smallstep-certificates

Commit Graph

Author	SHA1	Message	Date
Herman Slatman	c952e9fc9d	Use `NewDetailedError` instead	9 months ago
Herman Slatman	a0cdad335d	Add test for `WithAdditionalErrorDetail`	9 months ago
Herman Slatman	dd9bf1e915	Add error details for the `step` format	10 months ago
Herman Slatman	d5dd8feccd	Prevent internal errors from being returned to ACME clients	10 months ago
Herman Slatman	979e0f8f51	Add error details to select error cases for `apple` format	10 months ago
Herman Slatman	60a9e41c1c	Remove `Identifier` from top level ACME `Errors`	1 year ago
Herman Slatman	1c38113e44	Add ACME `Subproblem` for more detailed ACME client-side errors When validating an ACME challenge (`device-attest-01` in this case, but it's also true for others), and validation fails, the CA didn't return a lot of information about why the challenge had failed. By introducing the ACME `Subproblem` type, an ACME `Error` can include some additional information about what went wrong when validating the challenge. This is a WIP commit. The `Subproblem` isn't created in many code paths yet, just for the `step` format at the moment. Will probably follow up with some more improvements to how the ACME error is handled. Also need to cleanup some debug things (q.Q)	1 year ago
Mariano Cano	8538ff06b7	Add missing error case.	2 years ago
max furman	ab0d2503ae	Standardize linting file and fix or ignore lots of linting errors	2 years ago
Mariano Cano	7dc2067cb2	Update acme/errors.go Co-authored-by: Max <mx.furman@gmail.com>	2 years ago
Mariano Cano	8cf6675ce4	Return the internal error instead of the ACME error For ACME errors, return the internal error string instead of the ACME one on the "Error() string" function. This way the logs will have more information about the cause of an error. Fixes #1057	2 years ago
Mariano Cano	c5d3714a63	Fix acme error map	2 years ago
Mariano Cano	08815c5e90	Reneame attestation statement error	2 years ago
Mariano Cano	ab5f916bd3	Define ErrorBadAttestationStatement	2 years ago
Mariano Cano	66356cff43	Add attestation certificate validation for Apple devices	2 years ago
Brandon Weeks	7e1b0bebd9	iOS 16 beta 1 support	2 years ago
Brandon Weeks	860baeb1c5	Verbose debug logging	2 years ago
Panagiotis Siatras	00634fb648	api/render, api/log: initial implementation of the packages (#860 ) * api/render: initial implementation of the package * acme/api: refactored to support api/render * authority/admin: refactored to support api/render * ca: refactored to support api/render * api: refactored to support api/render * api/render: implemented Error * api: refactored to support api/render.Error * acme/api: refactored to support api/render.Error * authority/admin: refactored to support api/render.Error * ca: refactored to support api/render.Error * ca: fixed broken tests * api/render, api/log: moved error logging to this package * acme: refactored Error so that it implements render.RenderableError * authority/admin: refactored Error so that it implements render.RenderableError * api/render: implemented RenderableError * api/render: added test coverage for Error * api/render: implemented statusCodeFromError * api: refactored RootsPEM to work with render.Error * acme, authority/admin: fixed pointer receiver name for consistency * api/render, errs: moved StatusCoder & StackTracer to the render package	2 years ago
Herman Slatman	2d357da99b	Add tests for ACME revocation	2 years ago
max furman	2e0e62bc4c	add WriteError method for acme api	3 years ago
max furman	fd447c5b54	Fix small nbf->naf bug in db.CreateOrder - still needs unit test	3 years ago
max furman	a785131d09	Fix lint issues	3 years ago
max furman	f71e27e787	[acme db interface] unit test progress	3 years ago
max furman	80a6640103	[acme db interface] wip	3 years ago
max furman	1135ae04fc	[acme db interface] wip	3 years ago
max furman	03ba229bcb	[acme db interface] wip more errors	3 years ago
max furman	2ae43ef2dc	[acme db interface] wip errors	3 years ago
max furman	461bad3fef	[acme db interface] wip	3 years ago
David Cowden	a26b5f322d	acme/api: Brush up documentation on key-change Add more specific wording describing what a 501 means and add more color explaining how official vs unofficial error types should be handled.	4 years ago
David Cowden	b26e6e42b3	acme: Return 501 for the key-change route RFC 8555 § 7.3.5 is not listed as optional but we do not currently support it. Rather than 404, return a 501 to inform clients that this functionality is not yet implemented. The notImplmented error type is not an official error registered in the ietf:params:acme:error namespace, so prefix if with step:acme:error. An ACME server is allowed to return other errors and clients should display the message detail to users. Fixes: https://github.com/smallstep/certificates/issues/209	4 years ago
max furman	c255274572	Should be returning status code 400 for ACME Account Not Found. Issue #173	4 years ago
max furman	e3826dd1c3	Add ACME CA capabilities	5 years ago

32 Commits (master)