Carl Tashian
|
73fc350b84
|
Add note about PKCS#11
|
2021-02-01 11:56:24 -08:00 |
|
Mariano Cano
|
51ac28656e
|
Fix protection level for host keys in cloudkms script.
Fixes #460
|
2021-01-29 16:11:25 -08:00 |
|
Mariano Cano
|
7f9d7eadc9
|
Attempt to delete key and certificate with the same name.
Nitrokey will override the label of the key with the certificate one.
If they are stored with the same id.
|
2021-01-29 13:31:07 -08:00 |
|
Mariano Cano
|
162c535705
|
Add option to not store certificates in the pkcs11 module.
|
2021-01-28 20:13:28 -08:00 |
|
Mariano Cano
|
50e9018a44
|
Fix missing return.
|
2021-01-28 19:53:25 -08:00 |
|
Mariano Cano
|
84a3c8c984
|
Rename nitrokey initialization to opensc.
|
2021-01-28 19:51:17 -08:00 |
|
Mariano Cano
|
b7afc92758
|
Complete tests.
|
2021-01-28 19:48:08 -08:00 |
|
Mariano Cano
|
3a479cb0e8
|
Add support for nitrokey.
|
2021-01-28 19:47:44 -08:00 |
|
Mariano Cano
|
e78d45a060
|
Add benchmarks for signing operations.
|
2021-01-28 19:46:48 -08:00 |
|
Mariano Cano
|
673675fa89
|
Convert pkcs11 tests to use tags.
|
2021-01-28 14:43:22 -08:00 |
|
Mariano Cano
|
6c113542c8
|
Fix ecdsa signature verification test.
|
2021-01-28 11:38:21 -08:00 |
|
Carl Tashian
|
9fd0964e1c
|
Add SystemCallFilter=@system-service
|
2021-01-28 09:45:20 -08:00 |
|
Carl Tashian
|
2af73881d7
|
Add ProtectHome=true
|
2021-01-28 07:48:21 -08:00 |
|
Mariano Cano
|
35bf9b787e
|
Implement ecdsa.VerifyASN1 to be compatible with go < 1.15
|
2021-01-27 20:35:42 -08:00 |
|
Mariano Cano
|
d9da150a5f
|
Fix test.
|
2021-01-27 20:23:45 -08:00 |
|
Mariano Cano
|
294f84b8d4
|
Add initial set of unit tests for pkcs11 kms.
|
2021-01-27 20:17:14 -08:00 |
|
Carl Tashian
|
82f82d438c
|
Add systemd files
|
2021-01-27 17:29:29 -08:00 |
|
Mariano Cano
|
6c0cf99b24
|
Upgrade nosql with a 32-bit version of badger.
|
2021-01-27 11:02:56 -08:00 |
|
Mariano Cano
|
a6c784d5dd
|
Add missing pkcs11 package.
|
2021-01-26 20:15:57 -08:00 |
|
Mariano Cano
|
8dca652bc7
|
Add support for PKCS #11 KMS.
The implementation works with YubiHSM2. Unit tests are still pending.
Fixes #301
|
2021-01-26 20:03:53 -08:00 |
|
Mariano Cano
|
c61222de1d
|
Upgrade nosql version.
nosql has newer version of badgers v1 and v2.
|
2021-01-21 18:03:55 -08:00 |
|
Max
|
fc93d60c5d
|
Merge pull request #453 from smallstep/max/csr-san-empty
Allow empty SAN in CSR for validation ...
|
2021-01-14 19:30:11 -06:00 |
|
max furman
|
16665c97f0
|
Allow empty SAN in CSR for validation ...
- The default template will always use the SANs from the token.
- If there are any SANs they must be validated against the token.
|
2021-01-14 15:26:46 -06:00 |
|
Mariano Cano
|
00c6f08612
|
Merge pull request #440 from mkkeffeler/smallstep-by-provisioner-appendedcert
Begins to fix issue 87
|
2020-12-28 17:49:00 -08:00 |
|
Miclain Keffeler
|
ffbfcfb1f2
|
format.
|
2020-12-28 18:46:21 -06:00 |
|
Miclain K Keffeler
|
7a1eb43bb1
|
Update options.go
|
2020-12-28 17:12:37 -06:00 |
|
Miclain K Keffeler
|
f3396bf964
|
Update softcas.go
|
2020-12-28 17:10:44 -06:00 |
|
Mariano Cano
|
71a8e87eec
|
Update go.sum with new version of go-piv.
|
2020-12-28 14:50:33 -08:00 |
|
Mariano Cano
|
6598ea9d73
|
Merge pull request #441 from gaffneyd4/gaffneyd4/x32
Bump go-piv to v1.7.0 for x32 overflow fix
|
2020-12-28 14:49:23 -08:00 |
|
Derek Gaffney
|
8416bd633d
|
Bump go-piv to v1.7.0 for x32 overflow fix
|
2020-12-27 20:27:39 -05:00 |
|
Miclain Keffeler
|
e9bfa061b8
|
Merge branch 'smallstep-by-provisioner-appendedcert' of https://github.com/mkkeffeler/certificates into smallstep-by-provisioner-appendedcert
|
2020-12-23 22:46:41 -06:00 |
|
Miclain Keffeler
|
cf063d1f4a
|
Revert "Begins to fix issue 87"
This reverts commit e2ba4159c3 .
|
2020-12-23 22:46:21 -06:00 |
|
Miclain Keffeler
|
21dc406382
|
Begins to fix issue 87
|
2020-12-23 22:46:21 -06:00 |
|
Miclain Keffeler
|
bfd13f1f72
|
Revert "Begins to fix issue 87"
This reverts commit e2ba4159c3 .
|
2020-12-23 22:43:47 -06:00 |
|
Miclain Keffeler
|
393c43201f
|
Merge branch 'smallstep-by-provisioner-appendedcert' of https://github.com/mkkeffeler/certificates into smallstep-by-provisioner-appendedcert
|
2020-12-23 22:41:36 -06:00 |
|
Miclain Keffeler
|
7545b4a625
|
leverage intermediate_ca.crt for appending certs.
|
2020-12-23 22:41:10 -06:00 |
|
Miclain Keffeler
|
e2ba4159c3
|
Begins to fix issue 87
|
2020-12-22 16:39:39 -06:00 |
|
Max
|
c255863816
|
Merge pull request #438 from smallstep/max/broken-validate-challenge-test
Fix broken ValidateChallenge test
|
2020-12-18 18:24:47 -05:00 |
|
max furman
|
265d49dbf8
|
Remove debug statement
|
2020-12-18 18:17:55 -05:00 |
|
max furman
|
1f9aa65d66
|
Add test case
|
2020-12-18 17:05:25 -05:00 |
|
max furman
|
20f8d950c4
|
Fix broken ValidateChallenge test
|
2020-12-18 11:18:42 -05:00 |
|
Mariano Cano
|
bae209741f
|
Merge pull request #436 from smallstep/upgrade-crypto
Upgrade crypto and validate token id
|
2020-12-17 15:12:32 -08:00 |
|
Mariano Cano
|
5017b7d21f
|
Recalculate token id instead of validating it.
|
2020-12-17 14:52:34 -08:00 |
|
Mariano Cano
|
86c947babc
|
Upgrade crypto and fix test.
|
2020-12-17 14:17:08 -08:00 |
|
Mariano Cano
|
0cf594a003
|
Validate payload ID.
Related to #435
|
2020-12-17 13:35:14 -08:00 |
|
Mariano Cano
|
d6ea8b13ab
|
Upgrade crypto.
Related to #435
|
2020-12-17 13:34:50 -08:00 |
|
Mariano Cano
|
1feb4fcb26
|
Merge branch 'glance--sshagentkms'
|
2020-11-18 17:53:15 -08:00 |
|
Mariano Cano
|
ccc403cf89
|
Fix comments, and return an error instead of fatal.
|
2020-11-18 17:50:21 -08:00 |
|
Mariano Cano
|
7d9997618f
|
Upgrade crypto to v0.7.1
Add basic constraints extensions if defined.
|
2020-11-18 16:57:24 -08:00 |
|
max furman
|
19a3cd10a1
|
[docs] provisioners fix attr dupe and give warning about stale docs
|
2020-11-18 16:57:24 -08:00 |
|