Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-10-31 03:20:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,845 Commits 37 Branches 223 Tags 44 MiB
36f1dd70bf
Commit Graph

3845 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Herman Slatman
36f1dd70bf
Add CSR to SCEPCHALLENGE webhook request body 2023-09-07 14:11:53 +02:00
Herman Slatman
98d015b5c3
Fix linting issues 2023-09-04 15:36:37 +02:00
Herman Slatman
d9f56cdbdc
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-04 15:24:19 +02:00
Herman Slatman
9d3b78ae49
Add excludeIntermediate to SCEP provisioner 2023-09-04 14:55:27 +02:00
Carl Tashian
83e5d4222d
Merge pull request #1519 from smallstep/carl/winget 
Add Winget release automation
 2023-08-31 17:33:34 -07:00
Max
e22166c628
provisionerOptionsToLinkedCA missing template and templateData (#1520) 2023-08-29 17:26:02 -07:00
Carl Tashian
73d765d1a9
Add Winget release automation 2023-08-29 16:04:17 -07:00
Max
116ff8ed65
bump go.mod to go1.20 and associated linter fixes (#1518) 2023-08-29 11:52:13 -07:00
github-actions[bot]
d727f228ff
Merge pull request #1517 from smallstep/dependabot/go_modules/github.com/google/uuid-1.3.1 
Bump github.com/google/uuid from 1.3.0 to 1.3.1
 2023-08-28 18:04:37 +02:00
dependabot[bot]
8d26a6c832
Bump github.com/google/uuid from 1.3.0 to 1.3.1 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-28 15:25:29 +00:00
github-actions[bot]
ddabd453bd
Merge pull request #1513 from smallstep/dependabot/go_modules/google.golang.org/api-0.138.0 
Bump google.golang.org/api from 0.136.0 to 0.138.0
 2023-08-21 18:29:00 +02:00
github-actions[bot]
fc0edb4c90
Merge pull request #1514 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.35.0 
Bump go.step.sm/crypto from 0.34.0 to 0.35.0
 2023-08-21 18:28:33 +02:00
dependabot[bot]
dccbe9f845
Bump go.step.sm/crypto from 0.34.0 to 0.35.0 
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.34.0 to 0.35.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.34.0...v0.35.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-21 15:41:26 +00:00
dependabot[bot]
1ca2353160
Bump google.golang.org/api from 0.136.0 to 0.138.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.136.0 to 0.138.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.136.0...v0.138.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-21 15:40:55 +00:00
Mariano Cano
9ea1e64a0a
Merge pull request #1511 from smallstep/fix-cbor-error 
Fix error string in tests
 2023-08-17 15:22:03 -07:00
Mariano Cano
d739aab345
Define BaseContext before starting the server in tests 
If the http.Server BaseContext is not define before the start of the
server, it might not be properly set depending on the goroutine
scheduler. This was causing random errors on CI.
 2023-08-17 12:56:26 -07:00
Mariano Cano
d8eeebfd51
Fix error string in tests 
This commit fixes a test checking an error string from an external
dependency.
 2023-08-17 12:03:16 -07:00
Mariano Cano
6067560834
Merge pull request #1510 from rvichery/aws-iid-all-certificates 
Add all AWS identity document certificates
 2023-08-17 11:55:41 -07:00
Remi Vichery
82b8e16d7f
Add all AWS identity document certificates 
* move to use embed instead of a multi-line string
* add test to ensure all certificates are valid
* add test to ensure validity (no expired certificate)
 2023-08-17 10:37:53 -07:00
github-actions[bot]
d3a16ab212
Merge pull request #1506 from smallstep/dependabot/go_modules/google.golang.org/api-0.136.0 
Bump google.golang.org/api from 0.134.0 to 0.136.0
 2023-08-14 18:51:29 +02:00
github-actions[bot]
b45127e3d5
Merge pull request #1507 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.24.1 
Bump github.com/newrelic/go-agent/v3 from 3.24.0 to 3.24.1
 2023-08-14 18:48:34 +02:00
github-actions[bot]
645fdfccef
Merge pull request #1508 from smallstep/dependabot/go_modules/github.com/fxamacker/cbor/v2-2.5.0 
Bump github.com/fxamacker/cbor/v2 from 2.4.0 to 2.5.0
 2023-08-14 18:48:18 +02:00
dependabot[bot]
b0b300988d
Bump github.com/fxamacker/cbor/v2 from 2.4.0 to 2.5.0 
Bumps [github.com/fxamacker/cbor/v2](https://github.com/fxamacker/cbor) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/fxamacker/cbor/releases)
- [Commits](https://github.com/fxamacker/cbor/compare/v2.4.0...v2.5.0)

---
updated-dependencies:
- dependency-name: github.com/fxamacker/cbor/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-14 15:32:41 +00:00
dependabot[bot]
3d7ddfdacc
Bump github.com/newrelic/go-agent/v3 from 3.24.0 to 3.24.1 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.24.0 to 3.24.1.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.24.0...v3.24.1)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-14 15:32:36 +00:00
dependabot[bot]
e51e82b9f0
Bump google.golang.org/api from 0.134.0 to 0.136.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.134.0 to 0.136.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.134.0...v0.136.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-14 15:32:24 +00:00
github-actions[bot]
12bcb64b26
Merge pull request #1505 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.24.0 
Bump github.com/newrelic/go-agent/v3 from 3.23.1 to 3.24.0
 2023-08-08 09:14:20 +02:00
github-actions[bot]
4ded102f81
Merge pull request #1503 from smallstep/dependabot/go_modules/golang.org/x/net-0.14.0 
Bump golang.org/x/net from 0.13.0 to 0.14.0
 2023-08-07 21:16:16 +02:00
dependabot[bot]
91ef511e65
Bump github.com/newrelic/go-agent/v3 from 3.23.1 to 3.24.0 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.23.1 to 3.24.0.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.23.1...v3.24.0)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-07 16:01:49 +00:00
dependabot[bot]
e074b77243
Bump golang.org/x/net from 0.13.0 to 0.14.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/net/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-07 16:01:34 +00:00
Herman Slatman
e182c620c8
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-08-04 22:50:37 +02:00
Herman Slatman
645b6ffc18
Ensure no prompt is fired for loading provisioner decrypter 2023-08-04 22:50:22 +02:00
Herman Slatman
6de964f13a
Merge pull request #1495 from smallstep/herman/acme-attestation-errors 
Return more detailed errors to ACME clients using `device-attest-01`
 2023-08-04 21:01:32 +02:00
Mariano Cano
bdc7b1b691
Merge pull request #1501 from smallstep/safe-save 
Write configuration only if encoding succeeds
 2023-08-04 10:02:26 -07:00
Herman Slatman
0d09f3e202
Prevent data races with multiple PKCS7 encryption operations 2023-08-04 12:14:29 +02:00
Herman Slatman
cbc1be310d
Merge branch 'master' into herman/acme-attestation-errors 2023-08-04 11:24:59 +02:00
Herman Slatman
c952e9fc9d
Use NewDetailedError instead 2023-08-04 11:24:22 +02:00
Mariano Cano
30ce9e65f7
Write configuration only if encoding succeeds 
This commit fixes a problem when the ca.json is truncated if the
encoding of the configuration fails. This can happen by adding a new
provisioner with bad template data.

Related to smallstep/cli#994
 2023-08-03 17:54:49 -07:00
Herman Slatman
e2e9bf5494
Clarify some SCEP properties 2023-08-04 01:55:52 +02:00
Herman Slatman
70626b157d
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-08-04 01:36:39 +02:00
Mariano Cano
47d820561f
Merge pull request #1500 from smallstep/upgrade-crypto 
Fix adding certificate templates with ASN.1 functions
 2023-08-03 16:02:29 -07:00
Mariano Cano
4667060df8
Upgrade golang.org/x/net 
This commit fixes the vulnerability GO-2023-1988, improper rendering of
text nodes in golang.org/x/net/html.

More info: https://pkg.go.dev/vuln/GO-2023-1988
 2023-08-03 15:30:04 -07:00
Mariano Cano
103b4e1cf1
Fix adding certificate templates with ASN.1 functions 
This commit upgrades go.step.sm/crypto with a fix to validate the
templates that use custom functions.
 2023-08-03 15:30:04 -07:00
Herman Slatman
4186b2c2d0
Change JSON marshaling for SCEP provisioners 
Instead of the old method that redacted sensitive information
by overriding the value of the property and changing it back
to the original, the API now uses a model specifically meant
for API responses. This prevents potential race conditions.

This may be iterated on a bit so that we don't need to rely
on the [provisioner.Interface] interface, which requires the
API model to implement unnecessary methods.
 2023-08-03 17:21:50 +02:00
Herman Slatman
d754000a68
Fix SCEP provisioner API test 2023-08-03 16:20:04 +02:00
Herman Slatman
c0a1837cd9
Verify full decrypter/signer configuration at usage time 
When changing the SCEP configuration it is possible that one
or both of the decrypter configurations required are not available
or have been provided in a way that's not usable for actual SCEP
requests.

Instead of failing hard when provisioners are loaded,
which could result in the CA not starting properly, this type of
problematic configuration errors will now be handled at usage
time instead.
 2023-08-03 16:09:51 +02:00
Herman Slatman
88ed900dc3
Rely on the latest linkedca 2023-08-03 15:37:18 +02:00
Herman Slatman
0f35bb1af5
Defer missing decrypter/signer configuration errors to SCEP authority 2023-08-03 15:34:20 +02:00
Herman Slatman
afdd8d3786
Upgrade golang.org/x/net to v0.13.0 2023-08-03 14:48:26 +02:00
Herman Slatman
f3c24fe875
Change how multiple identifiers are printed in errors 2023-08-03 14:45:00 +02:00
Herman Slatman
4496830859
Merge branch 'master' into herman/acme-attestation-errors 2023-08-02 21:45:15 +02:00