mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-14 18:47:01 +02:00
Code Issues Projects Releases Wiki Activity
7,543 Commits 2,844 Branches 445 Tags 448 MiB
29551c0b1b
Commit Graph

24 Commits

Author SHA1 Message Date
Jeff Mitchell
7ff623706e Minor fixes from vet 2018-02-26 02:23:24 -05:00
Jeff Mitchell
2d22d8a99a Fix PKI tests by generating on-demand 2018-02-20 00:23:37 -05:00
Jeff Mitchell
5b14b464ff Sanitize pem encoding to Go default of a newline at the end rather than break backwards compat 2018-02-20 00:12:05 -05:00
Jeff Mitchell
7d73ac4c96 go vet fixes 2018-02-05 14:26:31 -05:00
dmwilcox
ad0a39dfe1 Update docs to reflect ability to load cold CA certs to output full chains. (#3740) 2018-01-03 10:59:18 -05:00
Chris Hoffman
10c8024fa3 Adding support for chained intermediate CAs in pki backend (#1694) 2016-09-27 17:50:17 -07:00
Jeff Mitchell
6f6d1f7237 Rename GetOctalFormatted and add serial number to ParsedCertBundle. Basically a noop. 2016-09-16 11:05:43 -04:00
vishalnayak
ddb6ae18a0 Fix invalid input getting marked as internal error 2016-07-28 16:23:11 -04:00
Jeff Mitchell
fda9473681 Trim leading/trailing space around PEM bundles. 
Fixes #1634
 2016-07-20 13:57:49 -04:00
vishalnayak
ef97199360 Added JSON Decode and Encode helpers. 
Changed all the occurances of Unmarshal to use the helpers.
Fixed http/ package tests.
 2016-07-06 12:25:40 -04:00
Adam Shannon
e0df8e9e88 all: Cleanup from running go vet 2016-04-13 14:38:29 -05:00
Andrew Stuart
dfc052a755
Move to pem.Block.Type-based decoding 2015-12-11 14:57:33 -07:00
Andrew Stuart
ceb74f956c
Update flag to field with format info 2015-12-10 21:02:31 -07:00
Andrew Stuart
c8d49c2d66 Add pkcs8 flag setting in ParsePEMBundle 2015-12-09 15:33:25 -07:00
Andrew Stuart
b59e15c33d Update ParsePEMBundle to properly handle pkcs#8 
Implementation based on be16001187/src/crypto/tls/tls.go (L273-L290)
 2015-12-09 15:29:13 -07:00
Jeff Mitchell
4f2f7a0e3b Mostly revert changes to certutil as the embedded struct stuff was being 
problematic.
 2015-11-19 14:18:39 -05:00
Jeff Mitchell
cb5514f3f3 Move public key comparison logic to its own function 2015-11-19 09:51:18 -05:00
Jeff Mitchell
b5423493ca Move serial number generation and key validation into certutil; centralize format and key verification 2015-11-19 09:51:18 -05:00
Jeff Mitchell
ba37e4bcb5 Add unit tests for CSR bundle conversion 2015-11-19 09:51:18 -05:00
Jeff Mitchell
4e73187837 Add support for EC CA keys, output to base64-encoded DER instead of PEM, and tests for all of those. Also note that Go 1.5 is now required. 2015-11-19 09:51:17 -05:00
Jeff Mitchell
2737066e09 Add delete method, and ability to delete only one serial as well as an entire set. 2015-11-03 10:52:20 -05:00
Jeff Mitchell
23ba605068 Refactor to allow only issuing CAs to be set and not have things blow up. This is useful/important for e.g. the Cassandra backend, where you may want to do TLS with a specific CA cert for server validation, but not actually do client authentication with a client cert. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-18 15:22:58 -04:00
Jeff Mitchell
c4256601f2 Restructure a little bit to make the helper library fully standalone. This makes it easier to move around later if desired, and for use by external programs. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-18 06:42:57 -04:00
Jeff Mitchell
31e680048e A lot of refactoring: move PEM bundle parsing into helper/certutil, so that it is usable by other backends that want to use it to get the necessary data for TLS auth. 
Also, enhance the raw cert bundle => parsed cert bundle to make it more useful and perform more validation checks.

More refactoring could be done within the PKI backend itself, but that can wait.

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-17 16:07:20 -04:00