Commit Graph

1744 Commits (335435decfd395879f6f087f1a919ec371d5f1fb)
 

Author SHA1 Message Date
Mariano Cano 00c6f08612
Merge pull request #440 from mkkeffeler/smallstep-by-provisioner-appendedcert
Begins to fix issue 87
4 years ago
Miclain Keffeler ffbfcfb1f2 format. 4 years ago
Miclain K Keffeler 7a1eb43bb1
Update options.go 4 years ago
Miclain K Keffeler f3396bf964
Update softcas.go 4 years ago
Mariano Cano 71a8e87eec Update go.sum with new version of go-piv. 4 years ago
Mariano Cano 6598ea9d73
Merge pull request #441 from gaffneyd4/gaffneyd4/x32
Bump go-piv to v1.7.0 for x32 overflow fix
4 years ago
Derek Gaffney 8416bd633d Bump go-piv to v1.7.0 for x32 overflow fix 4 years ago
Miclain Keffeler e9bfa061b8 Merge branch 'smallstep-by-provisioner-appendedcert' of https://github.com/mkkeffeler/certificates into smallstep-by-provisioner-appendedcert 4 years ago
Miclain Keffeler cf063d1f4a Revert "Begins to fix issue 87"
This reverts commit e2ba4159c3.
4 years ago
Miclain Keffeler 21dc406382 Begins to fix issue 87 4 years ago
Miclain Keffeler bfd13f1f72 Revert "Begins to fix issue 87"
This reverts commit e2ba4159c3.
4 years ago
Miclain Keffeler 393c43201f Merge branch 'smallstep-by-provisioner-appendedcert' of https://github.com/mkkeffeler/certificates into smallstep-by-provisioner-appendedcert 4 years ago
Miclain Keffeler 7545b4a625 leverage intermediate_ca.crt for appending certs. 4 years ago
Miclain Keffeler e2ba4159c3 Begins to fix issue 87 4 years ago
Max c255863816
Merge pull request #438 from smallstep/max/broken-validate-challenge-test
Fix broken ValidateChallenge test
4 years ago
max furman 265d49dbf8 Remove debug statement 4 years ago
max furman 1f9aa65d66 Add test case 4 years ago
max furman 20f8d950c4 Fix broken ValidateChallenge test 4 years ago
Mariano Cano bae209741f
Merge pull request #436 from smallstep/upgrade-crypto
Upgrade crypto and validate token id
4 years ago
Mariano Cano 5017b7d21f Recalculate token id instead of validating it. 4 years ago
Mariano Cano 86c947babc Upgrade crypto and fix test. 4 years ago
Mariano Cano 0cf594a003 Validate payload ID.
Related to #435
4 years ago
Mariano Cano d6ea8b13ab Upgrade crypto.
Related to #435
4 years ago
Mariano Cano 1feb4fcb26 Merge branch 'glance--sshagentkms' 4 years ago
Mariano Cano ccc403cf89 Fix comments, and return an error instead of fatal. 4 years ago
Mariano Cano 7d9997618f Upgrade crypto to v0.7.1
Add basic constraints extensions if defined.
4 years ago
max furman 19a3cd10a1 [docs] provisioners fix attr dupe and give warning about stale docs 4 years ago
Mariano Cano 2c164f39cc Fix rebase. 4 years ago
Mariano Cano 317a6b6aca Fix mispell. 4 years ago
Mariano Cano 0fcf9f8bc4 Use test/bufconn instead of a real listener. 4 years ago
Mariano Cano a0171c221e Add missing docs. 4 years ago
Mariano Cano 74111d4432 Enable default cas implementation. 4 years ago
Mariano Cano dfdbf493ac Add some extra tests. 4 years ago
Mariano Cano b4795fcd28 Complete tests for softCAS. 4 years ago
Mariano Cano 1c77538d48 Fix lint error. 4 years ago
Mariano Cano a01c3defc0 Complete CloudCAS tests.
Upgrade cloud.google.com/go
4 years ago
Mariano Cano fb1f37648f Add missing files, mocks created using mockgen. 4 years ago
Mariano Cano 2611fc04d4 Add initial tests for CreateCertificateAuthority. 4 years ago
Mariano Cano 062edcdfb4 Fix unexpected error. 4 years ago
Mariano Cano 9607eddd6a Remove unused code. 4 years ago
Mariano Cano fcaaab94a4 Add method to create a CertificateAuthorityResponse. 4 years ago
Mariano Cano a3f729fc28 Add support for local signing or cloudCAS intermediates. 4 years ago
Mariano Cano fe7db340b0 Update go.step.sm/crypto dependency. 4 years ago
Mariano Cano 5deca85b14 Add initial support for `step ca init` with cloud cas.
Fixes smallstep/cli#363
4 years ago
Mariano Cano 921de7e07f Upgrade crypto to v0.7.1
Add basic constraints extensions if defined.
4 years ago
max furman 2799ef9626 [docs] provisioners fix attr dupe and give warning about stale docs 4 years ago
Anton Lundin 3e6137110b Add support for using ssh-agent as a KMS
This adds a new KMS, SSHAgentKMS, which is a KMS to provide signing keys
for issuing ssh certificates signed by a key managed by a ssh-agent. It
uses the golang.org/x/crypto package to get a native Go implementation
to talk to a ssh-agent.

This was primarly written to be able to use gpg-agent to provide the
keys stored in a YubiKeys openpgp interface, but can be used for other
setups like proxying a ssh-agent over network.

That way the signing key for ssh certificates can be kept in a
"sign-only" hsm.

This code was written for my employer Intinor AB, but for simplicity
sake gifted to me to contribute upstream.

Signed-off-by: Anton Lundin <glance@acc.umu.se>
4 years ago
Mariano Cano 98a5aa5916
Merge pull request #409 from smallstep/cloudcas-init
Add CreateCertificateAuthority
4 years ago
Mariano Cano 736a6fb64e Fix rebase. 4 years ago
Mariano Cano a97fab4119 Fix mispell. 4 years ago