
|
2022-06-23 05:19:36 +10:00 |
|
Mariano Cano
|
2adf8caac7
|
Fix Dependabot warning on an indirect dependency
|
2022-05-25 17:11:45 -07:00 |
|
Erik De Lamarter
|
dec1067add
|
vault kubernetes auth
|
2022-05-21 21:06:14 +02:00 |
|
Herman Slatman
|
d1ab1d5431
|
Merge branch 'master' into herman/update-crypto-0.16.2
|
2022-05-18 09:11:38 +02:00 |
|
Herman Slatman
|
b75ce3acbd
|
Update to go.step.sm/crypto v0.16.2
This patch release of go.step.sm/crypto fixes an issue with
not all `Subject` names being available for usage in a template
as `ExtraNames`.
|
2022-05-17 23:39:01 +02:00 |
|
Herman Slatman
|
7030dbb7a1
|
Use github.com/smallstep/pkcs7 fork with patches applied
|
2022-05-11 21:18:47 +02:00 |
|
Herman Slatman
|
ed231d29e2
|
Update to go.step.sm/linkedca@v0.16.1
|
2022-05-05 15:57:47 +02:00 |
|
Herman Slatman
|
f0272dc717
|
Fix import replacement of linkedca
|
2022-05-05 11:10:21 +02:00 |
|
Herman Slatman
|
60d8b22d89
|
Change context retrievers to MustTFromContext
|
2022-05-05 11:05:57 +02:00 |
|
Herman Slatman
|
f2f9cb899e
|
Add conditional defaults to policy protobuf request bodies
|
2022-04-19 12:09:45 +02:00 |
|
Herman Slatman
|
647538e9e8
|
Merge branch 'herman/allow-deny' into herman/allow-deny-options
|
2022-04-19 10:32:16 +02:00 |
|
Herman Slatman
|
ad2de16299
|
Merge branch 'master' into herman/allow-deny
|
2022-04-19 10:26:31 +02:00 |
|
Herman Slatman
|
7f9034d22a
|
Add additional policy options
|
2022-04-19 10:24:52 +02:00 |
|
Mariano Cano
|
fe9c3cf753
|
Merge branch 'master' into ahmet2mir-feat/vault
|
2022-04-18 15:35:26 -07:00 |
|
Herman Slatman
|
d6be9450be
|
Merge branch 'master' into herman/allow-deny
|
2022-04-15 11:57:05 +02:00 |
|
Mariano Cano
|
674dc3c844
|
Rename unreleased claim to allowRenewalAfterExpiry for consistency.
|
2022-04-13 15:11:54 -07:00 |
|
Mariano Cano
|
26e40068c8
|
Remove unnecessary dependencies.
|
2022-04-11 18:49:14 -07:00 |
|