Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,040 Commits
41 Branches
214 Tags
91 MiB
master
mariano/signer
dependabot/go_modules/github.com/slackhq/nebula-1.9.0
wire-acme-extensions
mariano/init-provisioners
fix-1637
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'herman/fix-nebula-curve-param'
${ noResults }
Commit Graph

4040 Commits (herman/fix-nebula-curve-param)
 

Author SHA1 Message Date
Herman Slatman c3c4287010
Support `ECDSA P-256` public keys in Nebula token validation 5 months ago
Herman Slatman 26248e8f8e
Fix Nebula sign operations requiring curve to be specified 5 months ago
dependabot[bot] fc22ecc3af
Bump github.com/slackhq/nebula from 1.6.1 to 1.8.1 
Bumps [github.com/slackhq/nebula](https://github.com/slackhq/nebula) from 1.6.1 to 1.8.1.
- [Release notes](https://github.com/slackhq/nebula/releases)
- [Changelog](https://github.com/slackhq/nebula/blob/master/CHANGELOG.md)
- [Commits](https://github.com/slackhq/nebula/compare/v1.6.1...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/slackhq/nebula
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
github-actions[bot] 4a580f59fb
Merge pull request #1649 from smallstep/dependabot/go_modules/google.golang.org/api-0.154.0 
Bump google.golang.org/api from 0.153.0 to 0.154.0
 5 months ago
dependabot[bot] 56daa26900
Bump google.golang.org/api from 0.153.0 to 0.154.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.153.0 to 0.154.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.153.0...v0.154.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
github-actions[bot] 9eecd12fc2
Merge pull request #1651 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.29.0 
Bump github.com/newrelic/go-agent/v3 from 3.28.1 to 3.29.0
 5 months ago
github-actions[bot] 40c58cb1ec
Merge pull request #1650 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.60.0 
Bump google.golang.org/grpc from 1.59.0 to 1.60.0
 5 months ago
github-actions[bot] 9780cf7b80
Merge pull request #1648 from smallstep/dependabot/go_modules/github.com/google/uuid-1.5.0 
Bump github.com/google/uuid from 1.4.0 to 1.5.0
 5 months ago
github-actions[bot] 0e3964ee80
Merge pull request #1652 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.17.0 
Bump golang.org/x/crypto from 0.16.0 to 0.17.0
 5 months ago
dependabot[bot] 5d446dedd6
Bump golang.org/x/crypto from 0.16.0 to 0.17.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
dependabot[bot] 46237b8638
Bump github.com/newrelic/go-agent/v3 from 3.28.1 to 3.29.0 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.28.1 to 3.29.0.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.28.1...v3.29.0)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
dependabot[bot] 33e6f2bae2
Bump google.golang.org/grpc from 1.59.0 to 1.60.0 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.59.0 to 1.60.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.59.0...v1.60.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
dependabot[bot] 2a5a65161c
Bump github.com/google/uuid from 1.4.0 to 1.5.0 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
Mariano Cano 62e09de2c6
Merge pull request #1647 from smallstep/go-jose 
Upgrade go.step.sm/crypto to use go-jose/v3
 5 months ago
Mariano Cano b20af51f32
Upgrade go.step.sm/crypto to use go-jose/v3 5 months ago
github-actions[bot] 2c42907b4e
Merge pull request #1645 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.39.0 
Bump go.step.sm/crypto from 0.38.0 to 0.39.0
 5 months ago
github-actions[bot] ecc47c8e18
Merge pull request #1646 from smallstep/dependabot/go_modules/google.golang.org/api-0.153.0 
Bump google.golang.org/api from 0.152.0 to 0.153.0
 5 months ago
Carl Tashian 4d0c684e88
Merge pull request #1640 from smallstep/carl/debian-bookworm 
Update Dockerfile.hsm to use Debian bookworm
 5 months ago
dependabot[bot] 6fcfb7a737
Bump google.golang.org/api from 0.152.0 to 0.153.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.152.0 to 0.153.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.152.0...v0.153.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
dependabot[bot] 9aee8fde06
Bump go.step.sm/crypto from 0.38.0 to 0.39.0 
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.38.0 to 0.39.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.38.0...v0.39.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
Carl Tashian bd46d94238
Merge branch 'master' into carl/debian-bookworm 6 months ago
github-actions[bot] c25273d7a7
Merge pull request #1638 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.28.1 
Bump github.com/newrelic/go-agent/v3 from 3.28.0 to 3.28.1
 6 months ago
Carl Tashian 38140c5765
Update Dockerfile.hsm to use Debian bookworm 6 months ago
dependabot[bot] 439ace3086
Bump github.com/newrelic/go-agent/v3 from 3.28.0 to 3.28.1 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.28.0 to 3.28.1.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.28.0...v3.28.1)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
Herman Slatman f453323ba9
Merge pull request #1631 from smallstep/herman/fix-apple-acmeclient-invalid-signatures 6 months ago
Herman Slatman 405aae798c
Simplify the `copy` logic used when patching JWS signature 6 months ago
Max 7bfe11c687
Bump go.step.sm/crypto (#1635) 6 months ago
Max d34f0f6a97
Fix linter warnings (#1634) 6 months ago
Herman Slatman 26a3bb3c11
Make the Apple JWS fix more robust and catch more cases. 6 months ago
Herman Slatman 31ba1b33fb
Merge pull request #1633 from smallstep/update-changelog-20231122 
Set `v0.25.1` release date
 6 months ago
Herman Slatman 528aad86dd
Set `v0.25.1` release date 6 months ago
Herman Slatman 3bb469274d
Merge pull request #1632 from smallstep/update-changelog-20231122 
Update changelog for `v0.25.1` release
 6 months ago
Herman Slatman f01b48fdcd
Update changelog for `v0.25.1` release 6 months ago
Herman Slatman 113491e7af
Remove TODO for patching other algorithms for Apple ACME client 6 months ago
Herman Slatman 06f4cbbcda
Add (temporary) fix for missing null bytes in Apple JWS signatures 
Apparently the Apple macOS (and iOS?) ACME client seems to omit
leading null bytes from JWS signatures. The base64-url encoded
bytes decode to a shorter byte slice than what the JOSE library
expects (e.g. 63 bytes instead of 64 bytes for ES256), and then
results in a `jose.ErrCryptoFailure`.

This commit retries verification of the JWS in case the first
verification fails with `jose.ErrCryptoFailure`. The signatures are
checked to be of the correct length, and if not, null bytes are
prepended to the signature. Then verification is retried, which
might fail again, but for other reasons. On success, the payload
is returned.

Apple should fix this in their ACME client, but in the meantime
this commit prevents some "bad request" error cases from happening.
 6 months ago
github-actions[bot] cf6e189d7c
Merge pull request #1629 from smallstep/dependabot/go_modules/github.com/go-jose/go-jose/v3-3.0.1 
Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1
 6 months ago
dependabot[bot] 350ad9006c
Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/v3/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
github-actions[bot] 1dacf50776
Merge pull request #1626 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.37.0 
Bump go.step.sm/crypto from 0.36.1 to 0.37.0
 6 months ago
dependabot[bot] 66df354f2f
Bump go.step.sm/crypto from 0.36.1 to 0.37.0 
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.36.1 to 0.37.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.36.1...v0.37.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
github-actions[bot] c6db7673bf
Merge pull request #1628 from smallstep/dependabot/go_modules/google.golang.org/api-0.151.0 
Bump google.golang.org/api from 0.150.0 to 0.151.0
 6 months ago
github-actions[bot] a36cf81d6a
Merge pull request #1627 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.28.0 
Bump github.com/newrelic/go-agent/v3 from 3.27.0 to 3.28.0
 6 months ago
dependabot[bot] 5b07ae7f52
Bump google.golang.org/api from 0.150.0 to 0.151.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.150.0 to 0.151.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.150.0...v0.151.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
dependabot[bot] 74597e6fbb
Bump github.com/newrelic/go-agent/v3 from 3.27.0 to 3.28.0 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.27.0 to 3.28.0.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.27.0...v3.28.0)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
github-actions[bot] 8308e1ac54
Merge pull request #1619 from smallstep/dependabot/go_modules/golang.org/x/net-0.18.0 
Bump golang.org/x/net from 0.17.0 to 0.18.0
 6 months ago
dependabot[bot] 6826ca9ebb
Bump golang.org/x/net from 0.17.0 to 0.18.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.18.0.
- [Commits](https://github.com/golang/net/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
github-actions[bot] 4f6ca083aa
Merge pull request #1620 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.15.0 
Bump golang.org/x/crypto from 0.14.0 to 0.15.0
 6 months ago
dependabot[bot] 2eefd2ce63
Bump golang.org/x/crypto from 0.14.0 to 0.15.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
github-actions[bot] 6ebd5264ec
Merge pull request #1621 from smallstep/dependabot/go_modules/google.golang.org/api-0.150.0 
Bump google.golang.org/api from 0.149.0 to 0.150.0
 6 months ago
dependabot[bot] 48d9ea188b
Bump google.golang.org/api from 0.149.0 to 0.150.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.149.0 to 0.150.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.149.0...v0.150.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
Herman Slatman a4b7bbf2d9
Merge pull request #1617 from smallstep/herman/scep-webhook-provisioner-name 
Add `provisionerName` to SCEP webhook request body
 6 months ago