Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-10-31 03:20:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,904 Commits 37 Branches 223 Tags 44 MiB
33bdae4a34
Commit Graph

218 Commits

Author SHA1 Message Date
Mariano Cano
33bdae4a34
Fix redacted tests 2023-09-25 15:57:01 -07:00
Mariano Cano
4d5fbfa439
Fix redacted types in SCEP provisioner 
This commit uses the same types for the fields in the provisioner.SCEP
type and the "redacted" models.SCEP.
 2023-09-25 15:49:45 -07:00
Herman Slatman
ffe079f31b
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-23 00:06:56 +02:00
Herman Slatman
5fd70af2c8
Make API responses aware of the new SCEP decrypter properties 2023-09-22 11:38:03 +02:00
Herman Slatman
3ade92f8d5
Support both a decrypter key URI as well as PEM 2023-09-22 11:10:22 +02:00
Dominic Evans
231b5d8406 chore(deps): upgrade github.com/go-chi/chi to v5 
Upgrade chi to the v5 module path to avoid deprecation warning about v4
and earlier on the old module path.

See https://github.com/go-chi/chi/blob/v4.1.3/go.mod#L1-L4

Signed-off-by: Dominic Evans <dominic.evans@uk.ibm.com>
 2023-09-20 11:26:32 +01:00
Herman Slatman
98d015b5c3
Fix linting issues 2023-09-04 15:36:37 +02:00
Herman Slatman
d9f56cdbdc
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-04 15:24:19 +02:00
Herman Slatman
9d3b78ae49
Add excludeIntermediate to SCEP provisioner 2023-09-04 14:55:27 +02:00
Max
116ff8ed65
bump go.mod to go1.20 and associated linter fixes (#1518) 2023-08-29 11:52:13 -07:00
Herman Slatman
4186b2c2d0
Change JSON marshaling for SCEP provisioners 
Instead of the old method that redacted sensitive information
by overriding the value of the property and changing it back
to the original, the API now uses a model specifically meant
for API responses. This prevents potential race conditions.

This may be iterated on a bit so that we don't need to rely
on the [provisioner.Interface] interface, which requires the
API model to implement unnecessary methods.
 2023-08-03 17:21:50 +02:00
Herman Slatman
d754000a68
Fix SCEP provisioner API test 2023-08-03 16:20:04 +02:00
Herman Slatman
6985b4be62
Clean up the SCEP authority and provisioner 2023-06-01 14:43:32 +02:00
Herman Slatman
180162bd6a
Refactor SCEP provisioner and decrypter 2023-06-01 12:10:54 +02:00
Herman Slatman
0377fe559b
Add basic version of provisioner specific SCEP decrypter 2023-05-26 23:52:49 +02:00
Max
df13351586
Merge pull request #1381 from smallstep/max/go-1.19 
Bump go.mod golang version to 1.19
 2023-05-10 10:34:24 -07:00
max furman
8b256f0351
address linter warning for go 1.19 2023-05-09 23:47:28 -07:00
Herman Slatman
017c3273ef
Merge pull request #1374 from smallstep/herman/log-ssh-certificate 
Log SSH certificates
 2023-05-09 17:21:03 +02:00
Herman Slatman
f17bfdf57d
Reformat the SSH certificate logging output for read- and parsability 2023-05-08 13:46:20 +02:00
Herman Slatman
4c56877d97
Add SSH certificate logging to renew and rekey too 2023-05-05 11:06:01 +02:00
Panagiotis Siatras
2139121683
optimized render.JSON (#929) 
* api/render: render JSON directly to the underlying writer

* also consider json.MarshalerError a panic
 2023-05-04 22:16:12 +03:00
Herman Slatman
81140f859c
Fix valid-from and valid-to times 2023-05-04 16:15:03 +02:00
Herman Slatman
39e658b527
Add test for LogSSHCertificate 2023-05-04 15:52:49 +02:00
Herman Slatman
922f702da3
Add logging for SSH certificate issuance 2023-05-04 15:33:06 +02:00
Herman Slatman
f9ec62f46c
Merge branch 'master' into herman/improve-scep-marshaling 2023-05-04 10:47:53 +02:00
Panagiotis Siatras
d797941137
do not render CRLs in memory (#1373) 2023-05-03 23:49:26 +03:00
Herman Slatman
c365d8580e
Move provisioner marshaling logic to api package 2022-12-13 10:26:34 +01:00
Herman Slatman
b8c306ebfa
Refactor tests stylistically 2022-11-18 10:26:03 +01:00
Panagiotis Siatras
9197de3e96
api/log: removed dependency to certificates/logging 2022-11-17 16:04:21 +02:00
Panagiotis Siatras
b7f4881972
merged log tests 2022-11-17 16:00:01 +02:00
Herman Slatman
27bbc3682b
Improve error log test readability 2022-11-17 13:07:19 +01:00
Herman Slatman
362be72120
Fix StackTracedError logging 
When running with `STEPDEBUG=1`, a response with a `StackTracedError`
would result in a nil pointer error. This commit fixes the check and
adds a test case.
 2022-11-17 12:34:30 +01:00
Mariano Cano
c7f226bcec
Add support for renew when using stepcas 
It supports renewing X.509 certificates when an RA is configured with stepcas.
This will only work when the renewal uses a token, and it won't work with mTLS.

The audience cannot be properly verified when an RA is used, to avoid this we
will get from the database if an RA was used to issue the initial certificate
and we will accept the renew token.

Fixes #1021 for stepcas
 2022-11-04 16:42:07 -07:00
Mariano Cano
59775fff0c
Merge branch 'master' into crl-support 2022-10-27 10:13:19 -07:00
max furman
66858a3870
No longer need to ignore context warnings when context in request 
- after upgrade to golangci-lint 1.50.0
 2022-10-04 13:49:10 -07:00
Raal Goff
d0e81af524 Merge branch 'master' into crl-support 2022-09-30 08:45:48 +08:00
max furman
4c7a2ce3eb
Fix errors.As linter warnings 2022-09-22 00:04:31 -07:00
max furman
7c5e5b2b87
Even more linter fixes 2022-09-20 21:48:04 -07:00
max furman
1e0ea6f958
more linting fixes 2022-09-20 19:05:12 -07:00
max furman
ab0d2503ae
Standardize linting file and fix or ignore lots of linting errors 2022-09-20 16:35:41 -07:00
Mariano Cano
221e756f40 Use render.Error on crl endpoint 2022-09-14 11:50:11 -07:00
Raal Goff
d2483f3a70 Merge branch 'master' into crl-support 
# Conflicts:
#	authority/config/config.go
 2022-09-08 09:45:04 +08:00
Mariano Cano
23b8f45b37 Address gosec warnings 
Most if not all false positives
 2022-08-18 17:46:20 -07:00
Mariano Cano
2db15e4eb5 Remove unnecessary log entries 
These log entries add CodeQL warnings and are not necessary because
our default http.ResponseWriter allows adding log entries.
 2022-08-11 18:14:36 -07:00
max furman
1dd0d7d0ee Update bad serial error to be more specific 2022-08-11 09:34:04 -07:00
max furman
7052a32c2c Validate revocation serial number 2022-08-09 11:04:00 -07:00
Raal Goff
9fa5f46213 add minor doco, Test_CRLGeneration(), fix some issues from merge 2022-07-13 08:56:47 +08:00
Raal Goff
60671b07d7 Merge branch 'master' into crl-support 
# Conflicts:
#	api/api.go
#	authority/config/config.go
#	cas/softcas/softcas.go
#	db/db.go
 2022-07-13 08:52:58 +08:00
Mariano Cano
1be74eca62 Merge branch 'master' into ssh-renew-provisioner 2022-05-23 14:31:15 -07:00
Mariano Cano
6b3a8f22f3 Add provisioner to SSH renewals 
This commit allows to report the provisioner to the linkedca when
a SSH certificate is renewed.
 2022-05-20 14:41:44 -07:00