micromdm · jessepeterson · Jul 15, 2024 · Jun 4, 2024 · Jun 4, 2024 · Jun 4, 2024
diff --git a/README.md b/README.md
@@ -175,58 +175,6 @@ docker run -it --rm -v /path/to/ca/folder:/depot micromdm/scep:latest ca -init
 docker run -it --rm -v /path/to/ca/folder:/depot -p 8080:8080 micromdm/scep:latest
 ```
 
-## SCEP library
-
-The core `scep` library can be used for both client and server operations.
-
-```
-go get github.com/micromdm/scep/scep
-```
-
-For detailed usage, see the [Go Reference](https://pkg.go.dev/github.com/micromdm/scep/v2/scep).
-
-Example (server):
-
-```go
-// read a request body containing SCEP message
-body, err := ioutil.ReadAll(r.Body)
-if err != nil {
-    // handle err
-}
-
-// parse the SCEP message
-msg, err := scep.ParsePKIMessage(body)
-if err != nil {
-    // handle err
-}
-
-// do something with msg
-fmt.Println(msg.MessageType)
-
-// extract encrypted pkiEnvelope
-err := msg.DecryptPKIEnvelope(CAcert, CAkey)
-if err != nil {
-    // handle err
-}
-
-// use the CSR from decrypted PKCS request and sign
-// MyCSRSigner returns an *x509.Certificate here
-crt, err := MyCSRSigner(msg.CSRReqMessage.CSR)
-if err != nil {
-    // handle err
-}
-
-// create a CertRep message from the original
-certRep, err := msg.Success(CAcert, CAkey, crt)
-if err != nil {
-    // handle err
-}
-
-// send response back
-// w is a http.ResponseWriter
-w.Write(certRep.Raw)
-```
-
 ## Server library
 
 You can import the scep endpoint into another Go project. For an example take a look at [scepserver.go](cmd/scepserver/scepserver.go).

diff --git a/challenge/challenge.go b/challenge/challenge.go
@@ -6,8 +6,9 @@ import (
 	"crypto/x509"
 	"errors"
 
-	"github.com/micromdm/scep/v2/scep"
 	scepserver "github.com/micromdm/scep/v2/server"
+
+	"github.com/smallstep/scep"
 )
 
 // Validator validates challenge passwords.

diff --git a/challenge/challenge_bolt_test.go b/challenge/challenge_bolt_test.go
@@ -7,10 +7,10 @@ import (
 	"testing"
 
 	challengestore "github.com/micromdm/scep/v2/challenge/bolt"
-	"github.com/micromdm/scep/v2/scep"
 	scepserver "github.com/micromdm/scep/v2/server"
 
 	"github.com/boltdb/bolt"
+	"github.com/smallstep/scep"
 )
 
 func TestDynamicChallenge(t *testing.T) {

diff --git a/cmd/scepclient/scepclient.go b/cmd/scepclient/scepclient.go
@@ -17,11 +17,11 @@ import (
 	"time"
 
 	scepclient "github.com/micromdm/scep/v2/client"
-	"github.com/micromdm/scep/v2/scep"
 
 	"github.com/go-kit/kit/log"
 	"github.com/go-kit/kit/log/level"
 	"github.com/pkg/errors"
+	"github.com/smallstep/scep"
 )
 
 // version info

diff --git a/csrverifier/csrverifier.go b/csrverifier/csrverifier.go
@@ -6,8 +6,8 @@ import (
 	"crypto/x509"
 	"errors"
 
-	"github.com/micromdm/scep/v2/scep"
 	scepserver "github.com/micromdm/scep/v2/server"
+	"github.com/smallstep/scep"
 )
 
 // CSRVerifier verifies the raw decrypted CSR.

diff --git a/depot/signer.go b/depot/signer.go
@@ -6,7 +6,7 @@ import (
 	"time"
 
 	"github.com/micromdm/scep/v2/cryptoutil"
-	"github.com/micromdm/scep/v2/scep"
+	"github.com/smallstep/scep"
 )
 
 // Signer signs x509 certificates and stores them in a Depot

diff --git a/go.mod b/go.mod
@@ -5,13 +5,11 @@ go 1.16
 require (
 	github.com/boltdb/bolt v1.3.1
 	github.com/go-kit/kit v0.4.0
-	github.com/go-logfmt/logfmt v0.3.0 // indirect
-	github.com/go-stack/stack v1.6.0 // indirect
 	github.com/gorilla/context v0.0.0-20160226214623-1ea25387ff6f // indirect
 	github.com/gorilla/mux v1.4.0
 	github.com/groob/finalizer v0.0.0-20170707115354-4c2ed49aabda
-	github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515 // indirect
 	github.com/pkg/errors v0.8.0
-	github.com/smallstep/pkcs7 v0.0.0-20231107075624-be1870d87d13
+	github.com/smallstep/pkcs7 v0.0.0-20231107075624-be1870d87d13 // indirect
+	github.com/smallstep/scep v0.0.0-20240214080410-892e41795b99
 	golang.org/x/net v0.23.0 // indirect
 )
diff --git a/go.sum b/go.sum
@@ -2,8 +2,8 @@ github.com/boltdb/bolt v1.3.1 h1:JQmyP4ZBrce+ZQu0dY660FMfatumYDLun9hBCUVIkF4=
 github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps=
 github.com/go-kit/kit v0.4.0 h1:KeVK+Emj3c3S4eRztFuzbFYb2BAgf2jmwDwyXEri7Lo=
 github.com/go-kit/kit v0.4.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
-github.com/go-logfmt/logfmt v0.3.0 h1:8HUsc87TaSWLKwrnumgC8/YconD2fJQsRJAsWaPg2ic=
-github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
+github.com/go-logfmt/logfmt v0.5.1 h1:otpy5pqBCBZ1ng9RQ0dPu4PN7ba75Y/aA+UpowDyNVA=
+github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs=
 github.com/go-stack/stack v1.6.0 h1:MmJCxYVKTJ0SplGKqFVX3SBnmaUhODHZrrFF6jMbpZk=
 github.com/go-stack/stack v1.6.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/gorilla/context v0.0.0-20160226214623-1ea25387ff6f h1:9oNbS1z4rVpbnkHBdPZU4jo9bSmrLpII768arSyMFgk=
@@ -12,12 +12,13 @@ github.com/gorilla/mux v1.4.0 h1:N6R8isjoRv7IcVVlf0cTBbo0UDc9V6ZXWEm0HQoQmLo=
 github.com/gorilla/mux v1.4.0/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
 github.com/groob/finalizer v0.0.0-20170707115354-4c2ed49aabda h1:5ikpG9mYCMFiZX0nkxoV6aU2IpCHPdws3gCNgdZeEV0=
 github.com/groob/finalizer v0.0.0-20170707115354-4c2ed49aabda/go.mod h1:MyndkAZd5rUMdNogn35MWXBX1UiBigrU8eTj8DoAC2c=
-github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515 h1:T+h1c/A9Gawja4Y9mFVWj2vyii2bbUNDw3kt9VxK2EY=
-github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
 github.com/pkg/errors v0.8.0 h1:WdK/asTD0HN+q6hsWO3/vpuAkAr+tw6aNJNDFFf0+qw=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/smallstep/pkcs7 v0.0.0-20231024181729-3b98ecc1ca81/go.mod h1:SoUAr/4M46rZ3WaLstHxGhLEgoYIDRqxQEXLOmOEB0Y=
 github.com/smallstep/pkcs7 v0.0.0-20231107075624-be1870d87d13 h1:qRxEt9ESQhAg1kjmgJ8oyyzlc9zkAjOooe7bcKjKORQ=
 github.com/smallstep/pkcs7 v0.0.0-20231107075624-be1870d87d13/go.mod h1:SoUAr/4M46rZ3WaLstHxGhLEgoYIDRqxQEXLOmOEB0Y=
+github.com/smallstep/scep v0.0.0-20240214080410-892e41795b99 h1:e85HuLX5/MW15yJ7yWb/PMNFW1Kx1N+DeQtpQnlMUbw=
+github.com/smallstep/scep v0.0.0-20240214080410-892e41795b99/go.mod h1:4d0ub42ut1mMtvGyMensjuHYEUpRrASvkzLEJvoRQcU=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=

diff --git a/scep/certs_selector.go b/scep/certs_selector.go
diff --git a/scep/certs_selector_test.go b/scep/certs_selector_test.go