docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

IDs for root are now correct 

Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
This commit is contained in:
David Lawrence 2015-07-07 17:49:28 -07:00 committed by Diogo Monica
parent be6e22c355
commit 21d45a0f8d
2 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
client/client.go
View File

@ -138,7 +138,14 @@ func (r *NotaryRepository) Initialize(uRootKey UnlockedRootKey) error {
}
timestampKey := data.NewPublicKey(parsedKey.Cipher(), parsedKey.Public())
rootKey := data.NewPublicKey(uRootKey.cipher, uRootKey.pemBytes)
//rootKey := data.NewPublicKey(uRootKey.cipher, uRootKey.pemBytes)
// Creates and saves a trusted certificate for this store, with this root key
rootCert, err := uRootKey.GenerateCertificate(r.Gun)
if err != nil {
return err
}
r.certificateStore.AddCert(rootCert)
rootKey := data.NewPublicKey("RSA", trustmanager.CertToPEM(rootCert))
targetsKey, err := r.signer.Create("targets")
if err != nil {
@ -211,13 +218,6 @@ func (r *NotaryRepository) Initialize(uRootKey UnlockedRootKey) error {
return err
}
// Creates and saves a trusted certificate for this store, with this root key
rootCert, err := uRootKey.GenerateCertificate(r.Gun)
if err != nil {
return err
}
r.certificateStore.AddCert(rootCert)
// Creates an empty snapshot
return r.snapshot()
}
@ -441,7 +441,8 @@ func (r *NotaryRepository) ValidateRoot(root *data.Signed) error {
// TODO(dlaw): currently assuming only one cert contained in
// public key entry. Need to fix when we want to pass in chains.
k, _ := pem.Decode([]byte(rootSigned.Keys[fingerprint].Public()))
logrus.Debug("Root PEM: ", k)
logrus.Debug("Root ID: ", fingerprint)
decodedCerts, err := x509.ParseCertificates(k.Bytes)
if err != nil {
continue

3
trustmanager/x509filestore.go
View File

@ -3,6 +3,7 @@ package trustmanager
import (
"crypto/x509"
"errors"
"github.com/Sirupsen/logrus"
"os"
"path"
)
@ -69,7 +70,7 @@ func (s X509FileStore) AddCert(cert *x509.Certificate) error {
// stored under. If the file does not exist on disk, saves it.
func (s X509FileStore) addNamedCert(cert *x509.Certificate) error {
fingerprint := fingerprintCert(cert)
logrus.Debug("Adding cert with fingerprint: ", fingerprint)
// Validate if we already loaded this certificate before
if _, ok := s.fingerprintMap[fingerprint]; ok {
return errors.New("certificate already in the store")