Commit graph

12 commits

Author SHA1 Message Date
2de592d30c Implement command type handling
This commit changes the wire protocol to split between command
announcement and command payload to allow proper typing of sent and
received msgpack messages.

CRL fetching has been implemented as second command after the existing
health check command.
2022-11-20 18:59:37 +01:00
472091b374 Switch to logrus for structured logging 2022-11-20 10:07:02 +01:00
82a1284073 Rename intermediary CA to subordinate CA
This refactoring commit renames all occurrences of the term "intermediary CA"
to "subordinate CA" for better alignment with the terms used in RFC-5280 and
other standard documents.
2022-08-03 16:01:06 +02:00
60be959c24 Implement health check infrastructure
This commit adds health check capabilities to the hsm.Access and health
response data to the messages returned by the health command.
2022-08-03 15:45:27 +02:00
c2b987fd31 Allow hsm to use relative paths 2022-08-03 14:31:46 +02:00
0d69a9013d Refactor HSM setup
- create new type hsm.Access to encapsulate HSM operations
- make setup options operate on hsm.Access instances
- adapt tests and cmd/signer to work with hsm.Access
2022-08-03 09:59:26 +02:00
c532ec436a Improve test coverage of package hsm 2022-05-01 12:36:57 +02:00
baf6d0f037 Configure and apply golangci-lint 2022-04-24 09:25:04 +02:00
42c7dc7170 Improve config handling and test coverage 2022-04-23 18:34:51 +02:00
47d5b2afff Improve configuration, implement setup mode
- implement a dedicated setup mode for creating CA certificates that is
  triggered by the '-setup' command line flag
- switch to YAML configuration for comment support and more human
  readable syntax. Format documentation is in docs/config.sample.yaml
- move HSM related code to pkg/hsm
- improve consistency checks in pkg/config
2022-04-19 16:48:32 +02:00
24f9ef297c Extract variable for policy OID 2022-04-19 11:52:54 +02:00
de997913cf Implement configuration and CA hierarchy setup
This commit implements a mechanism to load CA configuration dynamically from
JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM
or Smartcard. Certificates are stored as PEM encoded .crt files in the
filesystem.

The default PKCS#11 module (softhsm2) is now loaded from a platform specific
path using go:build comments.
2022-04-16 22:24:32 +02:00