docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

WIP

This commit is contained in:
Diogo Monica 2015-07-08 13:58:25 -07:00
parent aa2caade20
commit 2f986f1a1b
1 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
client/client.go
View File

@ -58,7 +58,8 @@ type Repository interface {
type UnlockedRootKey struct { type UnlockedRootKey struct {
cipher string cipher string
pemBytes []byte pemPrivKey []byte
pemPubKey []byte
signer *signed.Signer signer *signed.Signer
} }
@ -561,7 +562,9 @@ func (c *NotaryClient) GenRootKey(passphrase string) (string, error) {
return "", fmt.Errorf("failed to generate the certificate for key: %v", err) return "", fmt.Errorf("failed to generate the certificate for key: %v", err)
} }
keyID := data.NewPublicKey("RSA", pemKey).ID() //
keyID := data.NewPrivateKey("RSA", pemKey, pemKey).ID()
c.rootKeyStore.AddEncrypted(keyID, pemKey, passphrase) c.rootKeyStore.AddEncrypted(keyID, pemKey, passphrase)
return keyID, nil return keyID, nil
@ -569,7 +572,7 @@ func (c *NotaryClient) GenRootKey(passphrase string) (string, error) {
// GetRootKey retreives a root key that includes the ID and a signer // GetRootKey retreives a root key that includes the ID and a signer
func (c *NotaryClient) GetRootKey(rootKeyID, passphrase string) (UnlockedRootKey, error) { func (c *NotaryClient) GetRootKey(rootKeyID, passphrase string) (UnlockedRootKey, error) {
rootKeyPem, err := c.rootKeyStore.GetDecrypted(rootKeyID, passphrase) pemPrivKey, err := c.rootKeyStore.GetDecrypted(rootKeyID, passphrase)
if err != nil { if err != nil {
return UnlockedRootKey{}, fmt.Errorf("could not get encrypted root key: %v", err) return UnlockedRootKey{}, fmt.Errorf("could not get encrypted root key: %v", err)
} }
@ -578,7 +581,7 @@ func (c *NotaryClient) GetRootKey(rootKeyID, passphrase string) (UnlockedRootKey
return UnlockedRootKey{ return UnlockedRootKey{
cipher: "RSA", cipher: "RSA",
pemBytes: rootKeyPem, pemPrivKey: pemPrivKey,
signer: signer}, nil signer: signer}, nil
} }
@ -602,7 +605,6 @@ func (c *NotaryClient) GetRepository(gun string, baseURL string, transport http.
} }
func (c *NotaryClient) InitRepository(gun string, baseURL string, transport http.RoundTripper, uRootKey UnlockedRootKey) (*NotaryRepository, error) { func (c *NotaryClient) InitRepository(gun string, baseURL string, transport http.RoundTripper, uRootKey UnlockedRootKey) (*NotaryRepository, error) {
//rootKey := data.NewPublicKey(uRootKey.cipher, uRootKey.pemBytes)
// Creates and saves a trusted certificate for this store, with this root key // Creates and saves a trusted certificate for this store, with this root key
rootCert, err := uRootKey.GenerateCertificate(gun) rootCert, err := uRootKey.GenerateCertificate(gun)
if err != nil { if err != nil {
@ -676,12 +678,14 @@ func (c *NotaryClient) loadKeys(trustDir, rootKeysDir string) error {
return nil return nil
} }
// ID gets a consistent ID based on the PrivateKey bytes and cipher type
func (uk *UnlockedRootKey) ID() string { func (uk *UnlockedRootKey) ID() string {
return data.NewPublicKey(uk.cipher, uk.pemBytes).ID() return data.NewPrivateKey(uk.cipher, uk.pemPrivKey, uk.pemPrivKey).ID()
} }
// GenerateCertificate
func (uk *UnlockedRootKey) GenerateCertificate(gun string) (*x509.Certificate, error) { func (uk *UnlockedRootKey) GenerateCertificate(gun string) (*x509.Certificate, error) {
privKeyBytes, _ := pem.Decode(uk.pemBytes) privKeyBytes, _ := pem.Decode(uk.pemPrivKey)
privKey, err := x509.ParsePKCS1PrivateKey(privKeyBytes.Bytes) privKey, err := x509.ParsePKCS1PrivateKey(privKeyBytes.Bytes)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to parse root key: %v (%s)", gun, err.Error()) return nil, fmt.Errorf("failed to parse root key: %v (%s)", gun, err.Error())