Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,630 Commits
41 Branches
215 Tags
93 MiB
master
fix-1637
dependabot/go_modules/github.com/slackhq/nebula-1.9.3
dependabot/go_modules/github.com/google/go-tpm-0.9.1
wire-acme-extensions
mariano/init-provisioners
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.26.2
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8a1c8b394a'
${ noResults }
Commit Graph

100 Commits (8a1c8b394a831cec7e9fbff20084479d9eec6ea8)

Author SHA1 Message Date
max furman f88f58440f add //nolint for new 1.16 deprecation warnings 
- dsa
- pem.DecryptPEMBlock
 3 years ago
Mariano Cano c94a1c51be Merge branch 'master' into ssh-cert-templates 4 years ago
Mariano Cano ba918100d0 Use go.step.sm/crypto/jose 
Replace use of github.com/smallstep/cli/crypto with the new package
go.step.sm/crypto/jose.
 4 years ago
Mariano Cano aaaa7e9b4e Merge branch 'master' into cert-templates 4 years ago
max furman 8e3481a8ef [logger map] small optimization 
Rather than doing two key writes and one lookup, just write once.
 4 years ago
max furman 55bf5a4526 Add cert logging for acme/certificate api 4 years ago
Mariano Cano 4943ae58d8 Move TLSOption, TLSVersion, CipherSuites and ASN1DN to certificates. 4 years ago
Mariano Cano e83e47a91e Use sshutil and randutil from go.step.sm/crypto. 4 years ago
Mariano Cano 3b19bb9796 Add TemplateData to SSHSignRequest. 
Add some omitempty tags.
 4 years ago
Mariano Cano 6c64fb3ed2 Rename provisioner options structs: 
* provisioner.ProvisionerOptions => provisioner.Options
* provisioner.Options => provisioner.SignOptions
* provisioner.SSHOptions => provisioner.SingSSHOptions
 4 years ago
Mariano Cano 068bafe5a3 Add templateData to api sign request. 4 years ago
max furman fd05f3249b A few last fixes and tests added for rekey/renew ... 
- remove all `renewOrRekey`
- explicitly test difference between renew and rekey (diff pub keys)
- add back tests for renew
 4 years ago
dharanikumar-s dfda497929 Renamed RenewOrRekey to Rekey 4 years ago
dharanikumar-s a3b5211e0f gofmted the code 4 years ago
dharanikumar-s 954fda657b Added renewOrRekey to mockAuthority. Added Test_caHandler_Rekey 4 years ago
dharanikumar-s 01a6469d25 Moved peer certificate check to the first line 4 years ago
dharanikumar-s 8f504483ce Added RenewOrRekey function based on @maraino suggestion. RenewOrReky is called from Renew. 4 years ago
dharanikumar-s 3813f57b1a Add support for rekeying Fixes #292 4 years ago
Mariano Cano b0ff731d18 Add support for user provisioner certificates on OIDC provisioners. 
OIDC provisioners create an SSH certificate with two principals. This
was avoiding the creationg of user provisioner certificates for those
provisioners.

Fixes smallstep/cli#268
 4 years ago
David Cowden eb42ea90db ssh/api: Use host tags instead of groups 
Tags are more flexible and what we use in the managed offering.
 4 years ago
Mariano Cano bfe1f4952d Rename interface to CertificateEnforcer and add tests. 4 years ago
Mariano Cano 64f26c0f40 Enforce a duration for identity certificates. 4 years ago
Mariano Cano fa416336a8 Add context to tests. 4 years ago
Mariano Cano c49a9d5e33 Add context parameter to all SSH methods. 4 years ago
max furman 1cb8bb3ae1 Simplify statuscoder error generators. 4 years ago
max furman dccbdf3a90 Introduce generalized statusCoder errors and loads of ssh unit tests. 
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
 4 years ago
Mariano Cano ed26e97487 Fix tests. 4 years ago
Mariano Cano c1bd1561dd Renew identity certificate in /ssh/rekey and /ssh/renew 4 years ago
max furman b9f6aacb0f Move api errors to their own package and modify the typedef 4 years ago
Mariano Cano dedf6b17be Addapt tests to the api change. 4 years ago
max furman 3ac388612a Use x5cInsecure token for /ssh/check-host endpoint 4 years ago
Mariano Cano f0eb12372b Add missing unit tests for ssh. 4 years ago
Mariano Cano f6ffa2cc43 Check at the cert type instead of at the body. 4 years ago
Mariano Cano 5d7829b198 Replace /ssh/get-hosts to /ssh/hosts 4 years ago
Mariano Cano d8b3e05a3f Add error marshaling tests. 4 years ago
Mariano Cano 7b81bec8aa Use default duration for host certificates identity files. 4 years ago
Mariano Cano b179ad3662 Fix api tests. 4 years ago
Mariano Cano 3a16835cdd Make identity duration the same as the SSH cert. 4 years ago
Mariano Cano 4f08a7816f Fix extra write header. 4 years ago
max furman 656f35e522 Use an actual Hosts type when returning ssh hosts 4 years ago
Mariano Cano c60641701b Add version endpoint. 4 years ago
max furman f92bb06b6c change func def for getSSHHosts 
* continue to return all hosts if injection method not specified
 4 years ago
Mariano Cano 11c8639782 Add identity certificate in ssh response. 4 years ago
max furman d940ab7c20 Add getSSHHosts injection func 4 years ago
Mariano Cano 8bf3bf701e Add support for /ssh/bastion method. 4 years ago
max furman 54e3cf7322 Add multiuse capability to k8ssa provisioners 4 years ago
Mariano Cano 0ae9bab21e Fix api tests. 4 years ago
max furman 29853ae016 sshpop provisioner + ssh renew | revoke | rekey first pass 4 years ago
max furman 862d704f6b get-hosts fixes 4 years ago
max furman 5616386eed Add SSH getHosts api 4 years ago