mirror of https://github.com/docker/docs.git
gofmt across the baord
Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>
This commit is contained in:
Nathan McCauley
parent
de6f65b7e7
commit
38fe6bd45b
|
|
@ -49,7 +49,7 @@ test:
|
|||
pwd: $BASE_STABLE
|
||||
|
||||
# VET
|
||||
- gvm use stable && go vet ./...:
|
||||
- gvm use stable && test -z "$(go tool vet -printf=false . 2>&1 | grep -v Godeps/_workspace/src/ | tee /dev/stderr)":
|
||||
pwd: $BASE_STABLE
|
||||
|
||||
# LINT
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ type SignedRSARootTemplate struct {
|
|||
RootPem string
|
||||
}
|
||||
|
||||
var passphraseRetriever = func (string, string, bool, int) (string, bool, error) { return "passphrase", false, nil}
|
||||
var passphraseRetriever = func(string, string, bool, int) (string, bool, error) { return "passphrase", false, nil }
|
||||
|
||||
const validPEMEncodedRSARoot = `LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZLekNDQXhXZ0F3SUJBZ0lRUnlwOVFxY0pmZDNheXFkaml6OHhJREFMQmdrcWhraUc5dzBCQVFzd09ERWEKTUJnR0ExVUVDaE1SWkc5amEyVnlMbU52YlM5dWIzUmhjbmt4R2pBWUJnTlZCQU1URVdSdlkydGxjaTVqYjIwdgpibTkwWVhKNU1CNFhEVEUxTURjeE56QTJNelF5TTFvWERURTNNRGN4TmpBMk16UXlNMW93T0RFYU1CZ0dBMVVFCkNoTVJaRzlqYTJWeUxtTnZiUzl1YjNSaGNua3hHakFZQmdOVkJBTVRFV1J2WTJ0bGNpNWpiMjB2Ym05MFlYSjUKTUlJQ0lqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FnOEFNSUlDQ2dLQ0FnRUFvUWZmcnpzWW5zSDh2R2Y0Smg1NQpDajV3cmpVR3pEL3NIa2FGSHB0ako2VG9KR0p2NXlNQVB4enlJbnU1c0lvR0xKYXBuWVZCb0FVMFlnSTlxbEFjCllBNlN4YVN3Z202cnB2bW5sOFFuMHFjNmdlcjNpbnBHYVVKeWxXSHVQd1drdmNpbVFBcUhaeDJkUXRMN2c2a3AKcm1LZVRXcFdvV0x3M0pvQVVaVVZoWk1kNmEyMlpML0R2QXcrSHJvZ2J6NFhleWFoRmI5SUg0MDJ6UHhONnZnYQpKRUZURjBKaTFqdE5nME1vNHBiOVNIc01zaXcrTFpLN1NmZkhWS1B4dmQyMW0vYmlObXdzZ0V4QTNVOE9PRzhwCnV5Z2ZhY3lzNWM4K1pyWCtaRkcvY3Z3S3owazYvUWZKVTQwczZNaFh3NUMyV3R0ZFZtc0c5LzdyR0ZZakhvSUoKd2VEeXhnV2s3dnhLelJKSS91bjdjYWdESWFRc0tySlFjQ0hJR0ZSbHBJUjVUd1g3dmwzUjdjUm5jckRSTVZ2YwpWU0VHMmVzeGJ3N2p0eklwL3lwblZSeGNPbnk3SXlweWpLcVZlcVo2SGd4WnRUQlZyRjFPL2FIbzJrdmx3eVJTCkF1czRrdmg2ejMranpUbTlFemZYaVBRelk5QkVrNWdPTHhoVzlyYzZVaGxTK3BlNWxrYU4vSHlxeS9sUHVxODkKZk1yMnJyN2xmNVdGZEZuemU2V05ZTUFhVzdkTkE0TkUwZHlENTM0MjhaTFh4TlZQTDRXVTY2R2FjNmx5blE4bApyNXRQc1lJRlh6aDZGVmFSS0dRVXRXMWh6OWVjTzZZMjdSaDJKc3lpSXhnVXFrMm9veEU2OXVONDJ0K2R0cUtDCjFzOEcvN1Z0WThHREFMRkxZVG56THZzQ0F3RUFBYU0xTURNd0RnWURWUjBQQVFIL0JBUURBZ0NnTUJNR0ExVWQKSlFRTU1Bb0dDQ3NHQVFVRkJ3TURNQXdHQTFVZEV3RUIvd1FDTUFBd0N3WUpLb1pJaHZjTkFRRUxBNElDQVFCTQpPbGwzRy9YQno4aWRpTmROSkRXVWgrNXczb2ptd2FuclRCZENkcUVrMVdlbmFSNkR0Y2ZsSng2WjNmL213VjRvCmIxc2tPQVgxeVg1UkNhaEpIVU14TWljei9RMzhwT1ZlbEdQclduYzNUSkIrVktqR3lIWGxRRFZrWkZiKzQrZWYKd3RqN0huZ1hoSEZGRFNnam0zRWRNbmR2Z0RRN1NRYjRza09uQ05TOWl5WDdlWHhoRkJDWm1aTCtIQUxLQmoyQgp5aFY0SWNCRHFtcDUwNHQxNHJ4OS9KdnR5MGRHN2ZZN0k1MWdFUXBtNFMwMkpNTDV4dlRtMXhmYm9XSWhaT0RJCnN3RUFPK2VrQm9GSGJTMVE5S01QaklBdzNUckNISDh4OFhacTV6c1l0QUMxeVpIZENLYTI2YVdkeTU2QTllSGoKTzFWeHp3bWJOeVhSZW5WdUJZUCswd3IzSFZLRkc0Sko0WlpwTlp6UVcvcHFFUGdoQ1RKSXZJdWVLNjUyQnlVYwovL3N2K25YZDVmMTlMZUVTOXBmMGwyNTNORGFGWlBiNmFlZ0tmcXVXaDhxbFFCbVVRMkd6YVRMYnRtTmQyOE02Clc3aUw3dGtLWmUxWm5CejlSS2d0UHJEampXR1pJbmpqY09VOEV0VDRTTHE3a0NWRG1QczVNRDh2YUFtOTZKc0UKam1MQzNVdS80azdIaURZWDBpMG1PV2tGalpRTWRWYXRjSUY1RlBTcHB3c1NiVzhRaWRuWHQ1NFV0d3RGREVQegpscGpzN3liZVFFNzFKWGNNWm5WSUs0YmpSWHNFRlBJOThScElsRWRlZGJTVWRZQW5jTE5KUlQ3SFpCTVBHU3daCjBQTkp1Z2xubHIzc3JWemRXMWR6MnhRamR2THd4eTZtTlVGNnJiUUJXQT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K`
|
||||
|
||||
|
|
|
|||
|
|
@ -44,10 +44,9 @@ func init() {
|
|||
func passphraseRetriever(keyName, alias string, createNew bool, attempts int) (passphrase string, giveup bool, err error) {
|
||||
|
||||
//TODO(mccauley) Read from config once we have locked keys in notary-signer
|
||||
return "", false, nil;
|
||||
return "", false, nil
|
||||
}
|
||||
|
||||
|
||||
func main() {
|
||||
flag.Usage = usage
|
||||
flag.Parse()
|
||||
|
|
|
|||
|
|
@ -86,10 +86,9 @@ func init() {
|
|||
fatalf("could not create Certificate X509FileStore: %v", err)
|
||||
}
|
||||
|
||||
|
||||
//TODO(mccauley): Appears unused? Remove it? Or is it here for early failure?
|
||||
privKeyStore, err = trustmanager.NewKeyFileStore(finalPrivDir,
|
||||
func (string, string, bool, int) (string, bool, error) { return "", false, nil})
|
||||
func(string, string, bool, int) (string, bool, error) { return "", false, nil })
|
||||
if err != nil {
|
||||
fatalf("could not create KeyFileStore: %v", err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,9 +14,9 @@ import (
|
|||
"github.com/Sirupsen/logrus"
|
||||
"github.com/docker/docker/pkg/term"
|
||||
notaryclient "github.com/docker/notary/client"
|
||||
"github.com/docker/notary/trustmanager"
|
||||
"github.com/spf13/cobra"
|
||||
"github.com/spf13/viper"
|
||||
"github.com/docker/notary/trustmanager"
|
||||
)
|
||||
|
||||
// FIXME: This should not be hardcoded
|
||||
|
|
@ -272,23 +272,17 @@ func verify(cmd *cobra.Command, args []string) {
|
|||
return
|
||||
}
|
||||
|
||||
func getNotaryPassphraseRetriever() (trustmanager.PassphraseRetriever) {
|
||||
func getNotaryPassphraseRetriever() trustmanager.PassphraseRetriever {
|
||||
userEnteredTargetsSnapshotsPass := false
|
||||
targetsSnapshotsPass := ""
|
||||
|
||||
return func(keyID string, alias string, createNew bool, numAttempts int) (string, bool, error) {
|
||||
fmt.Printf("userEnteredTargetsSnapshotsPass: %s\n", userEnteredTargetsSnapshotsPass)
|
||||
fmt.Printf("targetsSnapshotsPass: %s\n", targetsSnapshotsPass)
|
||||
fmt.Printf("keyID: %s\n", keyID)
|
||||
fmt.Printf("alias: %s\n", alias)
|
||||
fmt.Printf("numAttempts: %s\n", numAttempts)
|
||||
|
||||
if numAttempts == 0 && userEnteredTargetsSnapshotsPass && (alias == "snapshot" || alias == "targets") {
|
||||
fmt.Println("return cached value")
|
||||
|
||||
return targetsSnapshotsPass, false, nil;
|
||||
return targetsSnapshotsPass, false, nil
|
||||
}
|
||||
if (numAttempts > 3 && !createNew) {
|
||||
if numAttempts > 3 && !createNew {
|
||||
return "", true, errors.New("Too many attempts")
|
||||
}
|
||||
|
||||
|
|
@ -303,7 +297,7 @@ func getNotaryPassphraseRetriever() (trustmanager.PassphraseRetriever) {
|
|||
|
||||
if createNew {
|
||||
fmt.Printf("Enter passphrase for new %s key with id %s: ", alias, keyID)
|
||||
}else {
|
||||
} else {
|
||||
fmt.Printf("Enter key passphrase for %s key with id %s: ", alias, keyID)
|
||||
}
|
||||
|
||||
|
|
@ -320,7 +314,7 @@ func getNotaryPassphraseRetriever() (trustmanager.PassphraseRetriever) {
|
|||
userEnteredTargetsSnapshotsPass = true
|
||||
targetsSnapshotsPass = retPass
|
||||
}
|
||||
return string(passphrase), false, nil;
|
||||
return string(passphrase), false, nil
|
||||
}
|
||||
|
||||
if len(passphrase) < 8 {
|
||||
|
|
|
|||
|
|
@ -23,8 +23,8 @@ const (
|
|||
// CryptoService implements Sign and Create, holding a specific GUN and keystore to
|
||||
// operate on
|
||||
type CryptoService struct {
|
||||
gun string
|
||||
keyStore trustmanager.KeyStore
|
||||
gun string
|
||||
keyStore trustmanager.KeyStore
|
||||
}
|
||||
|
||||
// NewCryptoService returns an instance of CryptoService
|
||||
|
|
|
|||
|
|
@ -17,8 +17,7 @@ func TestCryptoService(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
var passphraseretriever = func (string, string, bool, int) (string, bool, error) { return "", false, nil}
|
||||
|
||||
var passphraseretriever = func(string, string, bool, int) (string, bool, error) { return "", false, nil }
|
||||
|
||||
func testCryptoService(t *testing.T, keyAlgo data.KeyAlgorithm, verifier signed.Verifier) {
|
||||
content := []byte("this is a secret")
|
||||
|
|
|
|||
|
|
@ -9,8 +9,7 @@ import (
|
|||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
var passphraseRetriever = func (string, string, bool, int) (string, bool, error) { return "passphrase", false, nil}
|
||||
|
||||
var passphraseRetriever = func(string, string, bool, int) (string, bool, error) { return "passphrase", false, nil }
|
||||
|
||||
func TestUnlockedSigner(t *testing.T) {
|
||||
privKey, err := trustmanager.GenerateECDSAKey(rand.Reader)
|
||||
|
|
|
|||
|
|
@ -11,9 +11,9 @@ import (
|
|||
"path/filepath"
|
||||
"strings"
|
||||
|
||||
"fmt"
|
||||
"github.com/Sirupsen/logrus"
|
||||
"github.com/docker/notary/trustmanager"
|
||||
"fmt"
|
||||
)
|
||||
|
||||
var (
|
||||
|
|
@ -37,7 +37,7 @@ var (
|
|||
// ExportRootKey exports the specified root key to an io.Writer in PEM format.
|
||||
// The key's existing encryption is preserved.
|
||||
func (km *KeyStoreManager) ExportRootKey(dest io.Writer, keyID string) error {
|
||||
pemBytes, err := km.rootKeyStore.Get(keyID+"_root")
|
||||
pemBytes, err := km.rootKeyStore.Get(keyID + "_root")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -293,7 +293,6 @@ func (km *KeyStoreManager) ExportKeysByGUN(dest io.Writer, gun string, passphras
|
|||
|
||||
privNonRootKeysSubdir := filepath.Join(privDir, nonRootKeysSubdir)
|
||||
|
||||
|
||||
// Create temporary keystore to use as a staging area
|
||||
tempNonRootKeysPath := filepath.Join(tempBaseDir, privNonRootKeysSubdir)
|
||||
tempNonRootKeyStore, err := trustmanager.NewKeyFileStore(tempNonRootKeysPath, passphraseRetriever)
|
||||
|
|
|
|||
|
|
@ -36,10 +36,11 @@ func createTestServer(t *testing.T) (*httptest.Server, *http.ServeMux) {
|
|||
|
||||
return ts, mux
|
||||
}
|
||||
|
||||
var oldPassphrase = "oldPassphrase"
|
||||
var exportPassphrase = "exportPassphrase"
|
||||
var oldPassphraseRetriever = func (string, string, bool, int) (string, bool, error) { return oldPassphrase, false, nil}
|
||||
var newPassphraseRetriever = func (string, string, bool, int) (string, bool, error) { return exportPassphrase, false, nil}
|
||||
var oldPassphraseRetriever = func(string, string, bool, int) (string, bool, error) { return oldPassphrase, false, nil }
|
||||
var newPassphraseRetriever = func(string, string, bool, int) (string, bool, error) { return exportPassphrase, false, nil }
|
||||
|
||||
func TestImportExportZip(t *testing.T) {
|
||||
gun := "docker.com/notary"
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ var (
|
|||
createKeyBaseURL string
|
||||
keyInfoBaseURL string
|
||||
signBaseURL string
|
||||
passphraseRetriever = func (string, string, bool, int) (string, bool, error) { return "passphrase", false, nil}
|
||||
passphraseRetriever = func(string, string, bool, int) (string, bool, error) { return "passphrase", false, nil }
|
||||
)
|
||||
|
||||
func SetupHSMEnv(t *testing.T) (*pkcs11.Ctx, pkcs11.SessionHandle) {
|
||||
|
|
|
|||
|
|
@ -25,11 +25,10 @@ var (
|
|||
grpcServer *grpc.Server
|
||||
void *pb.Void
|
||||
pr trustmanager.PassphraseRetriever
|
||||
|
||||
)
|
||||
|
||||
func init() {
|
||||
pr = func (string, string, bool, int) (string, bool, error) { return "passphrase", false, nil}
|
||||
pr = func(string, string, bool, int) (string, bool, error) { return "passphrase", false, nil }
|
||||
keyStore := trustmanager.NewKeyMemoryStore(pr)
|
||||
cryptoService := cryptoservice.NewCryptoService("", keyStore)
|
||||
cryptoServices := signer.CryptoServiceIndex{data.ED25519Key: cryptoService, data.RSAKey: cryptoService, data.ECDSAKey: cryptoService}
|
||||
|
|
|
|||
|
|
@ -4,13 +4,13 @@ import (
|
|||
"path/filepath"
|
||||
"strings"
|
||||
|
||||
"github.com/endophage/gotuf/data"
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/endophage/gotuf/data"
|
||||
)
|
||||
|
||||
const (
|
||||
keyExtension = "key"
|
||||
keyExtension = "key"
|
||||
aliasExtension = "alias"
|
||||
)
|
||||
|
||||
|
|
@ -103,7 +103,6 @@ func (s *KeyMemoryStore) GetKeyAlias(name string) (string, error) {
|
|||
return getKeyAlias(s, name)
|
||||
}
|
||||
|
||||
|
||||
// ListKeys returns a list of unique PublicKeys present on the KeyFileStore.
|
||||
// There might be symlinks associating Certificate IDs to Public Keys, so this
|
||||
// method only returns the IDs that aren't symlinks
|
||||
|
|
@ -116,7 +115,6 @@ func (s *KeyMemoryStore) RemoveKey(name string) error {
|
|||
return removeKey(s, name)
|
||||
}
|
||||
|
||||
|
||||
func addKey(s LimitedFileStore, passphraseRetriever PassphraseRetriever, name, alias string, privKey data.PrivateKey) error {
|
||||
pemPrivKey, err := KeyToPEM(privKey)
|
||||
if err != nil {
|
||||
|
|
@ -148,7 +146,7 @@ func addKey(s LimitedFileStore, passphraseRetriever PassphraseRetriever, name, a
|
|||
}
|
||||
}
|
||||
|
||||
return s.Add(name + "_" + alias, pemPrivKey)
|
||||
return s.Add(name+"_"+alias, pemPrivKey)
|
||||
}
|
||||
|
||||
func getKeyAlias(s LimitedFileStore, keyID string) (string, error) {
|
||||
|
|
@ -160,8 +158,8 @@ func getKeyAlias(s LimitedFileStore, keyID string) (string, error) {
|
|||
filename := file[lastPathSeparator+1:]
|
||||
|
||||
if strings.HasPrefix(filename, name) {
|
||||
aliasPlusDotKey := strings.TrimPrefix(filename, name + "_")
|
||||
retVal := strings.TrimSuffix(aliasPlusDotKey, "." + keyExtension)
|
||||
aliasPlusDotKey := strings.TrimPrefix(filename, name+"_")
|
||||
retVal := strings.TrimSuffix(aliasPlusDotKey, "."+keyExtension)
|
||||
return retVal, nil
|
||||
}
|
||||
}
|
||||
|
|
@ -216,7 +214,7 @@ func listKeys(s LimitedFileStore) []string {
|
|||
|
||||
for _, f := range s.ListFiles(false) {
|
||||
keyID := strings.TrimSpace(strings.TrimSuffix(f, filepath.Ext(f)))
|
||||
keyID = keyID[:strings.LastIndex(keyID,"_")]
|
||||
keyID = keyID[:strings.LastIndex(keyID, "_")]
|
||||
keyIDList = append(keyIDList, keyID)
|
||||
}
|
||||
return keyIDList
|
||||
|
|
|
|||
|
|
@ -3,15 +3,15 @@ package trustmanager
|
|||
import (
|
||||
"bytes"
|
||||
"crypto/rand"
|
||||
"errors"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
"testing"
|
||||
"errors"
|
||||
)
|
||||
|
||||
var passphraseRetriever = func (keyID string, alias string, createNew bool, numAttempts int) (string, bool, error) {
|
||||
var passphraseRetriever = func(keyID string, alias string, createNew bool, numAttempts int) (string, bool, error) {
|
||||
if numAttempts > 5 {
|
||||
giveup := true
|
||||
return "", giveup, errors.New("passPhraseRetriever failed after too many requests")
|
||||
|
|
@ -46,7 +46,7 @@ func TestAddKey(t *testing.T) {
|
|||
}
|
||||
|
||||
// Call the AddKey function
|
||||
err = store.AddKey(testName, "root", privKey)
|
||||
err = store.AddKey(testName, "root", privKey)
|
||||
if err != nil {
|
||||
t.Fatalf("failed to add file to store: %v", err)
|
||||
}
|
||||
|
|
@ -96,8 +96,7 @@ EMl3eFOJXjIch/wIesRSN+2dGOsl7neercjMh1i9RvpCwHDx/E0=
|
|||
testAlias := "root"
|
||||
perms := os.FileMode(0755)
|
||||
|
||||
emptyPassphraseRetriever := func (string, string, bool, int) (string, bool, error) { return "", false, nil}
|
||||
|
||||
emptyPassphraseRetriever := func(string, string, bool, int) (string, bool, error) { return "", false, nil }
|
||||
|
||||
// Temporary directory where test files will be created
|
||||
tempBaseDir, err := ioutil.TempDir("", "notary-test-")
|
||||
|
|
@ -226,11 +225,10 @@ func TestGetDecryptedWithTamperedCipherText(t *testing.T) {
|
|||
|
||||
func TestGetDecryptedWithInvalidPassphrase(t *testing.T) {
|
||||
|
||||
|
||||
// Make a passphraseRetriever that always returns a different passphrase in order to test
|
||||
// decryption failure
|
||||
a := "a"
|
||||
var invalidPassphraseRetriever = func (keyId string, alias string, createNew bool, numAttempts int) (string, bool, error) {
|
||||
var invalidPassphraseRetriever = func(keyId string, alias string, createNew bool, numAttempts int) (string, bool, error) {
|
||||
if numAttempts > 5 {
|
||||
giveup := true
|
||||
return "", giveup, nil
|
||||
|
|
|
|||
Loading…
Reference in New Issue