Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-11-11 07:11:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,480 Commits 37 Branches 223 Tags 44 MiB
6297bace1a
Commit Graph

159 Commits

Author SHA1 Message Date
Herman Slatman
0f1c509e4b
Remove debug utility 2023-01-31 23:48:53 +01:00
Herman Slatman
60a9e41c1c
Remove Identifier from top level ACME Errors 2023-01-26 14:59:08 +01:00
Herman Slatman
edee01c80c
Refactor debug utility 2023-01-26 13:41:01 +01:00
Herman Slatman
1c38113e44
Add ACME Subproblem for more detailed ACME client-side errors 
When validating an ACME challenge (`device-attest-01` in this case,
but it's also true for others), and validation fails, the CA didn't
return a lot of information about why the challenge had failed. By
introducing the ACME `Subproblem` type, an ACME `Error` can include
some additional information about what went wrong when validating
the challenge.

This is a WIP commit. The `Subproblem` isn't created in many code
paths yet, just for the `step` format at the moment. Will probably
follow up with some more improvements to how the ACME error is
handled. Also need to cleanup some debug things (q.Q)
 2023-01-26 13:29:31 +01:00
Herman Slatman
817edcbba5
Remove charset=utf-8 from ACME certificate requests 2022-11-09 19:57:50 +01:00
Herman Slatman
3eae04928f
Add tests for ACME Meta object 2022-11-07 15:35:42 +01:00
Herman Slatman
b9f238ad4d
Add additional ACME meta properties to provisioner configuration 2022-10-24 22:37:57 +02:00
Herman Slatman
c9793561ff
Make meta object optional in ACME directory response 
Harware appliances from Kemp seem to validate the contents of the
`meta` object, even if none of the properties in the `meta` object
is set. According to the RFC, the `meta` object, as well as its
properties are optional, so technically this should be fixed by
the manufacturer.

This commit is to see if we validation of the `meta` object is
skipped if it's not available in the response.
 2022-10-24 14:14:28 +02:00
Mariano Cano
99299faeeb
Add AuthorizeChallenge unit tests 2022-09-20 19:03:03 -07:00
Mariano Cano
2b3b2c283a
Add attestation certificate validation for Apple devices 2022-09-20 18:51:43 -07:00
Brandon Weeks
5f5315260a
iOS 16 beta 1 support 2022-09-20 16:53:08 -07:00
max furman
ab0d2503ae
Standardize linting file and fix or ignore lots of linting errors 2022-09-20 16:35:41 -07:00
Mariano Cano
829530ae90 Fix linter errors 2022-09-15 18:24:43 -07:00
Mariano Cano
0f651799d0 Reject not enabled attestation formats 2022-09-08 17:38:05 -07:00
Mariano Cano
fd4e96d1f4 Rename method to IsChallengeEnabled 2022-09-08 13:22:35 -07:00
Mariano Cano
c77b4ff9c5 Fix linter errors 2022-09-08 12:49:16 -07:00
Mariano Cano
59c5219a07 Use a type for acme challenges 2022-09-08 12:34:06 -07:00
Mariano Cano
a89bea701d Format comment 2022-09-08 11:06:17 -07:00
Mariano Cano
5df9434286 Fix old comment, device-attest-01 uses the acme payload 2022-09-08 10:59:51 -07:00
Mariano Cano
3cd72ac72a Remove debug statements 2022-09-08 10:44:48 -07:00
Mariano Cano
df96b126dc Add AuthorizeChallenge unit tests 2022-08-24 12:31:09 -07:00
Mariano Cano
bca311b05e Add acme property to enable challenges 
Fixes #1027
 2022-08-23 17:11:40 -07:00
Mariano Cano
ae8d4d8757 Fix unit test 2022-08-23 17:01:15 -07:00
Mariano Cano
693dc39481 Merge branch 'master' into device-attestation 2022-08-22 17:59:17 -07:00
max furman
c040e4b459 Add unit tests 2022-08-16 15:48:23 -07:00
max furman
b7c2f6c482 Check for DNS name validity 2022-08-16 00:12:31 -07:00
Mariano Cano
66356cff43 Add attestation certificate validation for Apple devices 2022-07-14 17:10:03 -07:00
Brandon Weeks
7e1b0bebd9 iOS 16 beta 1 support 2022-06-23 05:19:36 +10:00
Brandon Weeks
2ac8b69da2 Add ACME permanent-identifier identifier type 2022-06-23 05:19:36 +10:00
Brandon Weeks
aacd6f4cc6 Add device-attest-01 challenge type 2022-06-23 05:19:36 +10:00
Shulhan
fe04f93d7f
all: reformat all go files with the next gofmt (Go 1.19) 
There are some changes that manually edited, for example using '-' as
default list and grouping imports.
 2022-06-16 01:28:59 +07:00
Herman Slatman
abfbbc8d49
Merge pull request #946 from smallstep/herman/acme-csr-padding 
Strip base64-url padding from ACME CSR
 2022-05-25 23:25:34 +02:00
Herman Slatman
fd546287ac
Strip base64-url padding from ACME CSR 
This commit strips the padding from a base64-url encoded CSR
submitted by a client that doesn't use raw base64-url encoding.
 2022-05-25 22:46:26 +02:00
Mariano Cano
e7f4eaf6c4 Remove explicit deprecation notice 
This will avoid linter errors on other projects for now.
 2022-05-23 14:04:31 -07:00
Mariano Cano
d461918eb0 Merge branch 'master' into context-authority 2022-05-06 13:21:41 -07:00
Mariano Cano
2ea0c70344 Move acme context middleware to deprecated handler 2022-05-05 12:25:07 -07:00
Mariano Cano
9147356d8a Fix linter errors 2022-05-02 18:47:47 -07:00
Mariano Cano
ba499eeb2a Fix acme/api tests. 2022-05-02 17:40:10 -07:00
Mariano Cano
6f9d847bc6 Fix panic in acme/api tests. 2022-05-02 17:35:35 -07:00
Mariano Cano
d1f75f1720 Refactor ACME api. 2022-04-28 19:15:18 -07:00
Mariano Cano
fddd6f7d95 Move linker to the acme package. 2022-04-28 15:15:50 -07:00
Mariano Cano
55b0f72821 Add context methods for the acme linker. 2022-04-28 15:14:15 -07:00
Mariano Cano
bb8d85a201 Fix unit tests - work in progress 2022-04-27 19:08:16 -07:00
Mariano Cano
42435ace64 Use scep authority from context 
This commit also converts all the methods from the handler to
functions.
 2022-04-27 18:06:53 -07:00
Mariano Cano
d13537d426 Use context in the acme handlers. 2022-04-27 15:42:26 -07:00
Herman Slatman
6e1f8dd7ab
Refactor policy engines into container 2022-04-26 13:12:16 +02:00
Herman Slatman
2a7620641f
Fix more PR comments 2022-04-26 10:15:17 +02:00
Herman Slatman
fb81407d6f
Fix ACME policy comments 2022-04-21 13:21:06 +02:00
Herman Slatman
a9f033ece5
Fix JSON property name for ACME policy 2022-04-15 10:58:40 +02:00
Herman Slatman
256fe113f7
Improve tests for ACME account policy 2022-04-11 15:25:55 +02:00