Mariano Cano
1f4443d858
Support to ask for key password after crypto change
...
A change in crypto will remove the dependency of the ui package
used for prompting passwords.
2022-09-27 12:03:51 -07:00
max furman
ffff9af323
linting and fixing review feedback
2022-09-20 22:12:08 -07:00
max furman
1e0ea6f958
more linting fixes
2022-09-20 19:05:12 -07:00
max furman
ab0d2503ae
Standardize linting file and fix or ignore lots of linting errors
2022-09-20 16:35:41 -07:00
Mariano Cano
23b8f45b37
Address gosec warnings
...
Most if not all false positives
2022-08-18 17:46:20 -07:00
Mariano Cano
369b8f81c3
Use go.step.sm/crypto/kms
...
Fixes #975
2022-08-08 17:58:18 -07:00
Mariano Cano
37b521ec6c
Merge branch 'master' into feat/vault
2022-04-11 14:57:45 -07:00
Panagiotis Siatras
6d4d4560df
add --context flag to step-ca command ( #851 )
...
* added the --context flag
* apply the context and allow for different ca.json
* amended usage for consistency
* added an extra example
* added an extra example
* reordered and reworded examples
2022-03-24 18:18:51 +02:00
Mariano Cano
c0525381eb
Merge branch 'master' into feat/vault
2022-02-16 18:19:23 -08:00
Herman Slatman
af17b6a6f3
Make copyright year dynamic
2022-02-16 11:08:26 +01:00
Ahmet DEMIR
16390694e1
feat(vault): adding hashicorp vault cas
2022-01-14 18:56:17 +01:00
max furman
10db335f13
mv pkg config -> step
2021-11-16 21:47:14 -08:00
Mariano Cano
e15b5faf7d
Merge branch 'master' into keyvault
2021-10-12 15:15:35 -07:00
max furman
933b40a02a
Introduce gocritic linter and address warnings
2021-10-08 14:59:57 -04:00
Mariano Cano
205148ad1f
Fix exit after defer.
2021-10-07 12:43:24 -07:00
Mariano Cano
48549bf317
Initialize windows terminal on all binaries.
2021-10-07 11:09:32 -07:00
Mariano Cano
d02cb1c869
Enable azurekms.
2021-10-05 17:09:40 -07:00
Mariano Cano
cfe08ad6fe
Add flags to usage.
2021-09-16 12:05:23 -07:00
Mariano Cano
e727532963
Fix wrong format of the first flag on step-ca --help
2021-03-24 14:55:34 -07:00
Mariano Cano
bdeb0ccd7c
Add support for the flag --issuer-password-file
...
The new flag allows to pass a file with the password used to decrypt
the key used in RA mode.
2021-03-24 14:53:19 -07:00
Mariano Cano
a6115e29c2
Add initial implementation of StepCAS.
...
StepCAS allows to configure step-ca as an RA using another step-ca
as the main CA.
2021-03-17 19:33:35 -07:00
Mariano Cano
8dca652bc7
Add support for PKCS #11 KMS.
...
The implementation works with YubiHSM2. Unit tests are still pending.
Fixes #301
2021-01-26 20:03:53 -08:00
Anton Lundin
3e6137110b
Add support for using ssh-agent as a KMS
...
This adds a new KMS, SSHAgentKMS, which is a KMS to provide signing keys
for issuing ssh certificates signed by a key managed by a ssh-agent. It
uses the golang.org/x/crypto package to get a native Go implementation
to talk to a ssh-agent.
This was primarly written to be able to use gpg-agent to provide the
keys stored in a YubiKeys openpgp interface, but can be used for other
setups like proxying a ssh-agent over network.
That way the signing key for ssh certificates can be kept in a
"sign-only" hsm.
This code was written for my employer Intinor AB, but for simplicity
sake gifted to me to contribute upstream.
Signed-off-by: Anton Lundin <glance@acc.umu.se>
2020-11-04 09:06:23 +01:00
Mariano Cano
40d0596b71
Use smallstep/cli-utils instead of smallstep/cli
2020-10-29 13:10:03 -07:00
Mariano Cano
647b9b4541
Merge pull request #367 from smallstep/cas
...
Support for CAS Interface and CloudCAS
2020-10-05 18:09:01 -07:00
Carl Tashian
fd07e25e61
Change Gitter links to GH Discussions tab
2020-09-23 16:36:37 -07:00
Mariano Cano
1b1f73dec6
Early attempt to develop a CAS interface.
2020-09-08 19:26:32 -07:00
Mariano Cano
ddb4ca7a74
Move load of kms to main package.
...
With this change packages that import the authority won't load by
default all the supported kms with all its dependencies.
Fixes #228
2020-06-12 14:55:35 -07:00
Mariano Cano
869ef70211
Merge pull request #172 from 256dpi/master
...
Added Resolver Option
2020-02-12 12:42:08 -08:00
Sebastian Tiedtke
f2b95647f3
Use date range in copyright
2020-02-10 09:55:21 -08:00
Joël Gähwiler
445fcbe621
added resolver
2020-02-01 13:00:39 +02:00
Mariano Cano
4d423137f0
Re-enable profiler.
2020-01-28 13:29:39 -08:00
Mariano Cano
c60641701b
Add version endpoint.
2020-01-28 13:28:16 -08:00
Alan Christopher Thomas
8f08b47a9c
Rough wiring for basics of connecting to onboarding flow
2020-01-28 13:28:16 -08:00
Mariano Cano
5013f7ffe0
Move ca commands to its own package.
2019-09-12 12:51:07 -07:00
Mariano Cano
0efae31a29
Generate PKI and start server using onboarding.
2019-09-11 19:16:08 -07:00
Mariano Cano
bca5dcc326
Remove url from error message.
2019-09-11 17:36:48 -07:00
Mariano Cano
0c654d93ea
Create method for onboard action and clean code.
2019-09-11 17:33:27 -07:00
Alan Christopher Thomas
c0d1399c38
Change onboarding bootstrap command to step-ca onboard
...
cc @sourishkrout @maraino
2019-09-11 14:54:54 -06:00
Alan Christopher Thomas
7c0622e50e
Make note about adding "admin" JWT provisioner
2019-09-10 22:56:30 -06:00
Alan Christopher Thomas
21baa69473
Fix linting errors and remove useless code
2019-09-10 22:56:19 -06:00
Alan Christopher Thomas
15f2935db1
Rough wiring for basics of connecting to onboarding flow
2019-09-10 16:29:03 -06:00
Mariano Cano
10e7b81b9f
Merge branch 'master' into ssh-ca
2019-09-05 23:06:01 +02:00
max furman
e3bd2d0e2b
Custom AppHelpTemplate for step-ca
2019-08-29 15:58:07 -07:00
Mariano Cano
00ebee870b
Do not show value on boolean flags help.
2019-08-01 13:13:50 -07:00
Mariano Cano
6592c4784b
Fix flag parsing after the configuration file
...
Fixes #52
2019-03-18 12:38:19 -07:00
Sebastian Tiedtke
70f0a0e182
It's 2019
2019-01-14 15:12:07 -08:00
Mariano Cano
3f0a55418c
Fix lint errors.
2018-11-26 18:28:07 -08:00
max furman
55d40a7f86
Change - overwrite help subcommand
2018-11-26 16:24:11 -05:00
max furman
054846d449
Fix version info CLI -> CA
2018-11-26 15:42:18 -05:00