luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
2166 commits 1 branch 0 tags 214 MiB
Commit graph

8 commits

Author SHA1 Message Date
Jeff Mitchell 54fccb2ff4 Add support for EC CA keys, output to base64-encoded DER instead of PEM, and tests for all of those. Also note that Go 1.5 is now required. 2015-11-19 09:51:17 -05:00
Jeff Mitchell b2df079446 Add unit tests to test signing logic, fix up test logic for names 2015-11-19 09:51:17 -05:00
Jeff Mitchell 1cec03d9ca Implement CA cert/CSR generation. CA certs can be self-signed or 
generate an intermediate CSR, which can be signed.
 2015-11-19 09:51:17 -05:00
Jeff Mitchell 390f769d1a Add unit tests for certutil, and fix a whitespace stripping issue. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-19 16:06:56 -04:00
Jeff Mitchell a6fc48b854 A few things: 
* Add comments to every non-obvious (e.g. not basic read/write handler type) function
* Remove revoked/ endpoint, at least for now
* Add configurable CRL lifetime
* Cleanup
* Address some comments from code review

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-19 12:48:18 -04:00
Jeff Mitchell 34f495a354 Refactor to allow only issuing CAs to be set and not have things blow up. This is useful/important for e.g. the Cassandra backend, where you may want to do TLS with a specific CA cert for server validation, but not actually do client authentication with a client cert. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-18 15:22:58 -04:00
Jeff Mitchell 9e00ca769a Restructure a little bit to make the helper library fully standalone. This makes it easier to move around later if desired, and for use by external programs. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-18 06:42:57 -04:00
Jeff Mitchell 29e7ec3e21 A lot of refactoring: move PEM bundle parsing into helper/certutil, so that it is usable by other backends that want to use it to get the necessary data for TLS auth. 
Also, enhance the raw cert bundle => parsed cert bundle to make it more useful and perform more validation checks.

More refactoring could be done within the PKI backend itself, but that can wait.

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-17 16:07:20 -04:00