Commit Graph

1264 Commits

Author SHA1 Message Date
Mariano Cano
02c4f9817d Set full token payload instead of only the known properties. 2020-07-21 14:21:54 -07:00
Mariano Cano
0c8376a7f6 Fix existing unit tests. 2020-07-21 14:21:54 -07:00
Mariano Cano
497158d0f6 Fail early on builds. 2020-07-21 14:21:54 -07:00
Mariano Cano
d64cb99a22 Fix authority package tests. 2020-07-21 14:21:48 -07:00
Mariano Cano
ccc705cdcd Use alias x509legacy to cli x509util in tls.go. 2020-07-21 14:20:48 -07:00
Mariano Cano
ec5f155f8d Add more tests and missing marshallers. 2020-07-21 14:20:48 -07:00
Mariano Cano
aafd6be44a Add tests for SerialNumber. 2020-07-21 14:20:48 -07:00
Mariano Cano
b1a378c63b Add unit tests for extensions. 2020-07-21 14:20:48 -07:00
Mariano Cano
14652b35be Rename file. 2020-07-21 14:20:48 -07:00
Mariano Cano
5651873a38 Add certificate tests. 2020-07-21 14:20:48 -07:00
Mariano Cano
abaaec04f1 Move subject, issuer and serial number. 2020-07-21 14:20:48 -07:00
Mariano Cano
8069d1246b Start working on x5099util unit tests. 2020-07-21 14:20:48 -07:00
Mariano Cano
0de15b0a42 Update cli dependency to master. 2020-07-21 14:20:27 -07:00
Mariano Cano
8f0dd811af Allow to send errors from template to cli. 2020-07-21 14:18:06 -07:00
Mariano Cano
1a04d458ae Leverage key usage options to template. 2020-07-21 14:18:06 -07:00
Mariano Cano
a7fe0104c4 Remove ACME restrictions and add proper template support. 2020-07-21 14:18:06 -07:00
Mariano Cano
6a09f11357 Use only the common name in iid subject.. 2020-07-21 14:18:06 -07:00
Mariano Cano
8236765e9c Use only key part to generate the SubjectKeyId.
This change generates the certificate subject key identifier using
the recommended method in the RFC 5280 section 4.2.1.2.
2020-07-21 14:18:06 -07:00
Mariano Cano
cf2989a848 Add token and subject to K8sSA provisioner to be used in custom
templates.
2020-07-21 14:18:06 -07:00
Mariano Cano
71be83b25e Add iss#sub uri in OIDC certificates.
Admin will use the CR template if none is provided.
2020-07-21 14:18:06 -07:00
Mariano Cano
9bd576af2c Fix build of SANs. 2020-07-21 14:18:06 -07:00
Mariano Cano
c58117b30d Allow to use base64 when defining a template in the ca.json. 2020-07-21 14:18:06 -07:00
Mariano Cano
b2ca3176f5 Prepend insecure to user and CR variables names. 2020-07-21 14:18:06 -07:00
Mariano Cano
69902b0153 For iid provisioners use only the csr name if custom sans is disabled.
The provisioner will validate the common name om a list of options.
2020-07-21 14:18:06 -07:00
Mariano Cano
b11486f41f Fix option method for template variable. 2020-07-21 14:18:06 -07:00
Mariano Cano
04f5053a7a Add template support for x5c. 2020-07-21 14:18:06 -07:00
Mariano Cano
eb8886d828 Add CR subject as iid default subject.
Add a minimal subject with just a common name to iid provisioners
in case we want to use it.
2020-07-21 14:18:06 -07:00
Mariano Cano
e60ea419cc Add template support for gcp provisioner. 2020-07-21 14:18:06 -07:00
Mariano Cano
32646c49bf Add templates support to Azure provisioner. 2020-07-21 14:18:06 -07:00
Mariano Cano
a44f0ca866 Add token payload. 2020-07-21 14:18:06 -07:00
Mariano Cano
00fd41a3d0 Add template support to K8sSA provisioners. 2020-07-21 14:18:06 -07:00
Mariano Cano
13b704aeed Add template support for AWS provisioner. 2020-07-21 14:18:05 -07:00
Mariano Cano
49b9aa6e3f Fix log string. 2020-07-21 14:18:05 -07:00
Mariano Cano
4795e371bd Add back the support for ca.json DN template. 2020-07-21 14:18:05 -07:00
Mariano Cano
e6fed5e0aa Minor fixes and comments. 2020-07-21 14:18:05 -07:00
Mariano Cano
81cd288104 Enable templates in acme provisioners. 2020-07-21 14:18:05 -07:00
Mariano Cano
e11160ebf1 Fix missing parenthesis. 2020-07-21 14:18:05 -07:00
Mariano Cano
a7e2ebb7d2 Fix creation of certificate without templates. 2020-07-21 14:18:05 -07:00
Mariano Cano
3c84453cf4 Move CreateTemplateData. 2020-07-21 14:18:05 -07:00
Mariano Cano
28ff122f83 Add certificate requests in the templates. 2020-07-21 14:18:05 -07:00
Mariano Cano
ca2fb42d68 Move options to the provisioner. 2020-07-21 14:18:05 -07:00
Mariano Cano
206bc6757a Add initial support for templates in the OIDC provisioner. 2020-07-21 14:18:05 -07:00
Mariano Cano
534a6b6c4c Add default templates for intermediate a root certificates. 2020-07-21 14:18:04 -07:00
Mariano Cano
0847af16cb Fix setter of basic constraints. 2020-07-21 14:18:04 -07:00
Mariano Cano
068bafe5a3 Add templateData to api sign request. 2020-07-21 14:18:04 -07:00
Mariano Cano
95c3a41bf0 Rename UserData to TemplateData and fix unmarshaling. 2020-07-21 14:18:04 -07:00
Mariano Cano
9f3acc254b Set the token payload in the JWK provisioner. 2020-07-21 14:18:04 -07:00
Mariano Cano
5a04e3b36d Add methods to add data to the template data. 2020-07-21 14:18:04 -07:00
Mariano Cano
ef0ed0ff95 Integrate simple templates in the JWK provisioner. 2020-07-21 14:18:04 -07:00
Mariano Cano
d1d9ae42d6 Use certificates x509util instead of cli for certificate signing. 2020-07-21 14:18:04 -07:00