Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-11-19 09:25:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,179 Commits 40 Branches 223 Tags 44 MiB
17578b57f2
Commit Graph

4179 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
33e6f2bae2
Bump google.golang.org/grpc from 1.59.0 to 1.60.0 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.59.0 to 1.60.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.59.0...v1.60.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-18 15:23:19 +00:00
dependabot[bot]
2a5a65161c
Bump github.com/google/uuid from 1.4.0 to 1.5.0 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-18 15:22:52 +00:00
Mariano Cano
62e09de2c6
Merge pull request #1647 from smallstep/go-jose 
Upgrade go.step.sm/crypto to use go-jose/v3
 2023-12-12 16:47:19 -08:00
Mariano Cano
b20af51f32
Upgrade go.step.sm/crypto to use go-jose/v3 2023-12-12 16:36:48 -08:00
github-actions[bot]
2c42907b4e
Merge pull request #1645 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.39.0 
Bump go.step.sm/crypto from 0.38.0 to 0.39.0
 2023-12-11 18:14:56 +01:00
github-actions[bot]
ecc47c8e18
Merge pull request #1646 from smallstep/dependabot/go_modules/google.golang.org/api-0.153.0 
Bump google.golang.org/api from 0.152.0 to 0.153.0
 2023-12-11 18:14:28 +01:00
Carl Tashian
4d0c684e88
Merge pull request #1640 from smallstep/carl/debian-bookworm 
Update Dockerfile.hsm to use Debian bookworm
 2023-12-11 09:02:21 -08:00
dependabot[bot]
6fcfb7a737
Bump google.golang.org/api from 0.152.0 to 0.153.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.152.0 to 0.153.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.152.0...v0.153.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-11 16:01:48 +00:00
dependabot[bot]
9aee8fde06
Bump go.step.sm/crypto from 0.38.0 to 0.39.0 
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.38.0 to 0.39.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.38.0...v0.39.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-11 16:01:34 +00:00
Carl Tashian
bd46d94238
Merge branch 'master' into carl/debian-bookworm 2023-12-05 07:26:39 -08:00
github-actions[bot]
c25273d7a7
Merge pull request #1638 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.28.1 
Bump github.com/newrelic/go-agent/v3 from 3.28.0 to 3.28.1
 2023-12-05 10:55:11 +01:00
Carl Tashian
38140c5765
Update Dockerfile.hsm to use Debian bookworm 2023-12-04 18:10:39 -08:00
dependabot[bot]
439ace3086
Bump github.com/newrelic/go-agent/v3 from 3.28.0 to 3.28.1 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.28.0 to 3.28.1.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.28.0...v3.28.1)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-04 15:33:06 +00:00
Herman Slatman
f453323ba9
Merge pull request #1631 from smallstep/herman/fix-apple-acmeclient-invalid-signatures 2023-12-01 09:48:37 +01:00
Herman Slatman
405aae798c
Simplify the copy logic used when patching JWS signature 2023-11-30 14:27:32 +01:00
Max
7bfe11c687
Bump go.step.sm/crypto (#1635) 2023-11-28 21:24:48 -08:00
Max
d34f0f6a97
Fix linter warnings (#1634) 2023-11-28 20:58:58 -08:00
Herman Slatman
26a3bb3c11
Make the Apple JWS fix more robust and catch more cases. 2023-11-29 02:30:28 +01:00
Herman Slatman
31ba1b33fb
Merge pull request #1633 from smallstep/update-changelog-20231122 
Set `v0.25.1` release date
 2023-11-29 01:03:48 +01:00
Herman Slatman
528aad86dd
Set v0.25.1 release date 2023-11-28 23:18:57 +01:00
Herman Slatman
3bb469274d
Merge pull request #1632 from smallstep/update-changelog-20231122 
Update changelog for `v0.25.1` release
 2023-11-28 09:54:57 +01:00
Herman Slatman
f01b48fdcd
Update changelog for v0.25.1 release 2023-11-27 16:39:09 +01:00
Herman Slatman
113491e7af
Remove TODO for patching other algorithms for Apple ACME client 2023-11-24 18:29:22 +01:00
Herman Slatman
06f4cbbcda
Add (temporary) fix for missing null bytes in Apple JWS signatures 
Apparently the Apple macOS (and iOS?) ACME client seems to omit
leading null bytes from JWS signatures. The base64-url encoded
bytes decode to a shorter byte slice than what the JOSE library
expects (e.g. 63 bytes instead of 64 bytes for ES256), and then
results in a `jose.ErrCryptoFailure`.

This commit retries verification of the JWS in case the first
verification fails with `jose.ErrCryptoFailure`. The signatures are
checked to be of the correct length, and if not, null bytes are
prepended to the signature. Then verification is retried, which
might fail again, but for other reasons. On success, the payload
is returned.

Apple should fix this in their ACME client, but in the meantime
this commit prevents some "bad request" error cases from happening.
 2023-11-24 18:21:01 +01:00
github-actions[bot]
cf6e189d7c
Merge pull request #1629 from smallstep/dependabot/go_modules/github.com/go-jose/go-jose/v3-3.0.1 
Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1
 2023-11-22 11:32:50 +01:00
dependabot[bot]
350ad9006c
Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/v3/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-21 22:19:52 +00:00
github-actions[bot]
1dacf50776
Merge pull request #1626 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.37.0 
Bump go.step.sm/crypto from 0.36.1 to 0.37.0
 2023-11-21 11:23:20 +01:00
dependabot[bot]
66df354f2f
Bump go.step.sm/crypto from 0.36.1 to 0.37.0 
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.36.1 to 0.37.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.36.1...v0.37.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-21 10:12:12 +00:00
github-actions[bot]
c6db7673bf
Merge pull request #1628 from smallstep/dependabot/go_modules/google.golang.org/api-0.151.0 
Bump google.golang.org/api from 0.150.0 to 0.151.0
 2023-11-21 11:09:06 +01:00
github-actions[bot]
a36cf81d6a
Merge pull request #1627 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.28.0 
Bump github.com/newrelic/go-agent/v3 from 3.27.0 to 3.28.0
 2023-11-21 11:08:28 +01:00
dependabot[bot]
5b07ae7f52
Bump google.golang.org/api from 0.150.0 to 0.151.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.150.0 to 0.151.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.150.0...v0.151.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-20 15:52:17 +00:00
dependabot[bot]
74597e6fbb
Bump github.com/newrelic/go-agent/v3 from 3.27.0 to 3.28.0 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.27.0 to 3.28.0.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.27.0...v3.28.0)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-20 15:52:03 +00:00
github-actions[bot]
8308e1ac54
Merge pull request #1619 from smallstep/dependabot/go_modules/golang.org/x/net-0.18.0 
Bump golang.org/x/net from 0.17.0 to 0.18.0
 2023-11-14 12:25:15 +01:00
dependabot[bot]
6826ca9ebb
Bump golang.org/x/net from 0.17.0 to 0.18.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.18.0.
- [Commits](https://github.com/golang/net/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-14 11:17:13 +00:00
github-actions[bot]
4f6ca083aa
Merge pull request #1620 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.15.0 
Bump golang.org/x/crypto from 0.14.0 to 0.15.0
 2023-11-14 12:15:42 +01:00
dependabot[bot]
2eefd2ce63
Bump golang.org/x/crypto from 0.14.0 to 0.15.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-13 15:41:26 +00:00
github-actions[bot]
6ebd5264ec
Merge pull request #1621 from smallstep/dependabot/go_modules/google.golang.org/api-0.150.0 
Bump google.golang.org/api from 0.149.0 to 0.150.0
 2023-11-13 16:38:04 +01:00
dependabot[bot]
48d9ea188b
Bump google.golang.org/api from 0.149.0 to 0.150.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.149.0 to 0.150.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.149.0...v0.150.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-13 15:26:27 +00:00
Herman Slatman
a4b7bbf2d9
Merge pull request #1617 from smallstep/herman/scep-webhook-provisioner-name 
Add `provisionerName` to SCEP webhook request body
 2023-11-08 20:16:31 +01:00
Herman Slatman
f082cbc421
Denormalize provisioner name in SCEP webhook 2023-11-08 20:09:52 +01:00
Herman Slatman
9ebc8779f5
Normalize SCEP provisioner name in webhook body 2023-11-08 19:52:20 +01:00
Herman Slatman
e815864ed8
Add verification of provisionerName in test 2023-11-08 19:46:29 +01:00
Herman Slatman
de45d66cdb
Add provisionerName to webhook request body 2023-11-08 19:43:13 +01:00
Mariano Cano
a7ed79bb21
Merge pull request #1616 from smallstep/fix-1611 
Use the same version for building and running
 2023-11-07 16:32:55 -08:00
Mariano Cano
875512c79e
Use the same version for building and running 
This commit makes sure to use the same version for building step-ca with
CGO and running it.

Fixes #1611
 2023-11-07 15:36:01 -08:00
Mariano Cano
1697dc63a7
Merge pull request #1608 from smallstep/mariano/ra-template 
Build RA token using SANs from the template
 2023-11-07 10:46:14 -08:00
Mariano Cano
690d1c3c50
Merge pull request #1609 from smallstep/mariano/jwk-commonname 
Change CommonName validator in JWK
 2023-11-07 10:45:51 -08:00
github-actions[bot]
111bc1d789
Merge pull request #1613 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.5.4 
Bump cloud.google.com/go/longrunning from 0.5.3 to 0.5.4
 2023-11-06 19:30:49 +01:00
dependabot[bot]
8c5d26e1c5
Bump cloud.google.com/go/longrunning from 0.5.3 to 0.5.4 
Bumps [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go) from 0.5.3 to 0.5.4.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/longrunning/v0.5.3...longrunning/v0.5.4)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/longrunning
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-06 18:27:22 +00:00
github-actions[bot]
444cfe2fcd
Merge pull request #1614 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.15.4 
Bump cloud.google.com/go/security from 1.15.3 to 1.15.4
 2023-11-06 19:26:02 +01:00