Merge branch 'master' into herman/scep-provisioner-decrypter

8 months ago · ffe079f31b
parent 0d66158bf1 e766ca7a38
commit ffe079f31b
25 changed files with 31 additions and 27 deletions
--- a/acme/api/account.go
+++ b/acme/api/account.go
@ -6,7 +6,7 @@ import (
 	"errors"
 	"net/http"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"

 	"github.com/smallstep/certificates/acme"
 	"github.com/smallstep/certificates/api/render"
--- a/acme/api/account_test.go
+++ b/acme/api/account_test.go
@ -13,7 +13,7 @@ import (
 	"testing"
 	"time"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	"github.com/pkg/errors"

 	"go.step.sm/crypto/jose"
--- a/acme/api/handler.go
+++ b/acme/api/handler.go
@ -9,7 +9,7 @@ import (
 	"net/http"
 	"time"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"

 	"github.com/smallstep/certificates/acme"
 	"github.com/smallstep/certificates/api"
--- a/acme/api/handler_test.go
+++ b/acme/api/handler_test.go
@ -15,7 +15,7 @@ import (
 	"testing"
 	"time"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	"github.com/google/go-cmp/cmp"
 	"github.com/pkg/errors"

--- a/acme/api/order.go
+++ b/acme/api/order.go
@ -10,7 +10,7 @@ import (
 	"strings"
 	"time"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"

 	"go.step.sm/crypto/randutil"
 	"go.step.sm/crypto/x509util"
--- a/acme/api/order_test.go
+++ b/acme/api/order_test.go
@ -15,7 +15,7 @@ import (
 	"testing"
 	"time"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	"github.com/pkg/errors"

 	"go.step.sm/crypto/pemutil"
--- a/acme/api/revoke_test.go
+++ b/acme/api/revoke_test.go
@ -21,7 +21,7 @@ import (
 	"testing"
 	"time"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	"github.com/google/go-cmp/cmp"
 	"github.com/pkg/errors"
 	"golang.org/x/crypto/ocsp"
--- a/acme/linker.go
+++ b/acme/linker.go
@ -8,7 +8,7 @@ import (
 	"net/url"
 	"strings"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	"github.com/smallstep/certificates/api/render"
 	"github.com/smallstep/certificates/authority"
 	"github.com/smallstep/certificates/authority/provisioner"
--- a/api/api.go
+++ b/api/api.go
@ -19,7 +19,7 @@ import (
 	"strings"
 	"time"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	"github.com/pkg/errors"
 	"go.step.sm/crypto/sshutil"
 	"golang.org/x/crypto/ssh"
--- a/api/api_test.go
+++ b/api/api_test.go
@ -26,7 +26,7 @@ import (
 	"testing"
 	"time"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	"github.com/pkg/errors"
 	sassert "github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
--- a/authority/admin/api/acme_test.go
+++ b/authority/admin/api/acme_test.go
@ -12,7 +12,7 @@ import (
 	"testing"
 	"time"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	"google.golang.org/protobuf/encoding/protojson"
 	"google.golang.org/protobuf/proto"
 	"google.golang.org/protobuf/types/known/timestamppb"
--- a/authority/admin/api/admin.go
+++ b/authority/admin/api/admin.go
@ -4,7 +4,7 @@ import (
 	"context"
 	"net/http"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"

 	"go.step.sm/linkedca"

--- a/authority/admin/api/admin_test.go
+++ b/authority/admin/api/admin_test.go
@ -11,7 +11,7 @@ import (
 	"testing"
 	"time"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-cmp/cmp/cmpopts"
 	"google.golang.org/protobuf/types/known/timestamppb"
--- a/authority/admin/api/middleware.go
+++ b/authority/admin/api/middleware.go
@ -4,7 +4,7 @@ import (
 	"errors"
 	"net/http"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"

 	"go.step.sm/linkedca"

--- a/authority/admin/api/middleware_test.go
+++ b/authority/admin/api/middleware_test.go
@ -11,7 +11,7 @@ import (
 	"testing"
 	"time"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-cmp/cmp/cmpopts"
 	"google.golang.org/protobuf/types/known/timestamppb"
--- a/authority/admin/api/provisioner.go
+++ b/authority/admin/api/provisioner.go
@ -4,7 +4,7 @@ import (
 	"fmt"
 	"net/http"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"

 	"go.step.sm/crypto/sshutil"
 	"go.step.sm/crypto/x509util"
--- a/authority/admin/api/provisioner_test.go
+++ b/authority/admin/api/provisioner_test.go
@ -12,7 +12,7 @@ import (
 	"testing"
 	"time"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-cmp/cmp/cmpopts"
 	"google.golang.org/protobuf/encoding/protojson"
--- a/authority/admin/api/webhook.go
+++ b/authority/admin/api/webhook.go
@ -6,7 +6,7 @@ import (
 	"net/http"
 	"net/url"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	"github.com/smallstep/certificates/api/read"
 	"github.com/smallstep/certificates/api/render"
 	"github.com/smallstep/certificates/authority/admin"
--- a/authority/admin/api/webhook_test.go
+++ b/authority/admin/api/webhook_test.go
@ -11,7 +11,7 @@ import (
 	"strings"
 	"testing"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	"github.com/smallstep/certificates/authority"
 	"github.com/smallstep/certificates/authority/admin"
 	"github.com/stretchr/testify/assert"
--- a/authority/provisioner/webhook.go
+++ b/authority/provisioner/webhook.go
@ -173,7 +173,9 @@ retry:
 	if err != nil {
 		return nil, err
 	}
-	sig := hmac.New(sha256.New, secret).Sum(reqBytes)
+	h := hmac.New(sha256.New, secret)
+	h.Write(reqBytes)
+	sig := h.Sum(nil)
 	req.Header.Set("X-Smallstep-Signature", hex.EncodeToString(sig))
 	req.Header.Set("X-Smallstep-Webhook-ID", w.ID)

--- a/authority/provisioner/webhook_test.go
+++ b/authority/provisioner/webhook_test.go
@ -482,7 +482,9 @@ func TestWebhook_Do(t *testing.T) {

 				secret, err := base64.StdEncoding.DecodeString(tc.webhook.Secret)
 				assert.FatalError(t, err)
-				mac := hmac.New(sha256.New, secret).Sum(body)
+				h := hmac.New(sha256.New, secret)
+				h.Write(body)
+				mac := h.Sum(nil)
 				assert.True(t, hmac.Equal(sig, mac))

 				switch {
--- a/ca/ca.go
+++ b/ca/ca.go
@ -15,8 +15,8 @@ import (
 	"sync"
 	"time"

-	"github.com/go-chi/chi"
-	"github.com/go-chi/chi/middleware"
+	"github.com/go-chi/chi/v5"
+	"github.com/go-chi/chi/v5/middleware"
 	"github.com/pkg/errors"
 	"github.com/smallstep/certificates/acme"
 	acmeAPI "github.com/smallstep/certificates/acme/api"
--- a/go.mod
+++ b/go.mod
@ -9,7 +9,7 @@ require (
 	github.com/dgraph-io/badger v1.6.2
 	github.com/dgraph-io/badger/v2 v2.2007.4
 	github.com/fxamacker/cbor/v2 v2.5.0
-	github.com/go-chi/chi v4.1.2+incompatible
+	github.com/go-chi/chi/v5 v5.0.10
 	github.com/golang/mock v1.6.0
 	github.com/google/go-cmp v0.5.9
 	github.com/google/go-tpm v0.9.0
--- a/go.sum
+++ b/go.sum
@ -144,8 +144,8 @@ github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMo
 github.com/fxamacker/cbor/v2 v2.5.0 h1:oHsG0V/Q6E/wqTS2O1Cozzsy69nqCiguo5Q1a1ADivE=
 github.com/fxamacker/cbor/v2 v2.5.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
-github.com/go-chi/chi v4.1.2+incompatible h1:fGFk2Gmi/YKXk0OmGfBh0WgmN3XB8lVnEyNz34tQRec=
-github.com/go-chi/chi v4.1.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ=
+github.com/go-chi/chi/v5 v5.0.10 h1:rLz5avzKpjqxrYwXNfmjkrYYXOyLJd37pz53UFHC6vk=
+github.com/go-chi/chi/v5 v5.0.10/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
 github.com/go-jose/go-jose/v3 v3.0.0 h1:s6rrhirfEP/CGIoc6p+PZAeogN2SxKav6Wp7+dyMWVo=
 github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8=
 github.com/go-kit/kit v0.4.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
--- a/scep/api/api.go
+++ b/scep/api/api.go
@ -12,7 +12,7 @@ import (
 	"net/url"
 	"strings"

-	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/v5"
 	microscep "github.com/micromdm/scep/v2/scep"
 	"go.mozilla.org/pkcs7"