pomerium/pkg/cryptutil
Kenneth Jenkins cc1ef1ae18
cryptutil: update CRL parsing (#4454)
Move the parseCRLs() method from package 'authorize/evaluator' to
'pkg/cryptutil', replacing the existing DecodeCRL() method. This method
will parse all CRLs found in the PEM input, rather than just the first.

(This removes our usage of the deprecated method x509.ParseDERCRL.)

Update this method to return an error if there is non-PEM data found in
the input, to satisfy the existing test that raw DER-encoded CRLs are
not permitted.

Delete the CRLFromBase64() and CRLFromFile() methods, as these are no
longer used.
2023-08-11 08:33:22 -07:00
..
testdata cryptutil: update CRL parsing (#4454) 2023-08-11 08:33:22 -07:00
certificates.go cryptutil: update CRL parsing (#4454) 2023-08-11 08:33:22 -07:00
certificates_index.go config: update logic for checking overlapping certificates (#4216) 2023-06-01 09:30:46 -06:00
certificates_index_test.go config: update logic for checking overlapping certificates (#4216) 2023-06-01 09:30:46 -06:00
certificates_test.go cryptutil: update CRL parsing (#4454) 2023-08-11 08:33:22 -07:00
dek.go upgrade to golang-lru v2 (#3771) 2022-12-02 09:25:52 -07:00
dek_test.go cryptutil: add envelope encryption w/key encryption key and data encryption key (#2020) 2021-03-26 06:57:35 -06:00
doc.go cryptutil: move to pkg dir, add token generator (#1029) 2020-06-30 15:55:33 -06:00
encrypt.go cryptutil: more explicit decryption error (#1607) 2020-11-23 07:57:30 -08:00
encrypt_test.go cryptutil: more explicit decryption error (#1607) 2020-11-23 07:57:30 -08:00
hash.go use incremental API for envoy xDS (#1732) 2021-01-05 12:45:55 -07:00
hash_test.go remove deprecated ioutil usages (#2877) 2021-12-30 10:02:12 -08:00
helpers.go postgres: databroker storage backend (#3370) 2022-05-25 10:23:58 -06:00
helpers_test.go cryptutil: move to pkg dir, add token generator (#1029) 2020-06-30 15:55:33 -06:00
hmac.go cryptutil: use bytes for hmac (#2067) 2021-04-07 14:57:24 -06:00
hmac_test.go chore: unnecessary use of fmt.Sprintf (#4349) 2023-07-12 09:44:29 -07:00
jose.go options: support multiple signing keys (#3828) 2022-12-22 09:31:09 -07:00
jose_test.go config: remove signature_key_algorithm (#2557) 2021-09-02 11:36:43 -06:00
kek.go chore(deps): bump github.com/golangci/golangci-lint from 1.48.0 to 1.50.0 (#3667) 2022-10-19 09:36:59 -06:00
kek_test.go cryptutil: always use kek public id, add x509 support (#2066) 2021-04-07 09:44:36 -07:00
sign.go cryptutil: move to pkg dir, add token generator (#1029) 2020-06-30 15:55:33 -06:00
sign_test.go cryptutil: move to pkg dir, add token generator (#1029) 2020-06-30 15:55:33 -06:00
tls.go config: generate derived certificates instead of self-signed certificates (#3860) 2023-01-06 12:50:40 -07:00
tls_test.go cryptutil: generate certificates from deriveca (#3992) 2023-02-23 08:38:56 -07:00
token.go dependencies: vendor base58, remove shortuuid (#2739) 2021-11-02 09:23:15 -06:00
token_test.go cryptutil: add SecureToken (#2681) 2021-10-14 18:48:41 -06:00
x509.go config: remove source, remove deadcode, fix linting issues (#4118) 2023-04-21 17:25:11 -06:00
x509_test.go chore(deps): bump github.com/golangci/golangci-lint from 1.48.0 to 1.50.0 (#3667) 2022-10-19 09:36:59 -06:00