Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-10-31 03:20:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,419 Commits 37 Branches 223 Tags 44 MiB
d25289a099
Commit Graph

236 Commits

Author SHA1 Message Date
Mariano Cano
ffbbdf6f04
Update api/ssh.go 
Co-authored-by: Max <mx.furman@gmail.com>
 2024-07-11 12:35:39 -07:00
Mariano Cano
955338a80d
Create identity uri on any provisioner 
This commit allows the creation of the identity certificate with the
host URI using any provisioner. Before, only the K8SSA provisioner could
create an identity certificate with the URI.
 2024-07-11 12:27:15 -07:00
Mariano Cano
c0b7c33a58
Use a function as the error logger 
This commit addresses comment in the code review. Now, instead of
injecting an slog.Logger we can inject any method that can use a more
flexible implementation.
 2024-05-16 11:00:36 -07:00
Mariano Cano
f3f484cee2
Log errors using slog.Logger 
This commit allows logging errors in a slog.Logger injected in the
context. This type of logger is not currently used directly in step-ca,
but this will change in the future.
 2024-05-15 15:40:40 -07:00
verytrap
db92404342 chore: fix function names in comment 
Signed-off-by: verytrap <wangqiuyue@outlook.com>
 2024-04-10 10:35:39 +08:00
Mariano Cano
10f6a901ec
Let the CA determine the RA lifetime 
When the RA mode with StepCAS is used, let the CA decide which lifetime
the RA should get instead of requiring always 24h.

This commit also fixes linter warnings.

Related to #1094
 2024-03-12 14:29:55 -07:00
Herman Slatman
cf8a50157f
Add a basic e2e test for X-Request-Id reflection 2024-02-28 01:05:38 +01:00
Herman Slatman
041b486c55
Remove usages of Sign without context 2024-02-27 14:16:21 +01:00
Herman Slatman
2a8b80a3e1
Merge branch 'master' into herman/webhook-request-id 2024-02-27 12:17:10 +01:00
Herman Slatman
3dbb4aad3d
Change CRL unavailable case to HTTP 404 2024-02-14 10:49:18 +01:00
Herman Slatman
c76dad8a22
Improve tests for CRL HTTP handler 2024-02-08 15:03:57 +01:00
Herman Slatman
d1deb7f930
Add Expires header to CRL response 2024-02-08 14:10:48 +01:00
Mariano Cano
b20af51f32
Upgrade go.step.sm/crypto to use go-jose/v3 2023-12-12 16:36:48 -08:00
Max
9f84f7ce35
Allow for identity certificate signing (in sshSign) by skipping validators (#1572) 
- skip urisValidator for identity certificate signing. Implemented
  by building the validator with the context in a hacky way.
 2023-10-06 14:02:19 -07:00
Mariano Cano
52baf52f84
Change scep password type to string 
This commit changes the type of the decrypter key password to string to
be consistent with other passwords in the ca.json
 2023-09-26 10:36:58 -07:00
Mariano Cano
33bdae4a34
Fix redacted tests 2023-09-25 15:57:01 -07:00
Mariano Cano
4d5fbfa439
Fix redacted types in SCEP provisioner 
This commit uses the same types for the fields in the provisioner.SCEP
type and the "redacted" models.SCEP.
 2023-09-25 15:49:45 -07:00
Herman Slatman
ffe079f31b
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-23 00:06:56 +02:00
Herman Slatman
5fd70af2c8
Make API responses aware of the new SCEP decrypter properties 2023-09-22 11:38:03 +02:00
Herman Slatman
3ade92f8d5
Support both a decrypter key URI as well as PEM 2023-09-22 11:10:22 +02:00
Dominic Evans
231b5d8406 chore(deps): upgrade github.com/go-chi/chi to v5 
Upgrade chi to the v5 module path to avoid deprecation warning about v4
and earlier on the old module path.

See https://github.com/go-chi/chi/blob/v4.1.3/go.mod#L1-L4

Signed-off-by: Dominic Evans <dominic.evans@uk.ibm.com>
 2023-09-20 11:26:32 +01:00
Herman Slatman
4ef093dc4b
Fix broken tests relying on Sign in mocks 2023-09-19 16:55:59 +02:00
Herman Slatman
9e3807eaa3
Use SignWithContext in the critical paths 2023-09-19 16:34:29 +02:00
Herman Slatman
4e06bdbc51
Add SignWithContext method to authority and mocks 2023-09-19 16:30:53 +02:00
Herman Slatman
98d015b5c3
Fix linting issues 2023-09-04 15:36:37 +02:00
Herman Slatman
d9f56cdbdc
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-04 15:24:19 +02:00
Herman Slatman
9d3b78ae49
Add excludeIntermediate to SCEP provisioner 2023-09-04 14:55:27 +02:00
Max
116ff8ed65
bump go.mod to go1.20 and associated linter fixes (#1518) 2023-08-29 11:52:13 -07:00
Herman Slatman
4186b2c2d0
Change JSON marshaling for SCEP provisioners 
Instead of the old method that redacted sensitive information
by overriding the value of the property and changing it back
to the original, the API now uses a model specifically meant
for API responses. This prevents potential race conditions.

This may be iterated on a bit so that we don't need to rely
on the [provisioner.Interface] interface, which requires the
API model to implement unnecessary methods.
 2023-08-03 17:21:50 +02:00
Herman Slatman
d754000a68
Fix SCEP provisioner API test 2023-08-03 16:20:04 +02:00
Herman Slatman
6985b4be62
Clean up the SCEP authority and provisioner 2023-06-01 14:43:32 +02:00
Herman Slatman
180162bd6a
Refactor SCEP provisioner and decrypter 2023-06-01 12:10:54 +02:00
Herman Slatman
0377fe559b
Add basic version of provisioner specific SCEP decrypter 2023-05-26 23:52:49 +02:00
Max
df13351586
Merge pull request #1381 from smallstep/max/go-1.19 
Bump go.mod golang version to 1.19
 2023-05-10 10:34:24 -07:00
max furman
8b256f0351
address linter warning for go 1.19 2023-05-09 23:47:28 -07:00
Herman Slatman
017c3273ef
Merge pull request #1374 from smallstep/herman/log-ssh-certificate 
Log SSH certificates
 2023-05-09 17:21:03 +02:00
Herman Slatman
f17bfdf57d
Reformat the SSH certificate logging output for read- and parsability 2023-05-08 13:46:20 +02:00
Herman Slatman
4c56877d97
Add SSH certificate logging to renew and rekey too 2023-05-05 11:06:01 +02:00
Panagiotis Siatras
2139121683
optimized render.JSON (#929) 
* api/render: render JSON directly to the underlying writer

* also consider json.MarshalerError a panic
 2023-05-04 22:16:12 +03:00
Herman Slatman
81140f859c
Fix valid-from and valid-to times 2023-05-04 16:15:03 +02:00
Herman Slatman
39e658b527
Add test for LogSSHCertificate 2023-05-04 15:52:49 +02:00
Herman Slatman
922f702da3
Add logging for SSH certificate issuance 2023-05-04 15:33:06 +02:00
Herman Slatman
f9ec62f46c
Merge branch 'master' into herman/improve-scep-marshaling 2023-05-04 10:47:53 +02:00
Panagiotis Siatras
d797941137
do not render CRLs in memory (#1373) 2023-05-03 23:49:26 +03:00
Herman Slatman
c365d8580e
Move provisioner marshaling logic to api package 2022-12-13 10:26:34 +01:00
Herman Slatman
b8c306ebfa
Refactor tests stylistically 2022-11-18 10:26:03 +01:00
Panagiotis Siatras
9197de3e96
api/log: removed dependency to certificates/logging 2022-11-17 16:04:21 +02:00
Panagiotis Siatras
b7f4881972
merged log tests 2022-11-17 16:00:01 +02:00
Herman Slatman
27bbc3682b
Improve error log test readability 2022-11-17 13:07:19 +01:00
Herman Slatman
362be72120
Fix StackTracedError logging 
When running with `STEPDEBUG=1`, a response with a `StackTracedError`
would result in a nil pointer error. This commit fixes the check and
adds a test case.
 2022-11-17 12:34:30 +01:00