max furman
71d87b4e61
wip
2020-06-24 23:25:15 -07:00
Mariano Cano
bfe1f4952d
Rename interface to CertificateEnforcer and add tests.
2020-03-31 11:41:36 -07:00
Mariano Cano
4eaeede77d
Fix unit tests.
2020-02-11 14:05:37 -08:00
max furman
1e5763031b
Add backdate validation to sshCertValidityValidator.
2020-01-24 13:46:54 -08:00
max furman
c387b21808
Introduce generalized statusCoder errors and loads of ssh unit tests.
...
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
2020-01-22 17:25:23 -08:00
Mariano Cano
8585b29711
Make test to compile, they still fail.
2019-11-14 18:07:16 -08:00
Max
0a96062b76
Merge pull request #128 from jkralik/returnCertChain
...
Change api of functions Authority.Sign, Authority.Renew
2019-10-18 14:00:18 -07:00
max furman
d368791606
Add x5c provisioner capabilities
2019-10-14 14:51:37 -07:00
Jozef Kralik
bc6074f596
Change api of functions Authority.Sign, Authority.Renew
...
Returns certificate chain instead of 2 members.
Implements #126
2019-10-09 22:23:00 +02:00
Mariano Cano
10e7b81b9f
Merge branch 'master' into ssh-ca
2019-09-05 23:06:01 +02:00
max furman
2b41faa9cf
Enforce >= 2048 bit rsa keys at the provisioner layer
...
* Fixes #94
* In the future this should be configurable by provisioner
2019-08-27 14:44:59 -07:00
Mariano Cano
e1cd5ee8c3
Add context to the Authorize method.
...
Fix tests.
2019-07-29 12:34:27 -07:00
max furman
81db527f12
NoopDB -> SimpleDB
2019-05-07 12:26:30 -07:00
max furman
b73fe8c157
Add used OTT to DB during authToken step
2019-05-06 15:52:02 -07:00
max furman
ab4d569f36
Add /revoke API with interface db backend
2019-04-10 13:50:35 -07:00
Mariano Cano
04da00d716
Merge pull request #55 from smallstep/x509util-real-x509
...
Use standard x509 creating signed certificates
2019-03-25 15:50:57 -07:00
Mariano Cano
64f2615864
Fix tests.
2019-03-25 12:35:21 -07:00
Mariano Cano
8c8547bf65
Remove unnecessary parse and improve tests.
2019-03-20 18:11:45 -07:00
Mariano Cano
b9530909a4
Fix tests.
2019-03-20 17:41:37 -07:00
Mariano Cano
7fd737cbb1
Fix lint warnings.
2019-03-11 18:47:57 -07:00
Mariano Cano
1f5ff5c899
Fix sign and renew tests.
2019-03-11 18:15:24 -07:00
Mariano Cano
54d86ca1c1
testing work in progress.
2019-03-07 19:30:17 -08:00
max furman
229e5908b7
Added test for different authority key id after renew
...
Also ran dep ensure.
2019-02-14 19:17:42 -08:00
Mariano Cano
d78febec7a
Fix extensions copy on renew
...
Fixes #36
2019-02-14 16:44:36 -08:00
max furman
7e43402575
bug fix: don't add common name to CSR validation claims in Sign
...
* added unit test for this case
2019-02-06 16:26:25 -08:00
Mariano Cano
d6cad2a7f3
Add provisioner option to disable renewal.
...
Fixes smallstep/ca-component#108
2018-11-01 15:43:24 -07:00
max furman
0d9dd2d14b
provisioner issuer -> name
2018-10-29 18:00:30 -07:00
max furman
7fa06643b2
change step provisioner OID and ASN1 representation
2018-10-26 14:24:16 -07:00
max furman
a4a461466b
withProvisionerOID and unit test
2018-10-25 23:49:23 -07:00
max furman
ee7db4006a
change sign + authorize authority api | add provisioners
...
* authorize returns []interface{}
- operators in this list can conform to any interface the user decides
- our implementation has a combination of certificate claim validators
and certificate template modifiers.
* provisioners can set and enforce tls cert options
2018-10-18 22:26:39 -07:00
max furman
c284a2c0ab
first commit
2018-10-05 21:48:36 +00:00