open-vault

History

Alexander Scheel ad3a093b40 Prevent PSS with Go-incompatible CAs, CSRs, Private Keys (#17223 ) * Fix interoperability concerns with PSS When Go parses a certificate with rsaPSS OID, it will accept this certificate but not parse the SubjectPublicKeyInfo, leaving the PublicKeyAlgorithm and PublicKey fields blank, but otherwise not erring. The same behavior occurs with rsaPSS OID CSRs. On the other hand, when Go parses rsaPSS OID PKCS8 private keys, these keys will fail to parse completely. Thus, detect and fail on any empty PublicKey certs and CSRs, warning the user that we cannot parse these correctly and thus refuse to operate. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Run more PKI tests in parallel Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add notes about PSS shortcomings to considerations Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>		2022-09-20 17:30:58 -04:00
..
api-docs	Bring back managed key documentation update from ENT to OSS (#17190 )	2022-09-19 11:46:30 -04:00
docs	Prevent PSS with Go-incompatible CAs, CSRs, Private Keys (#17223 )	2022-09-20 17:30:58 -04:00
partials	Update docs for helm 0.22.0 (#17072 )	2022-09-08 15:30:32 -07:00
security.mdx	Implement MDX Remote (#10581 )	2020-12-17 16:53:33 -05:00