Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-11-19 09:25:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,022 Commits 40 Branches 223 Tags 44 MiB
567d96c771
Commit Graph

62 Commits

Author SHA1 Message Date
Mariano Cano
191d9e8629
Use go.step.sm/crypto to set the permanent identifier 2022-09-20 18:57:43 -07:00
Mariano Cano
2b3b2c283a
Add attestation certificate validation for Apple devices 2022-09-20 18:51:43 -07:00
Brandon Weeks
5f5315260a
iOS 16 beta 1 support 2022-09-20 16:53:08 -07:00
Brandon Weeks
6f2b4d3042
Add ACME permanent-identifier identifier type 2022-09-20 16:48:28 -07:00
max furman
ab0d2503ae
Standardize linting file and fix or ignore lots of linting errors 2022-09-20 16:35:41 -07:00
Mariano Cano
34c6c65671 Pass attestation information to the Sign method 
Attestation information might be useful in authorizing webhooks
 2022-09-16 12:37:41 -07:00
Mariano Cano
3cd72ac72a Remove debug statements 2022-09-08 10:44:48 -07:00
Mariano Cano
54d92095ac Validate proof of possession signature 
On the step format, validate proof of possession of the private
key validating the signature in the attestation statement.
 2022-09-01 10:45:31 -07:00
Mariano Cano
59b7603d1e Use a clientAuth only cert for device-attest-01 2022-08-30 16:09:44 -07:00
Mariano Cano
2f7cb9225f Use go.step.sm/crypto to set the permanent identifier 2022-08-10 17:38:18 -07:00
Mariano Cano
66356cff43 Add attestation certificate validation for Apple devices 2022-07-14 17:10:03 -07:00
Brandon Weeks
7e1b0bebd9 iOS 16 beta 1 support 2022-06-23 05:19:36 +10:00
Brandon Weeks
2ac8b69da2 Add ACME permanent-identifier identifier type 2022-06-23 05:19:36 +10:00
Herman Slatman
80bebda69c
Fix code style issue 2021-12-20 13:40:17 +01:00
Herman Slatman
bc0875bd7b
Disallow email address and URLs in the CSR 
Before this commit `step` would allow email addresses and URLs
in the CSR. This doesn't fit nicely with the rest of ACME, in which
identifiers need to be authorized before a certificate is issued.
 2021-12-13 16:14:39 +01:00
Herman Slatman
13a31fd862
Merge branch 'master' into herman/ip-sans-improvements 2021-12-13 16:04:53 +01:00
Herman Slatman
ca707cbe05
Fix linting 2021-12-13 16:01:40 +01:00
Herman Slatman
a2c9b5cd7e
Allow IP identifiers in subject, including authorization enforcement 
To support IPs in the subject using `step-cli`, this PR ensures that
Subject Common Names that can be parsed as an IP are also checked
to have been authorized before.

The PR for `step-cli` is here: github.com/smallstep/cli/pull/576.
 2021-12-13 15:34:56 +01:00
Herman Slatman
06bb97c91e
Add logic for Account authorizations and improve tests 2021-12-02 16:25:35 +01:00
Herman Slatman
29f9730485
Satisfy golangci-lint 2021-11-12 17:13:10 +01:00
max furman
933b40a02a Introduce gocritic linter and address warnings 2021-10-08 14:59:57 -04:00
Herman Slatman
8e4a4ecc1f
Refactor tests for sans 2021-06-26 00:48:40 +02:00
Herman Slatman
87b72afa25
Fix IP equality check and add more tests 2021-06-26 00:13:44 +02:00
Herman Slatman
64c15fde7e
Add tests for canonicalize function 2021-06-25 14:07:40 +02:00
Herman Slatman
218a2adb9f
Add tests for IP Order validations 2021-06-18 16:09:48 +02:00
Herman Slatman
84ea8bd67a
Fix PR comments 2021-06-18 12:03:46 +02:00
Herman Slatman
af4803b8b8
Fix tests 2021-06-04 11:14:59 +02:00
Herman Slatman
a6405e98a9
Remove fmt. 2021-06-04 00:06:15 +02:00
Herman Slatman
76dcf542d4
Fix mixed DNS and IP SANs in Order 2021-06-03 22:45:24 +02:00
Herman Slatman
af615db6b5
Support DNS and IPs as SANs in single Order 2021-06-03 22:03:21 +02:00
Herman Slatman
3e36522329
Add preliminary support for TLS-ALPN-01 challenge for IP identifiers 2021-05-29 00:19:14 +02:00
Herman Slatman
6d9710c88d
Add initial support for ACME IP validation 2021-05-28 16:40:46 +02:00
max furman
440678cb62 Add markInvalid arg to storeError for invalidating challenge 2021-03-29 22:58:26 -07:00
max furman
6b8585c702 PR review fixes / updates 2021-03-29 12:04:14 -07:00
max furman
1831920363 Finish order unit tests and remove unused mocklinker 2021-03-25 13:46:51 -07:00
max furman
bdf4c0f836 add acme order unit tests 2021-03-25 12:05:46 -07:00
max furman
c0a9f24798 add authorization and order unit tests 2021-03-25 12:05:46 -07:00
max furman
f72b2ff2c2 [acme db interface] nosql authz unit tests 2021-03-25 12:05:46 -07:00
max furman
8d2ebcfd49 [acme db interface] more unit tests 2021-03-25 12:05:46 -07:00
max furman
fc395f4d69 [acme db interface] compiles! 2021-03-25 12:05:46 -07:00
max furman
80a6640103 [acme db interface] wip 2021-03-25 12:05:46 -07:00
max furman
1135ae04fc [acme db interface] wip 2021-03-25 12:05:46 -07:00
max furman
03ba229bcb [acme db interface] wip more errors 2021-03-25 12:05:46 -07:00
max furman
2ae43ef2dc [acme db interface] wip errors 2021-03-25 12:05:46 -07:00
max furman
121cc34cca [acme db interface] wip 2021-03-25 12:05:45 -07:00
max furman
461bad3fef [acme db interface] wip 2021-03-25 12:05:45 -07:00
max furman
4c48048615 Use sync.Mutex as value 2020-10-20 17:56:15 -07:00
max furman
272cce522e Fix test and change method name 2020-10-20 17:18:20 -07:00
max furman
f34fb80eb6 [acme] Use lock for ordersByAccID and type to house methods 2020-10-20 16:25:16 -07:00
Mariano Cano
c8d225a763 Use x509util from go.step.sm/crypto/x509util 2020-08-05 16:02:46 -07:00