luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/website/content/api-docs/secret
History
Steven Clark 10ecf10248
PKI: Add support for signature_bits param to the intermediate/generate api (#17388) 
* PKI: Add support for signature_bits param to the intermediate/generate api

 - Mainly to work properly with GCP backed managed keys, we need to
   issue signatures that would match the GCP key algorithm.
 - At this time due to https://github.com/golang/go/issues/45990 we
   can't issue PSS signed CSRs, as the libraries in Go always request
   a PKCS1v15.
 - Add an extra check in intermediate/generate that validates the CSR's
   signature before providing it back to the client in case we generated
   a bad signature such as if an end-user used a GCP backed managed key
   with a RSA PSS algorithm.
   - GCP ignores the requested signature type and always signs with the
     key's algorithm which can lead to a CSR that says it is signed with
     a PKCS1v15 algorithm but is actually a RSA PSS signature

* Add cl

* PR feedback
2022-10-03 12:39:54 -04:00
..
databases docs/api-docs for Redis (#17029) 2022-09-23 10:25:43 -05:00
identity website: content updates for developer (#17035) 2022-09-22 08:11:04 -07:00
key-management Fix missing quote in docs (#14277) 2022-02-25 09:02:08 -08:00
kv website: content updates for developer (#17035) 2022-09-22 08:11:04 -07:00
ad.mdx VAULT-6091 Document Duration Format String (#15920) 2022-06-13 08:51:07 -04:00
alicloud.mdx
aws.mdx Docs: API AWS Secrets Formatting (#16797) 2022-08-25 15:11:56 -07:00
azure.mdx website: content updates for developer (#17035) 2022-09-22 08:11:04 -07:00
cassandra.mdx website: content updates for developer (#17035) 2022-09-22 08:11:04 -07:00
consul.mdx website: content updates for developer (#17035) 2022-09-22 08:11:04 -07:00
cubbyhole.mdx Replace docs references to PUT with POST (#14270) 2022-02-25 06:52:24 -08:00
gcp.mdx website: content updates for developer (#17035) 2022-09-22 08:11:04 -07:00
gcpkms.mdx
index.mdx
kmip.mdx Add new KMIP backend operation parameters to API documentation. (#16107) 2022-06-22 13:28:03 -04:00
kubernetes.mdx [Kubernetes Secret Engine]: Role namespace configuration possible via LabelSelector (#16240) 2022-07-19 13:11:45 -05:00
mongodbatlas.mdx secrets/mongodbatlas: adds missing organization_id to API docs (#15624) 2022-05-26 08:08:29 -07:00
nomad.mdx website: content updates for developer (#17035) 2022-09-22 08:11:04 -07:00
openldap.mdx VAULT-6091 Document Duration Format String (#15920) 2022-06-13 08:51:07 -04:00
pki.mdx PKI: Add support for signature_bits param to the intermediate/generate api (#17388) 2022-10-03 12:39:54 -04:00
rabbitmq.mdx
ssh.mdx Mention allowed_users and allowed_domains are comma separated lists (#16877) 2022-08-24 16:17:20 -07:00
terraform.mdx website: content updates for developer (#17035) 2022-09-22 08:11:04 -07:00
totp.mdx Rename master key -> root key in docs (#14542) 2022-03-16 22:01:38 -07:00
transform.mdx Transform BYOK Documentation (#17121) 2022-09-22 10:56:12 -05:00
transit.mdx website: content updates for developer (#17035) 2022-09-22 08:11:04 -07:00