Commit Graph

556 Commits

Author SHA1 Message Date
Mariano Cano
0d80473157
Upgrade golang.org/x/net
When the Go client is configured with an http2.Transport we need to
upgrade x/net due to:
  - net/http: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
2023-02-14 13:11:25 -08:00
dependabot[bot]
045ae52452
Bump golang.org/x/net from 0.5.0 to 0.6.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/compare/v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-14 17:36:34 +00:00
Mariano Cano
6ba20209c2
Verify CSR key fingerprint with attestation certificate key
This commit makes sure that the attestation certificate key matches the
key used on the CSR on an ACME device attestation flow.
2023-02-09 16:48:43 -08:00
dependabot[bot]
c9814be699
Bump google.golang.org/api from 0.108.0 to 0.109.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.108.0 to 0.109.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.108.0...v0.109.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 15:10:38 +00:00
Herman Slatman
da00046a61
Merge pull request #1235 from smallstep/herman/acme-da-subject-check
Improve validation and error messages for Orders with Permanent Identifier
2023-02-02 23:50:40 +01:00
Herman Slatman
0f1c509e4b
Remove debug utility 2023-01-31 23:48:53 +01:00
Max
0c5e7f1b5c
Merge pull request #1245 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.23.2
Bump go.step.sm/crypto from 0.23.1 to 0.23.2
2023-01-30 09:39:43 -08:00
dependabot[bot]
9a539f22fc
Bump go.step.sm/crypto from 0.23.1 to 0.23.2
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.23.1 to 0.23.2.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.23.1...v0.23.2)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-30 15:14:01 +00:00
dependabot[bot]
c32e84b436
Bump google.golang.org/grpc from 1.52.0 to 1.52.3
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.52.0 to 1.52.3.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.52.0...v1.52.3)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-30 15:13:21 +00:00
Herman Slatman
7c632629dd
Merge branch 'master' into herman/acme-da-subject-check 2023-01-26 15:52:45 +01:00
Herman Slatman
1c38113e44
Add ACME Subproblem for more detailed ACME client-side errors
When validating an ACME challenge (`device-attest-01` in this case,
but it's also true for others), and validation fails, the CA didn't
return a lot of information about why the challenge had failed. By
introducing the ACME `Subproblem` type, an ACME `Error` can include
some additional information about what went wrong when validating
the challenge.

This is a WIP commit. The `Subproblem` isn't created in many code
paths yet, just for the `step` format at the moment. Will probably
follow up with some more improvements to how the ACME error is
handled. Also need to cleanup some debug things (q.Q)
2023-01-26 13:29:31 +01:00
Herman Slatman
f1724ea8c5
Merge branch 'master' into herman/acme-da-tpm 2023-01-23 22:52:56 +01:00
Max
fc452e560c
Merge pull request #1236 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.20.3
Bump github.com/newrelic/go-agent/v3 from 3.20.2 to 3.20.3
2023-01-23 12:15:22 -08:00
Max
4621b95f38
Merge pull request #1237 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.12
Bump github.com/urfave/cli from 1.22.11 to 1.22.12
2023-01-23 12:12:38 -08:00
Max
2d174472e7
Merge pull request #1238 from smallstep/dependabot/go_modules/google.golang.org/api-0.108.0
Bump google.golang.org/api from 0.107.0 to 0.108.0
2023-01-23 12:07:26 -08:00
dependabot[bot]
cb8a2ee69f
Bump github.com/hashicorp/vault/api from 1.8.2 to 1.8.3
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:07:04 +00:00
dependabot[bot]
626a3a87b4
Bump google.golang.org/api from 0.107.0 to 0.108.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.107.0 to 0.108.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.107.0...v0.108.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:06:54 +00:00
dependabot[bot]
925a228656
Bump github.com/urfave/cli from 1.22.11 to 1.22.12
Bumps [github.com/urfave/cli](https://github.com/urfave/cli) from 1.22.11 to 1.22.12.
- [Release notes](https://github.com/urfave/cli/releases)
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md)
- [Commits](https://github.com/urfave/cli/compare/v1.22.11...v1.22.12)

---
updated-dependencies:
- dependency-name: github.com/urfave/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:06:37 +00:00
dependabot[bot]
07fd03c3f3
Bump github.com/newrelic/go-agent/v3 from 3.20.2 to 3.20.3
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.20.2 to 3.20.3.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.2...v3.20.3)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:06:26 +00:00
Max
5bab65aa49
Merge pull request #1232 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.11
Bump github.com/urfave/cli from 1.22.10 to 1.22.11
2023-01-18 14:09:29 -08:00
Max
925f32e82f
Merge pull request #1231 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.52.0
Bump google.golang.org/grpc from 1.51.0 to 1.52.0
2023-01-18 14:08:53 -08:00
dependabot[bot]
fb39fccf6a
Bump github.com/urfave/cli from 1.22.10 to 1.22.11
Bumps [github.com/urfave/cli](https://github.com/urfave/cli) from 1.22.10 to 1.22.11.
- [Release notes](https://github.com/urfave/cli/releases)
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md)
- [Commits](https://github.com/urfave/cli/compare/v1.22.10...v1.22.11)

---
updated-dependencies:
- dependency-name: github.com/urfave/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:56:04 +00:00
dependabot[bot]
29deb4befa
Bump google.golang.org/grpc from 1.51.0 to 1.52.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.51.0 to 1.52.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.51.0...v1.52.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:54:27 +00:00
dependabot[bot]
98cb439b41
Bump google.golang.org/api from 0.106.0 to 0.107.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.106.0 to 0.107.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.106.0...v0.107.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:51:18 +00:00
Max
ac4d5e63ab
Merge pull request #1221 from smallstep/dependabot/go_modules/google.golang.org/api-0.106.0
Bump google.golang.org/api from 0.105.0 to 0.106.0
2023-01-09 09:27:00 -08:00
Max
985a0e4858
Merge pull request #1220 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.5.0
Bump golang.org/x/crypto from 0.4.0 to 0.5.0
2023-01-09 09:26:27 -08:00
dependabot[bot]
34dc119cf7
Bump google.golang.org/api from 0.105.0 to 0.106.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.105.0 to 0.106.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.105.0...v0.106.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 17:21:18 +00:00
Max
9cc35d1505
Merge branch 'master' into dependabot/go_modules/golang.org/x/crypto-0.5.0 2023-01-09 09:20:07 -08:00
dependabot[bot]
e7a4a1f43c
Bump cloud.google.com/go/security from 1.10.0 to 1.11.0
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.10.0...asset/v1.11.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 17:19:52 +00:00
Max
8ba1b44cd8
Merge pull request #1218 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.4.0
Bump cloud.google.com/go/longrunning from 0.3.0 to 0.4.0
2023-01-09 09:16:41 -08:00
dependabot[bot]
dae0ba9008
Bump golang.org/x/crypto from 0.4.0 to 0.5.0
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 15:09:50 +00:00
dependabot[bot]
32f4908310
Bump cloud.google.com/go/longrunning from 0.3.0 to 0.4.0
Bumps [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.3.0...v0.4.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/longrunning
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 15:09:21 +00:00
dependabot[bot]
c5c07be298
Bump golang.org/x/net from 0.4.0 to 0.5.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 15:08:56 +00:00
Max
85f6554c5e
Merge pull request #1210 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.4.0
Bump golang.org/x/crypto from 0.3.0 to 0.4.0
2022-12-20 12:23:22 -08:00
Max
001c156b28
Merge pull request #1208 from smallstep/dependabot/go_modules/google.golang.org/api-0.105.0
Bump google.golang.org/api from 0.104.0 to 0.105.0
2022-12-20 12:17:36 -08:00
dependabot[bot]
27a50d50d3
Bump golang.org/x/crypto from 0.3.0 to 0.4.0
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.3.0...v0.4.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 15:06:33 +00:00
dependabot[bot]
75ffbae5a7
Bump github.com/newrelic/go-agent/v3 from 3.20.1 to 3.20.2
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.20.1 to 3.20.2.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.1...v3.20.2)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 15:06:26 +00:00
dependabot[bot]
a4e64665da
Bump google.golang.org/api from 0.104.0 to 0.105.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.104.0 to 0.105.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.104.0...v0.105.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 15:06:20 +00:00
Max
3fb38a3c14
Merge pull request #1203 from smallstep/dependabot/go_modules/google.golang.org/api-0.104.0
Bump google.golang.org/api from 0.103.0 to 0.104.0
2022-12-14 09:38:21 -08:00
dependabot[bot]
e07734d90d
Bump google.golang.org/api from 0.103.0 to 0.104.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.103.0 to 0.104.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.103.0...v0.104.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-14 06:38:13 +00:00
dependabot[bot]
260f40c6bc
Bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3
Bumps [github.com/Masterminds/sprig/v3](https://github.com/Masterminds/sprig) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/Masterminds/sprig/releases)
- [Changelog](https://github.com/Masterminds/sprig/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Masterminds/sprig/compare/v3.2.2...v3.2.3)

---
updated-dependencies:
- dependency-name: github.com/Masterminds/sprig/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-14 06:38:00 +00:00
dependabot[bot]
47dad19bbc
Bump golang.org/x/net from 0.2.0 to 0.4.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.2.0 to 0.4.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/compare/v0.2.0...v0.4.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-12 15:08:15 +00:00
Max
262814ac43
Merge pull request #1191 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.51.0
Bump google.golang.org/grpc from 1.50.1 to 1.51.0
2022-11-21 09:13:21 -08:00
dependabot[bot]
596be4bec7
Bump google.golang.org/grpc from 1.50.1 to 1.51.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.50.1 to 1.51.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.50.1...v1.51.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-21 15:23:16 +00:00
dependabot[bot]
afc81d96d8
Bump github.com/newrelic/go-agent/v3 from 3.20.0 to 3.20.1
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.20.0 to 3.20.1.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.0...v3.20.1)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-21 15:23:08 +00:00
dependabot[bot]
51503dabac
Bump google.golang.org/api from 0.102.0 to 0.103.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.102.0 to 0.103.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.102.0...v0.103.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-14 17:23:29 +00:00
dependabot[bot]
f63a01a4de
Bump golang.org/x/net from 0.1.0 to 0.2.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.1.0 to 0.2.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/compare/v0.1.0...v0.2.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-14 15:07:09 +00:00
Mariano Cano
07c56f577a
Add support for linked RA renewals 2022-11-08 14:25:54 -08:00
Mariano Cano
b31cf1fc18
Fix merge and use last version of linkedca 2022-11-08 10:12:19 -08:00
Herman Slatman
4cf25ede24
Merge branch 'master' into herman/acme-da-tpm 2022-11-08 12:07:46 +01:00
Herman Slatman
c169defc73
Merge pull request #1136 from smallstep/herman/ignore-empty-acme-meta 2022-11-08 09:56:00 +01:00
Mariano Cano
3ef73fa66b
Upgrade go.step.sm/crypto 2022-11-07 17:51:19 -08:00
dependabot[bot]
ae684a557a
Bump cloud.google.com/go/security from 1.9.0 to 1.10.0
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.9.0...asset/v1.10.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 22:16:22 +00:00
Herman Slatman
a7b2f5f27d
Upgrade linkedca to v0.19.0-rc.4 2022-11-07 22:14:10 +01:00
max furman
d4e81723ee
Updates for deprecated google cloud security APIs 2022-11-07 11:31:57 -08:00
Max
55a684fe5a
Merge pull request #1162 from smallstep/dependabot/go_modules/google.golang.org/api-0.102.0
Bump google.golang.org/api from 0.101.0 to 0.102.0
2022-11-07 11:21:59 -08:00
Max
4fcfc9481b
Merge pull request #1160 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.20.0
Bump github.com/newrelic/go-agent/v3 from 3.19.2 to 3.20.0
2022-11-07 09:28:51 -08:00
dependabot[bot]
656b9ab217
Bump google.golang.org/api from 0.101.0 to 0.102.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.101.0 to 0.102.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.101.0...v0.102.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 15:28:35 +00:00
dependabot[bot]
88febefbcf
Bump github.com/newrelic/go-agent/v3 from 3.19.2 to 3.20.0
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.19.2 to 3.20.0.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.19.2...v3.20.0)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 15:05:48 +00:00
dependabot[bot]
2891f6b397
Bump go.step.sm/crypto from 0.22.0 to 0.23.0
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 15:04:59 +00:00
max furman
4ccc9a0c32
go.mod syntax 2022-10-31 12:01:18 -07:00
dependabot[bot]
bd577e7531
Bump cloud.google.com/go from 0.104.0 to 0.105.0
Bumps [cloud.google.com/go](https://github.com/googleapis/google-cloud-go) from 0.104.0 to 0.105.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.104.0...v0.105.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31 18:54:46 +00:00
Max
e53a4b2ed5
Merge pull request #1149 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.22.0
Bump go.step.sm/crypto from 0.21.0 to 0.22.0
2022-10-31 11:53:27 -07:00
dependabot[bot]
917d8dc103
Bump go.step.sm/crypto from 0.21.0 to 0.22.0
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.21.0 to 0.22.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.21.0...v0.22.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31 17:29:34 +00:00
Max
b85b52d7b5
Merge pull request #1148 from smallstep/dependabot/go_modules/google.golang.org/api-0.101.0
Bump google.golang.org/api from 0.100.0 to 0.101.0
2022-10-31 10:29:31 -07:00
Max
ea3f2fee7b
Merge pull request #1150 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.8.2
Bump github.com/hashicorp/vault/api from 1.8.1 to 1.8.2
2022-10-31 10:29:00 -07:00
dependabot[bot]
d26414a864
Bump github.com/hashicorp/vault/api from 1.8.1 to 1.8.2
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31 15:29:30 +00:00
dependabot[bot]
22d2c1c31f
Bump google.golang.org/api from 0.100.0 to 0.101.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.100.0 to 0.101.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.100.0...v0.101.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31 15:28:56 +00:00
dependabot[bot]
4e077f997e
Bump cloud.google.com/go/security from 1.8.0 to 1.9.0
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.8.0...asset/v1.9.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31 15:28:32 +00:00
Mariano Cano
aed1738ad0
Upgrade pkcs7 to the latest patches branch
smallstep/pkcs7@patches includes now support for generic Decrypter
methods, so KMS can be used instead of a key in disk with SCIM
2022-10-24 11:07:28 -07:00
Max
c407354c70
Merge pull request #1137 from smallstep/dependabot/go_modules/google.golang.org/api-0.100.0
Bump google.golang.org/api from 0.99.0 to 0.100.0
2022-10-24 09:18:31 -07:00
dependabot[bot]
3e96113162
Bump github.com/stretchr/testify from 1.8.0 to 1.8.1
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-24 15:45:07 +00:00
dependabot[bot]
016973fd2b
Bump google.golang.org/api from 0.99.0 to 0.100.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.99.0 to 0.100.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.99.0...v0.100.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-24 15:44:56 +00:00
dependabot[bot]
b83f268b4d
Bump google.golang.org/api from 0.98.0 to 0.99.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.98.0 to 0.99.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.98.0...v0.99.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-17 20:39:12 +00:00
dependabot[bot]
c3f6dcf7e7
Bump github.com/googleapis/gax-go/v2 from 2.5.1 to 2.6.0
Bumps [github.com/googleapis/gax-go/v2](https://github.com/googleapis/gax-go) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/googleapis/gax-go/releases)
- [Commits](https://github.com/googleapis/gax-go/compare/v2.5.1...v2.6.0)

---
updated-dependencies:
- dependency-name: github.com/googleapis/gax-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-17 17:18:04 +00:00
Max
70828b882f
Merge pull request #1111 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.8.1
Bump github.com/hashicorp/vault/api from 1.8.0 to 1.8.1
2022-10-17 10:12:23 -07:00
dependabot[bot]
9ee11fd850
Bump google.golang.org/grpc from 1.50.0 to 1.50.1
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.50.0 to 1.50.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.50.0...v1.50.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-17 15:58:52 +00:00
dependabot[bot]
3676c59599
Bump github.com/hashicorp/vault/api from 1.8.0 to 1.8.1
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-17 15:58:43 +00:00
max furman
7203739369
Fix err assert linter warnings - upgrade outdated package 2022-10-12 16:32:26 -07:00
Max
b142fc70f7
Merge pull request #1099 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.50.0
Bump google.golang.org/grpc from 1.49.0 to 1.50.0
2022-10-10 09:39:11 -07:00
Max
32edc54946
Merge pull request #1100 from smallstep/dependabot/go_modules/github.com/sirupsen/logrus-1.9.0
Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
2022-10-10 09:38:31 -07:00
dependabot[bot]
b27d36d556
Bump go.step.sm/crypto from 0.20.0 to 0.21.0
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.20.0...v0.21.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-10 16:08:46 +00:00
dependabot[bot]
2522efe27a
Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-10 16:08:38 +00:00
dependabot[bot]
2ee4218a69
Bump google.golang.org/grpc from 1.49.0 to 1.50.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.49.0 to 1.50.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.49.0...v1.50.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-10 16:08:34 +00:00
Herman Slatman
764b7bb02f
Update github.com/smallstep/nosql to v0.5.0
This version of `nosql` includes some fixes for MySQL DSNs. The
tag is backdated a bit, as to not include the most recent
changes, which may have a bigger impact.

Also ran `go mod tidy`, `go mod vendor`
2022-10-07 17:44:16 +02:00
Mariano Cano
bd1938b0da
Add support for storing or sending attestation data to linkedca 2022-10-06 12:22:19 -07:00
Max
a4f6b1ba0f
Merge pull request #1086 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/kubernetes-0.3.0
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.1.0 to 0.3.0
2022-10-03 09:28:06 -07:00
Max
87079a87d6
Merge pull request #1085 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.8.0
Bump cloud.google.com/go/security from 1.7.0 to 1.8.0
2022-10-03 09:27:15 -07:00
dependabot[bot]
3abb42dd1d
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.1.0 to 0.3.0
Bumps [github.com/hashicorp/vault/api/auth/kubernetes](https://github.com/hashicorp/vault) from 0.1.0 to 0.3.0.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v0.1.0...v0.3.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/kubernetes
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 16:27:07 +00:00
dependabot[bot]
eba73d2aea
Bump github.com/newrelic/go-agent/v3 from 3.18.0 to 3.19.2
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.18.0 to 3.19.2.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.18.0...v3.19.2)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 16:25:41 +00:00
Max
32feef3275
Merge pull request #1084 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/approle-0.3.0
Bump github.com/hashicorp/vault/api/auth/approle from 0.1.1 to 0.3.0
2022-10-03 09:24:31 -07:00
Max
f2628697db
Merge pull request #1082 from smallstep/dependabot/go_modules/github.com/rs/xid-1.4.0
Bump github.com/rs/xid from 1.2.1 to 1.4.0
2022-10-03 09:23:02 -07:00
Max
2ef5c98384
Merge pull request #1067 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.10
Bump github.com/urfave/cli from 1.22.4 to 1.22.10
2022-10-03 09:22:06 -07:00
dependabot[bot]
5f0fa57844
Bump cloud.google.com/go/security from 1.7.0 to 1.8.0
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.7.0...redis/v1.8.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 15:25:16 +00:00
dependabot[bot]
211b1c01c0
Bump github.com/hashicorp/vault/api/auth/approle from 0.1.1 to 0.3.0
Bumps [github.com/hashicorp/vault/api/auth/approle](https://github.com/hashicorp/vault) from 0.1.1 to 0.3.0.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v0.1.1...v0.3.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/approle
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 15:25:09 +00:00
dependabot[bot]
510122f026
Bump github.com/rs/xid from 1.2.1 to 1.4.0
Bumps [github.com/rs/xid](https://github.com/rs/xid) from 1.2.1 to 1.4.0.
- [Release notes](https://github.com/rs/xid/releases)
- [Commits](https://github.com/rs/xid/compare/v1.2.1...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/rs/xid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 15:24:49 +00:00
Max
70abbdfc70
Merge pull request #1068 from smallstep/dependabot/go_modules/go.step.sm/cli-utils-0.7.5
Bump go.step.sm/cli-utils from 0.7.4 to 0.7.5
2022-09-30 12:28:35 -07:00
Max
8139179084
Merge pull request #1069 from smallstep/dependabot/go_modules/github.com/google/go-cmp-0.5.9
Bump github.com/google/go-cmp from 0.5.8 to 0.5.9
2022-09-30 12:18:51 -07:00
Max
af4183df18
Merge pull request #1077 from smallstep/dependabot/go_modules/google.golang.org/api-0.98.0
Bump google.golang.org/api from 0.96.0 to 0.98.0
2022-09-30 12:15:43 -07:00
Max
e5c5b0cb49
Merge pull request #1070 from smallstep/dependabot/go_modules/github.com/slackhq/nebula-1.6.1
Bump github.com/slackhq/nebula from 1.5.2 to 1.6.1
2022-09-30 11:09:44 -07:00
dependabot[bot]
ef75d4f3c6
Bump go.step.sm/cli-utils from 0.7.4 to 0.7.5
Bumps [go.step.sm/cli-utils](https://github.com/smallstep/cli-utils) from 0.7.4 to 0.7.5.
- [Release notes](https://github.com/smallstep/cli-utils/releases)
- [Commits](https://github.com/smallstep/cli-utils/compare/v0.7.4...v0.7.5)

---
updated-dependencies:
- dependency-name: go.step.sm/cli-utils
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-30 00:23:15 +00:00
dependabot[bot]
3faa8717b3
Bump google.golang.org/api from 0.96.0 to 0.98.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.96.0 to 0.98.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.96.0...v0.98.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-30 00:23:08 +00:00
dependabot[bot]
0027f93fb9
Bump github.com/google/go-cmp from 0.5.8 to 0.5.9
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.8 to 0.5.9.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](https://github.com/google/go-cmp/compare/v0.5.8...v0.5.9)

---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-30 00:22:41 +00:00
Andrew Reed
7101fbb0ee
Provisioner webhooks (#1001) 2022-09-29 19:16:26 -05:00
dependabot[bot]
132b32b5a5
Bump github.com/urfave/cli from 1.22.4 to 1.22.10
Bumps [github.com/urfave/cli](https://github.com/urfave/cli) from 1.22.4 to 1.22.10.
- [Release notes](https://github.com/urfave/cli/releases)
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md)
- [Commits](https://github.com/urfave/cli/compare/v1.22.4...v1.22.10)

---
updated-dependencies:
- dependency-name: github.com/urfave/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-29 23:23:24 +00:00
dependabot[bot]
7420172d63
Bump github.com/slackhq/nebula from 1.5.2 to 1.6.1
Bumps [github.com/slackhq/nebula](https://github.com/slackhq/nebula) from 1.5.2 to 1.6.1.
- [Release notes](https://github.com/slackhq/nebula/releases)
- [Changelog](https://github.com/slackhq/nebula/blob/master/CHANGELOG.md)
- [Commits](https://github.com/slackhq/nebula/compare/v1.5.2...v1.6.1)

---
updated-dependencies:
- dependency-name: github.com/slackhq/nebula
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-29 23:23:07 +00:00
Mariano Cano
906c5067b9
Include attestation roots on provisioner converters 2022-09-29 16:12:55 -07:00
Herman Slatman
a8125846dd
Add TPM attestation 2022-09-21 14:58:03 +02:00
max furman
1e0ea6f958
more linting fixes 2022-09-20 19:05:12 -07:00
Mariano Cano
191d9e8629
Use go.step.sm/crypto to set the permanent identifier 2022-09-20 18:57:43 -07:00
Brandon Weeks
de5b0ef5c2
Verify key authorization is contained within the TPM quote extraData field 2022-09-20 16:51:55 -07:00
Brandon Weeks
248da10f32
Implement TPM attestation statement verification 2022-09-20 16:50:26 -07:00
Brandon Weeks
6f2b4d3042
Add ACME permanent-identifier identifier type 2022-09-20 16:48:28 -07:00
Herman Slatman
25cbe02b9e
Add provisioner template validation
Fixes #1012
2022-09-20 16:40:25 -07:00
Mariano Cano
df975122a0 Upgrade linkedca and add entry to changelog 2022-09-12 16:30:41 -07:00
Mariano Cano
bb0210e875 Fix typo in linkedca variable 2022-09-09 14:34:32 -07:00
Mariano Cano
66407139e5 Add methods to convert attestation formats 2022-09-08 17:49:24 -07:00
Mariano Cano
a2749ca8ed Merge branch 'master' into device-attestation 2022-09-06 12:29:06 -07:00
Mariano Cano
45af68b244 Upgrade go.step.sm/crypto 2022-08-31 11:36:07 -07:00
Mariano Cano
6db631df51 Upgrade go.step.sm/crypto@attest 2022-08-30 15:49:10 -07:00
Mariano Cano
a893d6e7f7 Upgrade go.step.sm/cli-utils
Fixes issue with step path
2022-08-25 15:37:35 -07:00
Mariano Cano
1938b1bb34 Merge branch 'master' into herman/fix-template-validation 2022-08-25 13:31:33 -07:00
Mariano Cano
1d1e024b84 Upgrade to go.step.sm/crypto v0.18.0 2022-08-25 12:40:31 -07:00
Mariano Cano
bca311b05e Add acme property to enable challenges
Fixes #1027
2022-08-23 17:11:40 -07:00
Herman Slatman
6b7b989988
Add provisioner template validation
Fixes #1012
2022-08-23 16:27:49 +02:00
Mariano Cano
693dc39481 Merge branch 'master' into device-attestation 2022-08-22 17:59:17 -07:00
Mariano Cano
6cab4d328e Add a middleware to automatically route HEAD requests to GET
Fixes #992
2022-08-16 16:10:29 -07:00
Mariano Cano
0c7467ceb2 Allow to automatically configure and linked RA 2022-08-16 14:39:02 -07:00
Mariano Cano
5df1694250 Add endpoint id for the RA certificate
In a linked RA mode, send an endpoint id to group the server
certificates.
2022-08-11 14:47:11 -07:00
Mariano Cano
2f7cb9225f Use go.step.sm/crypto to set the permanent identifier 2022-08-10 17:38:18 -07:00
Mariano Cano
369b8f81c3 Use go.step.sm/crypto/kms
Fixes #975
2022-08-08 17:58:18 -07:00
Mariano Cano
e02a190fa7 Merge branch 'master' into device-attestation 2022-08-08 17:29:59 -07:00
Mariano Cano
8445c29db6 Change actions to build using Go 1.19
Fixes #998
2022-08-08 12:01:18 -07:00
Mariano Cano
38fb92452f
Merge pull request #993 from smallstep/ra-ids
RA provisioner IDs
2022-08-04 11:26:59 -07:00
Mariano Cano
821743f71e Upgrade newrelic to v3 2022-08-04 11:16:11 -07:00
Aaron Bieber
135c481893 Update deps to bring in support for OpenBSD
OpenBSD support was added to the following deps:
 - github.com/go-piv/piv-go in https://github.com/go-piv/piv-go/pull/101
 - github.com/newrelic/go-agent in https://github.com/newrelic/go-agent/pull/455
 - github.com/miekg/pkcs11 in https://github.com/miekg/pkcs11/pull/140

With these deps bumped, tests all pass on OpenBSD amd64.
2022-08-04 11:38:15 -06:00
Mariano Cano
a2f7766943 Use released version of linkedca 2022-08-04 10:31:57 -07:00
Mariano Cano
64744562c6 Send RA provisioner to linkedca. 2022-08-03 18:44:25 -07:00
Brandon Weeks
77c6d10fd6 Verify key authorization is contained within the TPM quote extraData field 2022-06-23 05:19:36 +10:00
Brandon Weeks
e1ec31c0ed Implement TPM attestation statement verification 2022-06-23 05:19:36 +10:00
Brandon Weeks
2ac8b69da2 Add ACME permanent-identifier identifier type 2022-06-23 05:19:36 +10:00
Mariano Cano
2adf8caac7 Fix Dependabot warning on an indirect dependency 2022-05-25 17:11:45 -07:00
Erik De Lamarter
dec1067add
vault kubernetes auth 2022-05-21 21:06:14 +02:00
Herman Slatman
d1ab1d5431
Merge branch 'master' into herman/update-crypto-0.16.2 2022-05-18 09:11:38 +02:00
Herman Slatman
b75ce3acbd
Update to go.step.sm/crypto v0.16.2
This patch release of go.step.sm/crypto fixes an issue with
not all `Subject` names being available for usage in a template
as `ExtraNames`.
2022-05-17 23:39:01 +02:00
Herman Slatman
7030dbb7a1
Use github.com/smallstep/pkcs7 fork with patches applied 2022-05-11 21:18:47 +02:00
Herman Slatman
ed231d29e2
Update to go.step.sm/linkedca@v0.16.1 2022-05-05 15:57:47 +02:00
Herman Slatman
f0272dc717
Fix import replacement of linkedca 2022-05-05 11:10:21 +02:00
Herman Slatman
60d8b22d89
Change context retrievers to MustTFromContext 2022-05-05 11:05:57 +02:00
Herman Slatman
f2f9cb899e
Add conditional defaults to policy protobuf request bodies 2022-04-19 12:09:45 +02:00
Herman Slatman
647538e9e8
Merge branch 'herman/allow-deny' into herman/allow-deny-options 2022-04-19 10:32:16 +02:00
Herman Slatman
ad2de16299
Merge branch 'master' into herman/allow-deny 2022-04-19 10:26:31 +02:00
Herman Slatman
7f9034d22a
Add additional policy options 2022-04-19 10:24:52 +02:00
Mariano Cano
fe9c3cf753
Merge branch 'master' into ahmet2mir-feat/vault 2022-04-18 15:35:26 -07:00
Herman Slatman
d6be9450be
Merge branch 'master' into herman/allow-deny 2022-04-15 11:57:05 +02:00
Mariano Cano
674dc3c844 Rename unreleased claim to allowRenewalAfterExpiry for consistency. 2022-04-13 15:11:54 -07:00
Mariano Cano
26e40068c8 Remove unnecessary dependencies. 2022-04-11 18:49:14 -07:00
Mariano Cano
37b521ec6c
Merge branch 'master' into feat/vault 2022-04-11 14:57:45 -07:00
Mariano Cano
d4013f0df6 Update linkedca 2022-04-07 18:19:56 -07:00
Herman Slatman
7df52dbb76
Add ACME EAB policy 2022-04-07 14:11:53 +02:00
Herman Slatman
235a2c9d04
Pin to specific version of go.step.sm/linkedca 2022-03-31 16:40:49 +02:00
Herman Slatman
5daa9fc0b1
Merge branch 'master' into herman/allow-deny 2022-03-31 16:13:50 +02:00
Mariano Cano
f5bf46b950 Upgrade go.step.sm/crypto 2022-03-30 18:24:17 -07:00
Herman Slatman
2fbdf7d5b0
Merge branch 'master' into herman/allow-deny 2022-03-30 14:50:14 +02:00
Herman Slatman
1dbaa62740
Update cloud.google.com/go/kms 2022-03-27 21:40:01 +02:00
Herman Slatman
dc23fd23bf
Merge branch 'master' into herman/allow-deny-next 2022-03-24 12:36:12 +01:00
Herman Slatman
81b0c6c37c
Add API implementation for authority and provisioner policy 2022-03-15 15:56:04 +01:00
Mariano Cano
c903f00cd4 Rename claim to allowRenewAfterExpiry. 2022-03-14 15:40:01 -07:00
Mariano Cano
616490a9c6 Refactor renew after expiry token authorization
This changes adds a new authority method that authorizes the
renew after expiry tokens.
2022-03-10 20:21:01 -08:00
Mariano Cano
3fb5e57f12 Upgrade nosql package
The new version of the package allows filtering out database drivers
using Go tags.
2022-03-04 10:56:09 -08:00
Mariano Cano
6f46cdb432
Merge pull request #829 from vijayjt/new-azure-token-authz-options
Add subscription and object ID validation options to Azure provisioner
2022-02-28 14:31:28 -08:00
vijayjt
7a32c312bf Update linkedca dependency version 2022-02-25 11:21:32 +00:00
max furman
9d885e6914 bump nosql for postgres support 2022-02-22 22:39:30 -08:00
Mariano Cano
c0525381eb Merge branch 'master' into feat/vault 2022-02-16 18:19:23 -08:00
Herman Slatman
c7c5c3c94e
Merge branch 'master' into herman/scep-macos-renewal-fixes 2022-01-31 13:20:16 +01:00
Mariano Cano
09a9b3e1c8 Upgrade go.step.sm/crypto 2022-01-27 13:12:50 -08:00
Herman Slatman
3b72d241e0
Add LinkedCA integration for improved SCEP provisioner 2022-01-21 16:07:50 +01:00
Ahmet DEMIR
d957a57e24
fix: apply mariano suggestions and fixes
* use json.RawMessage to remote mapstructure in options
* use vault secretid structure to support multiple source aka string, file and env
* remove log prefix
* return raw cert on error on newline for cert and csr
* clean sans, commonName in createCertificate (bad copy/paste from StepCAS)
* verify authority fingerprint
* convert serial on revoke to bigint, bytes and vault dashed representation
2022-01-20 10:16:47 +01:00
Ahmet DEMIR
16390694e1
feat(vault): adding hashicorp vault cas 2022-01-14 18:56:17 +01:00
Mariano Cano
01a76445ea Upgrade go.step.sm/crypto 2022-01-06 12:50:26 -08:00
Mariano Cano
98044cf08d Use a tagged version of linkedca 2022-01-06 12:04:57 -08:00
Mariano Cano
6a1d0cb9f8 Add linkedca conversions. 2022-01-04 18:42:57 -08:00
Mariano Cano
9ec0276887 Update certificate set with new api. 2022-01-03 18:54:01 -08:00
Mariano Cano
32390a2964 Add initial implementation of a nebula provisioner.
A nebula provisioner will generate a X509 or SSH certificate with
the identities in the nebula certificate embedded in the token.
The token is signed with the private key of the nebula certificate.
2021-12-29 14:12:03 -08:00
Herman Slatman
06bb97c91e
Add logic for Account authorizations and improve tests 2021-12-02 16:25:35 +01:00
max furman
7fac8c96c3 Merge branch 'master' into max/context 2021-11-17 11:40:01 -08:00
max furman
196f6b45c9 bump cli-utils to 0.7.0 2021-11-16 21:49:18 -08:00
max furman
b5bf79b84e bump nosql library 2021-11-16 21:48:43 -08:00
max furman
555431448c bump version ofcli-utils 2021-11-16 21:48:38 -08:00
max furman
da74fa2eb9 Rename FullSnippet to Fragment and remove unused replace in go.mod 2021-11-16 21:47:14 -08:00
max furman
741ac64c61 change name of package cli-utils/config to cli-utils/step 2021-11-16 21:47:14 -08:00
Herman Slatman
2c05f488f6
Remove support for Go 1.15 2021-11-13 01:43:03 +01:00
Mariano Cano
62a20c7db5 Upgrade cli-utils with latest version of promptui 2021-11-01 10:08:48 -07:00
Mariano Cano
9958e0645f Replace promptui with apache-compatible fork.
Promptui depends on github.com/juju/ansiterm that is licensed under
LGPL. The fork replaces ansiterm.TabWriter with the one in the
standard library.
2021-10-27 12:38:16 -07:00
Mariano Cano
0927e0d22a Upgrade go.step.sm/crypto dependency
The new version removes "env" and "expandenv" sprig functions.
2021-10-27 11:48:29 -07:00
Mariano Cano
edd475b81b Allow to configure azurekms using the URI
With an URI, azurekms can be configured with client credentials,
and it can define a default vault and protection level.
2021-10-12 18:24:58 -07:00
Mariano Cano
e15b5faf7d Merge branch 'master' into keyvault 2021-10-12 15:15:35 -07:00
Mariano Cano
d8720c3723 Update linkedca package. 2021-10-07 17:21:40 -07:00
Mariano Cano
48549bf317 Initialize windows terminal on all binaries. 2021-10-07 11:09:32 -07:00
Mariano Cano
6389100325 Add unit tests for azurekms. 2021-10-05 20:35:52 -07:00
Mariano Cano
392a18465f Add initial implementation of Azure Key Vault KMS.
Fixes #462
2021-10-05 17:06:17 -07:00
Mariano Cano
ad82d8a250 Upgrade go.step.sm/crypto as long with go-jose.v2
There was a typo in the OKP template causing bad fingerprints for
Ed25519 keys.

See a10ff54e00

Fixes #705
2021-09-22 15:15:19 -07:00
Herman Slatman
73d0a11a20
Update github.com/micromdm/scep/v2 2021-09-16 08:29:25 +02:00
Herman Slatman
611859eec4
Update go.mozilla.org/pkcs7
This includes the fix as described in https://github.com/mozilla-services/pkcs7/pull/59,
which was the reason a fork of the library was used.
2021-09-16 08:24:28 +02:00
Mariano Cano
9e7a3cd897 Update go.step.sm/crypto 2021-08-26 18:12:37 -07:00
Mariano Cano
352acf8faa Upgrade golang.org/x/crypto 2021-08-26 11:29:13 -07:00
Mariano Cano
42fde8ba28
Merge branch 'master' into linkedca 2021-08-25 15:56:50 -07:00
max furman
2317bf183b Nosql and badger bump 2021-08-25 10:32:12 -07:00
max furman
cc9bc9c84b Bump Badger 2021-08-25 10:24:18 -07:00
max furman
f53f78974e Badger bump to fix issue with caddy build 2021-08-18 11:38:31 -07:00
Mariano Cano
456ffd8806 Use linkedca v0.5.0 2021-08-11 15:33:34 -07:00
Mariano Cano
28e882c9b3 Add deployment type to export. 2021-08-10 17:14:17 -07:00
Mariano Cano
798b90c359 Move linkedca configuration to the main package. 2021-08-04 20:15:04 -07:00
Mariano Cano
de292fbed6 Use branch version of linkedca. 2021-08-02 16:08:54 -07:00
Mariano Cano
dc1ec18b52 Create a way to export ca configurations. 2021-07-26 19:01:56 -07:00
Mariano Cano
d0c1530f89 Remove replace of linkedca package. 2021-07-26 14:48:01 -07:00
Mariano Cano
4ad82a2f76 Check linkedca for revocation. 2021-07-23 16:10:13 -07:00
Mariano Cano
71f8019243 Store x509 and ssh certificates on linkedca if enabled. 2021-07-20 18:16:24 -07:00
Mariano Cano
17eef81c91 Remove linkerd replace. 2021-07-20 14:55:07 -07:00
Mariano Cano
a72eab915b Use linkedca v0.1.0 2021-07-20 12:59:59 -07:00
Mariano Cano
8fb5340dc9 Use a token at start time to configure linkedca.
Instead of using `step-ca login` we will use a new token provided
as a flag to configure and start linkedca. Certificates will be kept
in memory and refreshed automatically.
2021-07-19 19:28:06 -07:00
Mariano Cano
f7e09af9df Implement the login command.
The login commands creates a new certificate for the linked ca.
This certificate will be used to sync data with the linkedca
endpoint.
2021-07-12 15:28:13 +02:00
max furman
77fdfc9fa3 Merge branch 'master' into max/cert-mgr-crud 2021-07-02 20:26:46 -07:00
max furman
9fdef64709 Admin level API for provisioner mgmt v1 2021-07-02 19:05:17 -07:00
Mariano Cano
65dacc2795 Replace golint with revive 2021-06-23 09:53:26 +02:00
Mariano Cano
2a97389f1b Upgrade dependencies. 2021-06-08 17:47:26 -07:00
Mariano Cano
072bd0dcf4 Add support for Google CAS v1 2021-06-03 19:31:19 -07:00
Herman Slatman
66a67ed691 Update to v2.0.0 of github.com/micromdm/scep 2021-05-26 16:15:24 -07:00
Herman Slatman
75cd3ab0ac Change to a fixed fork of go.mozilla.org/pkcs7
Hopefully this will be a temporary change until
the fix is merged in the upstream module.
2021-05-26 16:07:37 -07:00
Herman Slatman
2a249d20de Refactor initialization of SCEP authority 2021-05-26 16:04:19 -07:00
Herman Slatman
48c86716a0 Add rudimentary (and incomplete) support for SCEP 2021-05-26 15:58:04 -07:00
Herman Slatman
bc2bb53009
Merge branch 'master' into hs/scep 2021-05-20 21:35:44 +02:00
Mariano Cano
f84c8f846a Upgrade x/crypto
Although this does not affects us the old version had the vulnerability
CVE-2020-29652
2021-05-18 19:16:13 -07:00
max furman
b205f50412 bump crypto to 0.8.3 and go mod tidy 2021-05-13 12:14:11 -07:00
Herman Slatman
c3d9cef497
Update to v2.0.0 of github.com/micromdm/scep 2021-03-26 22:04:18 +01:00
Herman Slatman
c5e4ea08b3
Merge branch 'master' into hs/scep 2021-03-26 15:22:41 +01:00
Mariano Cano
561341a6f2 Update go.step.sm/crypto. 2021-03-18 18:04:38 -07:00
Herman Slatman
efd5501aca
Merge branch 'master' into hs/scep 2021-03-12 12:16:10 +01:00
Mariano Cano
d74f1fa55e Use cli-utils v0.2.0 2021-03-10 12:53:25 -08:00
Mariano Cano
a1a7e38a49 Add support for cli-utils with powershell support. 2021-03-10 12:34:47 -08:00
Herman Slatman
9df5f513e7
Change to a fixed fork of go.mozilla.org/pkcs7
Hopefully this will be a temporary change until
the fix is merged in the upstream module.
2021-03-06 22:35:41 +01:00
Herman Slatman
7ad90d10b3
Refactor initialization of SCEP authority 2021-02-26 00:32:21 +01:00
Herman Slatman
9e43dc85d8
Merge branch 'master' into hs/scep-master 2021-02-19 10:16:39 +01:00
Mariano Cano
3eb24d7d01 Remove duplicated replace. 2021-02-16 17:14:15 -08:00
Herman Slatman
ffdd58ea3c
Add rudimentary (and incomplete) support for SCEP 2021-02-12 12:03:08 +01:00
Mariano Cano
f289d1ee1f Update to crypto11 v1.2.4
This version now includes my changes to delete a certificate.
2021-02-08 12:01:21 -08:00
Mariano Cano
4fbf7569fa Merge branch 'master' into pkcs11 2021-02-01 18:13:16 -08:00
Mariano Cano
1d47a7284d Upgrade nosql with a version of badger compatible with 32bits 2021-02-01 18:09:28 -08:00
Mariano Cano
6c0cf99b24 Upgrade nosql with a 32-bit version of badger. 2021-01-27 11:02:56 -08:00
Mariano Cano
8dca652bc7 Add support for PKCS #11 KMS.
The implementation works with YubiHSM2. Unit tests are still pending.

Fixes #301
2021-01-26 20:03:53 -08:00