I hereby claim:
- I am maraino on github.
- I am mariano (https://keybase.io/mariano) on keybase.
- I have a public key whose fingerprint is BD96 1B9F CB6C CE22 5ABE AD95 6813 0D20 3189 2F1A
To claim this, I am signing this object:
Mariano Cano maraino
maraino
/ keybase.md
Created
March 6, 2014 23:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "log" | |
| "net/http" | |
| ) | |
| func panicMiddleware(next http.Handler) http.Handler { | |
| return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { | |
| defer func() { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| commit fc346d83bb0cca8b617358b275cb678a41aaeb4f | |
| Author: Mariano Cano <mariano.cano@gmail.com> | |
| Date: Mon Jan 20 17:33:23 2020 | |
| ssh: support for ecdsa keys using openssh format. | |
| This adds support for parsing OpenSSH ECDSA private keys. It | |
| implements parsing for P-256, P-384, and P-521 unencrypted keys. | |
| Change-Id: I77c8e0a23ed6353f6667686cc79ec14661cb10db |
maraino
/ ca-chain.txt
Last active
November 2, 2020 22:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ step version | |
| Smallstep CLI/0.15.3 (darwin/amd64) | |
| Release Date: 2020-10-22 04:29 UTC | |
| $ step certificate create 'My Root CA' root_ca.crt root_ca_key --profile root-ca | |
| Please enter the password to encrypt the private key: | |
| Your certificate has been saved in root_ca.crt. | |
| Your private key has been saved in root_ca_key. | |
| $ step certificate create 'My Intermediate CA' intermediate_ca.crt intermediate_ca_key --profile intermediate-ca --ca root_ca.crt --ca-key root_ca_key |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package sshkms | |
| import ( | |
| "bytes" | |
| "context" | |
| "crypto" | |
| "io" | |
| "net" | |
| "os" |
maraino
/ renew-after-expiry-v0.md
Last active
August 11, 2021 21:04
This document describes the process to allow step-ca to renew a certificate after it has expired.
The classic way to renew a certificate on step-ca is to do an empty POST to
the /renew endpoint using a valid client certificate. The request will go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "crypto/sha256" | |
| "fmt" | |
| "io" | |
| "log" | |
| "os" | |
| ) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "log" | |
| "os" | |
| "os/exec" | |
| "os/signal" | |
| "syscall" | |
| "time" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| set -e | |
| # prepare copy directory | |
| mkdir -p /crl/db/ | |
| # clean leftovers | |
| rm -f /crl/db/* | |
| # make a copy of badger db |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| KMS="pkcs11:module-path=/usr/local/lib/softhsm/libsofthsm2.so;token=smallstep?pin-value=password" | |
| KEY="pkcs11:id=2001" | |
| ALG="ES256" | |
| KID=$(step kms key --kms "${KMS}" "${KEY}" | step crypto key format --jwk | step crypto jwk thumbprint) | |
| AUD="https://ca.smallstep.com:9000/1.0/sign" |