luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/builtin/logical/pki
History
Steven Clark baf66ff56e
Apply URL encoding/unencoding to OCSP Get requests (#18938) 
* Apply URL encoding/unencoding to OCSP Get requests

 - Missed this during development and sadly the unit tests were written
   at a level that did not expose this issue originally, there are
   certain combinations of issuer cert + serial that lead to base64
   data containing a '/' which will lead to the OCSP handler not getting
   the full parameter.
 - Do as the spec says, this should be treated as url-encoded data.

* Add cl

* Add higher level PKI OCSP GET/POST tests

* Rename PKI ocsp files to path_ocsp to follow naming conventions

* make fmt
2023-02-01 11:03:43 -05:00
..
cmd/pki Update to api 1.0.1 and sdk 0.1.8 2019-04-15 14:10:07 -04:00
backend.go PKI Unified CRL/OCSP apis should be ent only (#18913) 2023-02-01 08:35:14 -05:00
backend_test.go Fix race in tidy status with cert counting (#18899) 2023-01-30 14:13:40 -05:00
ca_test.go Add issuer reference info on JSON endpoint (#18482) 2022-12-19 21:39:01 +00:00
ca_util.go Vault 9406 enablement certs need userid handling in role (#18397) 2023-01-25 13:13:54 -05:00
cert_util.go Vault 9406 enablement certs need userid handling in role (#18397) 2023-01-25 13:13:54 -05:00
cert_util_test.go Refactor PKI to use shared storage context (#18266) 2022-12-08 09:27:02 -05:00
chain_test.go Add t.Helper() to various PKI test helper methods (#18881) 2023-01-27 17:29:11 +00:00
chain_util.go PKI - Fix order of chain building writes (#17772) 2022-11-03 11:50:03 -04:00
config_util.go Refactor CRL Building for unified CRLs (#18754) 2023-01-18 15:05:14 -05:00
crl_test.go Refactor an ENT test helper back to OSS to wait for updated CRLs within PKI tests (#18933) 2023-02-01 08:47:26 -05:00
crl_util.go Allow unification of revocations on other clusters (#18873) 2023-01-27 16:34:04 +00:00
fields.go Add tidy of cross-cluster revoked storage (#18860) 2023-01-26 13:30:57 -05:00
integration_test.go Respond with data to all writes in PKI engine (#18222) 2022-12-05 10:40:39 -05:00
key_util.go Refactor PKI storage calls to take a shared struct (#16019) 2022-06-29 12:00:44 -04:00
managed_key_util.go secret/pki: Return correct algorithm type from key fetch API for managed keys (#15468) 2022-05-17 11:36:14 -04:00
path_config_ca.go Move from %v->%w for errs (#17860) 2022-11-09 15:40:26 -05:00
path_config_cluster.go Add cluster_aia_path templating variable (#18493) 2023-01-10 09:51:37 -05:00
path_config_crl.go Unified revocation migration code (#18866) 2023-01-27 15:49:20 +00:00
path_config_urls.go Add cluster_aia_path templating variable (#18493) 2023-01-10 09:51:37 -05:00
path_fetch.go PKI Unified CRL/OCSP apis should be ent only (#18913) 2023-02-01 08:35:14 -05:00
path_fetch_issuers.go Add unified crl building (#18792) 2023-01-23 19:17:34 +00:00
path_fetch_keys.go Refactor PKI storage calls to take a shared struct (#16019) 2022-06-29 12:00:44 -04:00
path_intermediate.go PKI: Add support for signature_bits param to the intermediate/generate api (#17388) 2022-10-03 12:39:54 -04:00
path_issue_sign.go Vault 9406 enablement certs need userid handling in role (#18397) 2023-01-25 13:13:54 -05:00
path_manage_issuers.go Refactor PKI to use shared storage context (#18266) 2022-12-08 09:27:02 -05:00
path_manage_keys.go Refactor PKI storage calls to take a shared struct (#16019) 2022-06-29 12:00:44 -04:00
path_manage_keys_test.go Move pki docker tests to pkiext (#17928) 2022-11-14 18:26:26 -05:00
path_ocsp.go Apply URL encoding/unencoding to OCSP Get requests (#18938) 2023-02-01 11:03:43 -05:00
path_ocsp_test.go Apply URL encoding/unencoding to OCSP Get requests (#18938) 2023-02-01 11:03:43 -05:00
path_resign_crls.go New PKI API to generate and sign a CRL based on input data (#18040) 2022-11-22 11:41:04 -05:00
path_resign_crls_test.go Add t.Helper() to various PKI test helper methods (#18881) 2023-01-27 17:29:11 +00:00
path_revoke.go Return a detailed list response for unified-revoked API endpoint (#18862) 2023-01-26 19:12:35 +00:00
path_roles.go Vault 9406 enablement certs need userid handling in role (#18397) 2023-01-25 13:13:54 -05:00
path_roles_test.go Move pki docker tests to pkiext (#17928) 2022-11-14 18:26:26 -05:00
path_root.go Allow tidy to backup legacy CA bundles (#18645) 2023-01-11 12:12:53 -05:00
path_sign_issuers.go Add PSS support to PKI Secrets Engine (#16519) 2022-08-03 12:42:24 -04:00
path_tidy.go Fix race in tidy status with cert counting (#18899) 2023-01-30 14:13:40 -05:00
path_tidy_test.go Add cross-cluster revocation queues for PKI (#18784) 2023-01-23 09:29:27 -05:00
periodic.go Unified revocation migration code (#18866) 2023-01-27 15:49:20 +00:00
secret_certs.go Add support for revoke by serial number to update the unified CRL (#18786) 2023-01-23 10:22:10 -05:00
storage.go Unified revocation migration code (#18866) 2023-01-27 15:49:20 +00:00
storage_migrations.go PKI - Fix order of chain building writes (#17772) 2022-11-03 11:50:03 -04:00
storage_migrations_test.go Add t.Helper() to various PKI test helper methods (#18881) 2023-01-27 17:29:11 +00:00
storage_test.go Move pki docker tests to pkiext (#17928) 2022-11-14 18:26:26 -05:00
storage_unified.go Return a detailed list response for unified-revoked API endpoint (#18862) 2023-01-26 19:12:35 +00:00
test_helpers.go Refactor an ENT test helper back to OSS to wait for updated CRLs within PKI tests (#18933) 2023-02-01 08:47:26 -05:00
util.go Unified revocation migration code (#18866) 2023-01-27 15:49:20 +00:00