mirror of https://github.com/docker/docs.git
Merge pull request #435 from cyli/revert-canonical-json
Revert "switching out to consistently use canonical json for all marshalling of TUF data
This commit is contained in:
Ying Li
commit
eb115b987f
|
|
@ -14,7 +14,7 @@ import (
|
|||
"github.com/docker/notary/client/changelist"
|
||||
"github.com/docker/notary/passphrase"
|
||||
"github.com/docker/notary/tuf/data"
|
||||
"github.com/stretchr/testify/require"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
// recursively copies the contents of one directory into another - ignores
|
||||
|
|
@ -63,8 +63,8 @@ func Test0Dot1RepoFormat(t *testing.T) {
|
|||
// and publishing will modify the files
|
||||
tmpDir, err := ioutil.TempDir("", "notary-backwards-compat-test")
|
||||
defer os.RemoveAll(tmpDir)
|
||||
require.NoError(t, err)
|
||||
require.NoError(t, recursiveCopy("../fixtures/compatibility/notary0.1", tmpDir))
|
||||
assert.NoError(t, err)
|
||||
assert.NoError(t, recursiveCopy("../fixtures/compatibility/notary0.1", tmpDir))
|
||||
|
||||
gun := "docker.io/notary0.1/samplerepo"
|
||||
passwd := "randompass"
|
||||
|
|
@ -74,28 +74,28 @@ func Test0Dot1RepoFormat(t *testing.T) {
|
|||
|
||||
repo, err := NewNotaryRepository(tmpDir, gun, ts.URL, http.DefaultTransport,
|
||||
passphrase.ConstantRetriever(passwd))
|
||||
require.NoError(t, err, "error creating repo: %s", err)
|
||||
assert.NoError(t, err, "error creating repo: %s", err)
|
||||
|
||||
// rotate the timestamp key, since the server doesn't have that one
|
||||
timestampPubKey, err := getRemoteKey(ts.URL, gun, data.CanonicalTimestampRole, http.DefaultTransport)
|
||||
require.NoError(t, err)
|
||||
require.NoError(
|
||||
assert.NoError(t, err)
|
||||
assert.NoError(
|
||||
t, repo.rootFileKeyChange(data.CanonicalTimestampRole, changelist.ActionCreate, timestampPubKey))
|
||||
|
||||
require.NoError(t, repo.Publish())
|
||||
assert.NoError(t, repo.Publish())
|
||||
|
||||
targets, err := repo.ListTargets()
|
||||
require.NoError(t, err)
|
||||
require.Len(t, targets, 1)
|
||||
require.Equal(t, "v1", targets[0].Name)
|
||||
assert.NoError(t, err)
|
||||
assert.Len(t, targets, 1)
|
||||
assert.Equal(t, "v1", targets[0].Name)
|
||||
|
||||
// Also check that we can add/remove keys by rotating keys
|
||||
oldTargetsKeys := repo.CryptoService.ListKeys(data.CanonicalTargetsRole)
|
||||
require.NoError(t, repo.RotateKey(data.CanonicalTargetsRole, false))
|
||||
require.NoError(t, repo.Publish())
|
||||
assert.NoError(t, repo.RotateKey(data.CanonicalTargetsRole, false))
|
||||
assert.NoError(t, repo.Publish())
|
||||
newTargetsKeys := repo.CryptoService.ListKeys(data.CanonicalTargetsRole)
|
||||
|
||||
require.Len(t, oldTargetsKeys, 1)
|
||||
require.Len(t, newTargetsKeys, 1)
|
||||
require.NotEqual(t, oldTargetsKeys[0], newTargetsKeys[0])
|
||||
assert.Len(t, oldTargetsKeys, 1)
|
||||
assert.Len(t, newTargetsKeys, 1)
|
||||
assert.NotEqual(t, oldTargetsKeys[0], newTargetsKeys[0])
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@ package client
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
|
|
@ -12,8 +13,6 @@ import (
|
|||
"time"
|
||||
|
||||
"github.com/Sirupsen/logrus"
|
||||
"github.com/jfrazelle/go/canonical/json"
|
||||
|
||||
"github.com/docker/notary/certs"
|
||||
"github.com/docker/notary/client/changelist"
|
||||
"github.com/docker/notary/cryptoservice"
|
||||
|
|
@ -324,7 +323,7 @@ func (r *NotaryRepository) AddDelegation(name string, threshold int,
|
|||
logrus.Debugf(`Adding delegation "%s" with threshold %d, and %d keys\n`,
|
||||
name, threshold, len(delegationKeys))
|
||||
|
||||
tdJSON, err := json.MarshalCanonical(&changelist.TufDelegation{
|
||||
tdJSON, err := json.Marshal(&changelist.TufDelegation{
|
||||
NewThreshold: threshold,
|
||||
AddKeys: data.KeyList(delegationKeys),
|
||||
AddPaths: paths,
|
||||
|
|
@ -386,7 +385,7 @@ func (r *NotaryRepository) AddTarget(target *Target, roles ...string) error {
|
|||
logrus.Debugf("Adding target \"%s\" with sha256 \"%x\" and size %d bytes.\n", target.Name, target.Hashes["sha256"], target.Length)
|
||||
|
||||
meta := data.FileMeta{Length: target.Length, Hashes: target.Hashes}
|
||||
metaJSON, err := json.MarshalCanonical(meta)
|
||||
metaJSON, err := json.Marshal(meta)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -690,7 +689,7 @@ func (r *NotaryRepository) saveMetadata(ignoreSnapshot bool) error {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
targetsJSON, err := json.MarshalCanonical(signedTargets)
|
||||
targetsJSON, err := json.Marshal(signedTargets)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -838,7 +837,7 @@ func (r *NotaryRepository) rootFileKeyChange(role, action string, key data.Publi
|
|||
RoleName: role,
|
||||
Keys: kl,
|
||||
}
|
||||
metaJSON, err := json.MarshalCanonical(meta)
|
||||
metaJSON, err := json.Marshal(meta)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ import (
|
|||
"github.com/Sirupsen/logrus"
|
||||
"github.com/docker/notary/certs"
|
||||
"github.com/docker/notary/tuf/data"
|
||||
"github.com/stretchr/testify/require"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
var passphraseRetriever = func(string, string, bool, int) (string, bool, error) { return "passphrase", false, nil }
|
||||
|
|
@ -34,12 +34,12 @@ func validateRootSuccessfully(t *testing.T, rootType string) {
|
|||
|
||||
// tests need to manually boostrap timestamp as client doesn't generate it
|
||||
err := repo.tufRepo.InitTimestamp()
|
||||
require.NoError(t, err, "error creating repository: %s", err)
|
||||
assert.NoError(t, err, "error creating repository: %s", err)
|
||||
|
||||
// Initialize is supposed to have created new certificate for this repository
|
||||
// Lets check for it and store it for later use
|
||||
allCerts := repo.CertManager.TrustedCertificateStore().GetCertificates()
|
||||
require.Len(t, allCerts, 1)
|
||||
assert.Len(t, allCerts, 1)
|
||||
|
||||
fakeServerData(t, repo, mux, keys)
|
||||
|
||||
|
|
@ -47,13 +47,13 @@ func validateRootSuccessfully(t *testing.T, rootType string) {
|
|||
// Test TOFUS logic. We remove all certs and expect a new one to be added after ListTargets
|
||||
//
|
||||
err = repo.CertManager.TrustedCertificateStore().RemoveAll()
|
||||
require.NoError(t, err)
|
||||
require.Len(t, repo.CertManager.TrustedCertificateStore().GetCertificates(), 0)
|
||||
assert.NoError(t, err)
|
||||
assert.Len(t, repo.CertManager.TrustedCertificateStore().GetCertificates(), 0)
|
||||
|
||||
// This list targets is expected to succeed and the certificate store to have the new certificate
|
||||
_, err = repo.ListTargets(data.CanonicalTargetsRole)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, repo.CertManager.TrustedCertificateStore().GetCertificates(), 1)
|
||||
assert.NoError(t, err)
|
||||
assert.Len(t, repo.CertManager.TrustedCertificateStore().GetCertificates(), 1)
|
||||
|
||||
//
|
||||
// Test certificate mismatch logic. We remove all certs, add a different cert to the
|
||||
|
|
@ -62,19 +62,20 @@ func validateRootSuccessfully(t *testing.T, rootType string) {
|
|||
|
||||
// First, remove all certs
|
||||
err = repo.CertManager.TrustedCertificateStore().RemoveAll()
|
||||
require.NoError(t, err)
|
||||
require.Len(t, repo.CertManager.TrustedCertificateStore().GetCertificates(), 0)
|
||||
assert.NoError(t, err)
|
||||
assert.Len(t, repo.CertManager.TrustedCertificateStore().GetCertificates(), 0)
|
||||
|
||||
// Add a previously generated certificate with CN=docker.com/notary
|
||||
err = repo.CertManager.TrustedCertificateStore().AddCertFromFile(
|
||||
"../fixtures/self-signed_docker.com-notary.crt")
|
||||
require.NoError(t, err)
|
||||
assert.NoError(t, err)
|
||||
|
||||
// This list targets is expected to fail, since there already exists a certificate
|
||||
// in the store for the dnsName docker.com/notary, so TOFUS doesn't apply
|
||||
_, err = repo.ListTargets(data.CanonicalTargetsRole)
|
||||
require.Error(t, err, "An error was expected")
|
||||
require.Equal(t, err, &certs.ErrValidationFail{
|
||||
Reason: "failed to validate data with current trusted certificates",
|
||||
})
|
||||
if assert.Error(t, err, "An error was expected") {
|
||||
assert.Equal(t, err, &certs.ErrValidationFail{
|
||||
Reason: "failed to validate data with current trusted certificates",
|
||||
})
|
||||
}
|
||||
}
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -1,14 +1,13 @@
|
|||
package client
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"path"
|
||||
"time"
|
||||
|
||||
"github.com/Sirupsen/logrus"
|
||||
"github.com/jfrazelle/go/canonical/json"
|
||||
|
||||
"github.com/docker/notary/client/changelist"
|
||||
tuf "github.com/docker/notary/tuf"
|
||||
"github.com/docker/notary/tuf/data"
|
||||
|
|
@ -262,5 +261,5 @@ func serializeCanonicalRole(tufRepo *tuf.Repo, role string) (out []byte, err err
|
|||
return
|
||||
}
|
||||
|
||||
return json.MarshalCanonical(s)
|
||||
return json.Marshal(s)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,26 +2,27 @@ package handlers
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
|
||||
ctxu "github.com/docker/distribution/context"
|
||||
"github.com/docker/distribution/registry/api/errcode"
|
||||
"github.com/jfrazelle/go/canonical/json"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"golang.org/x/net/context"
|
||||
|
||||
ctxu "github.com/docker/distribution/context"
|
||||
"github.com/docker/distribution/registry/api/errcode"
|
||||
"github.com/docker/notary/server/errors"
|
||||
"github.com/docker/notary/server/storage"
|
||||
"github.com/docker/notary/tuf/data"
|
||||
"github.com/docker/notary/tuf/signed"
|
||||
"github.com/docker/notary/tuf/store"
|
||||
"github.com/docker/notary/tuf/testutils"
|
||||
"github.com/docker/notary/tuf/validation"
|
||||
|
||||
"github.com/docker/notary/tuf/testutils"
|
||||
"github.com/docker/notary/utils"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
type handlerState struct {
|
||||
|
|
@ -178,7 +179,7 @@ func TestGetHandlerRoot(t *testing.T) {
|
|||
ctx = context.WithValue(ctx, "metaStore", metaStore)
|
||||
|
||||
root, err := repo.SignRoot(data.DefaultExpires("root"))
|
||||
rootJSON, err := json.MarshalCanonical(root)
|
||||
rootJSON, err := json.Marshal(root)
|
||||
assert.NoError(t, err)
|
||||
metaStore.UpdateCurrent("gun", storage.MetaUpdate{Role: "root", Version: 1, Data: rootJSON})
|
||||
|
||||
|
|
@ -204,13 +205,13 @@ func TestGetHandlerTimestamp(t *testing.T) {
|
|||
ctx := getContext(handlerState{store: metaStore, crypto: crypto})
|
||||
|
||||
sn, err := repo.SignSnapshot(data.DefaultExpires("snapshot"))
|
||||
snJSON, err := json.MarshalCanonical(sn)
|
||||
snJSON, err := json.Marshal(sn)
|
||||
assert.NoError(t, err)
|
||||
metaStore.UpdateCurrent(
|
||||
"gun", storage.MetaUpdate{Role: "snapshot", Version: 1, Data: snJSON})
|
||||
|
||||
ts, err := repo.SignTimestamp(data.DefaultExpires("timestamp"))
|
||||
tsJSON, err := json.MarshalCanonical(ts)
|
||||
tsJSON, err := json.Marshal(ts)
|
||||
assert.NoError(t, err)
|
||||
metaStore.UpdateCurrent(
|
||||
"gun", storage.MetaUpdate{Role: "timestamp", Version: 1, Data: tsJSON})
|
||||
|
|
@ -237,7 +238,7 @@ func TestGetHandlerSnapshot(t *testing.T) {
|
|||
ctx := getContext(handlerState{store: metaStore, crypto: crypto})
|
||||
|
||||
sn, err := repo.SignSnapshot(data.DefaultExpires("snapshot"))
|
||||
snJSON, err := json.MarshalCanonical(sn)
|
||||
snJSON, err := json.Marshal(sn)
|
||||
assert.NoError(t, err)
|
||||
metaStore.UpdateCurrent(
|
||||
"gun", storage.MetaUpdate{Role: "snapshot", Version: 1, Data: snJSON})
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@ import (
|
|||
"strings"
|
||||
|
||||
"github.com/Sirupsen/logrus"
|
||||
cjson "github.com/jfrazelle/go/canonical/json"
|
||||
|
||||
"github.com/docker/notary/server/storage"
|
||||
"github.com/docker/notary/tuf"
|
||||
|
|
@ -247,7 +246,7 @@ func generateSnapshot(gun string, kdb *keys.KeyDB, repo *tuf.Repo, store storage
|
|||
if err != nil {
|
||||
return nil, validation.ErrBadSnapshot{Msg: err.Error()}
|
||||
}
|
||||
sgndJSON, err := cjson.MarshalCanonical(sgnd)
|
||||
sgndJSON, err := json.Marshal(sgnd)
|
||||
if err != nil {
|
||||
return nil, validation.ErrBadSnapshot{Msg: err.Error()}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,14 +2,11 @@ package handlers
|
|||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"reflect"
|
||||
"testing"
|
||||
|
||||
"github.com/jfrazelle/go/canonical/json"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/docker/notary/server/storage"
|
||||
"github.com/docker/notary/trustmanager"
|
||||
"github.com/docker/notary/tuf"
|
||||
"github.com/docker/notary/tuf/data"
|
||||
|
|
@ -17,6 +14,9 @@ import (
|
|||
"github.com/docker/notary/tuf/signed"
|
||||
"github.com/docker/notary/tuf/testutils"
|
||||
"github.com/docker/notary/tuf/validation"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/docker/notary/server/storage"
|
||||
)
|
||||
|
||||
func copyTimestampKey(t *testing.T, fromKeyDB *keys.KeyDB,
|
||||
|
|
@ -797,7 +797,7 @@ func TestLoadTargetsFromStore(t *testing.T) {
|
|||
)
|
||||
assert.NoError(t, err)
|
||||
|
||||
tgs, err := json.MarshalCanonical(st)
|
||||
tgs, err := json.Marshal(st)
|
||||
assert.NoError(t, err)
|
||||
update := storage.MetaUpdate{
|
||||
Role: data.CanonicalTargetsRole,
|
||||
|
|
@ -844,7 +844,7 @@ func TestValidateTargetsLoadParent(t *testing.T) {
|
|||
|
||||
// we're not going to validate things loaded from storage, so no need
|
||||
// to sign the base targets, just Marshal it and set it into storage
|
||||
tgtsJSON, err := json.MarshalCanonical(baseRepo.Targets["targets"])
|
||||
tgtsJSON, err := json.Marshal(baseRepo.Targets["targets"])
|
||||
assert.NoError(t, err)
|
||||
update := storage.MetaUpdate{
|
||||
Role: data.CanonicalTargetsRole,
|
||||
|
|
@ -856,7 +856,7 @@ func TestValidateTargetsLoadParent(t *testing.T) {
|
|||
// generate the update object we're doing to use to call loadAndValidateTargets
|
||||
del, err := baseRepo.SignTargets("targets/level1", data.DefaultExpires(data.CanonicalTargetsRole))
|
||||
assert.NoError(t, err)
|
||||
delJSON, err := json.MarshalCanonical(del)
|
||||
delJSON, err := json.Marshal(del)
|
||||
assert.NoError(t, err)
|
||||
|
||||
delUpdate := storage.MetaUpdate{
|
||||
|
|
@ -894,7 +894,7 @@ func TestValidateTargetsParentInUpdate(t *testing.T) {
|
|||
|
||||
targets, err := baseRepo.SignTargets("targets", data.DefaultExpires(data.CanonicalTargetsRole))
|
||||
|
||||
tgtsJSON, err := json.MarshalCanonical(targets)
|
||||
tgtsJSON, err := json.Marshal(targets)
|
||||
assert.NoError(t, err)
|
||||
update := storage.MetaUpdate{
|
||||
Role: data.CanonicalTargetsRole,
|
||||
|
|
@ -905,7 +905,7 @@ func TestValidateTargetsParentInUpdate(t *testing.T) {
|
|||
|
||||
del, err := baseRepo.SignTargets("targets/level1", data.DefaultExpires(data.CanonicalTargetsRole))
|
||||
assert.NoError(t, err)
|
||||
delJSON, err := json.MarshalCanonical(del)
|
||||
delJSON, err := json.Marshal(del)
|
||||
assert.NoError(t, err)
|
||||
|
||||
delUpdate := storage.MetaUpdate{
|
||||
|
|
@ -952,7 +952,7 @@ func TestValidateTargetsParentNotFound(t *testing.T) {
|
|||
// generate the update object we're doing to use to call loadAndValidateTargets
|
||||
del, err := baseRepo.SignTargets("targets/level1", data.DefaultExpires(data.CanonicalTargetsRole))
|
||||
assert.NoError(t, err)
|
||||
delJSON, err := json.MarshalCanonical(del)
|
||||
delJSON, err := json.Marshal(del)
|
||||
assert.NoError(t, err)
|
||||
|
||||
delUpdate := storage.MetaUpdate{
|
||||
|
|
@ -989,7 +989,7 @@ func TestValidateTargetsRoleNotInParent(t *testing.T) {
|
|||
|
||||
targets, err := baseRepo.SignTargets("targets", data.DefaultExpires(data.CanonicalTargetsRole))
|
||||
|
||||
tgtsJSON, err := json.MarshalCanonical(targets)
|
||||
tgtsJSON, err := json.Marshal(targets)
|
||||
assert.NoError(t, err)
|
||||
update := storage.MetaUpdate{
|
||||
Role: data.CanonicalTargetsRole,
|
||||
|
|
@ -1000,7 +1000,7 @@ func TestValidateTargetsRoleNotInParent(t *testing.T) {
|
|||
|
||||
del, err := baseRepo.SignTargets("targets/level1", data.DefaultExpires(data.CanonicalTargetsRole))
|
||||
assert.NoError(t, err)
|
||||
delJSON, err := json.MarshalCanonical(del)
|
||||
delJSON, err := json.Marshal(del)
|
||||
assert.NoError(t, err)
|
||||
|
||||
delUpdate := storage.MetaUpdate{
|
||||
|
|
|
|||
|
|
@ -1,8 +1,9 @@
|
|||
package snapshot
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
|
||||
"github.com/Sirupsen/logrus"
|
||||
"github.com/jfrazelle/go/canonical/json"
|
||||
|
||||
"github.com/docker/notary/server/storage"
|
||||
"github.com/docker/notary/tuf/data"
|
||||
|
|
@ -69,7 +70,7 @@ func GetOrCreateSnapshot(gun string, store storage.MetaStore, cryptoService sign
|
|||
logrus.Error("Failed to create a new snapshot")
|
||||
return nil, err
|
||||
}
|
||||
out, err := json.MarshalCanonical(sgnd)
|
||||
out, err := json.Marshal(sgnd)
|
||||
if err != nil {
|
||||
logrus.Error("Failed to marshal new snapshot")
|
||||
return nil, err
|
||||
|
|
|
|||
|
|
@ -2,10 +2,10 @@ package snapshot
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/jfrazelle/go/canonical/json"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/docker/notary/server/storage"
|
||||
|
|
@ -140,7 +140,7 @@ func TestGetSnapshotCurrValid(t *testing.T) {
|
|||
},
|
||||
},
|
||||
}
|
||||
snapJSON, _ := json.MarshalCanonical(snapshot)
|
||||
snapJSON, _ := json.Marshal(snapshot)
|
||||
|
||||
// test when db is missing the role data
|
||||
store.UpdateCurrent("gun", storage.MetaUpdate{Role: "snapshot", Version: 0, Data: snapJSON})
|
||||
|
|
@ -165,7 +165,7 @@ func TestGetSnapshotCurrExpired(t *testing.T) {
|
|||
_, err := GetOrCreateSnapshotKey("gun", store, crypto, data.ED25519Key)
|
||||
|
||||
snapshot := &data.SignedSnapshot{}
|
||||
snapJSON, _ := json.MarshalCanonical(snapshot)
|
||||
snapJSON, _ := json.Marshal(snapshot)
|
||||
|
||||
store.UpdateCurrent("gun", storage.MetaUpdate{Role: "snapshot", Version: 0, Data: snapJSON})
|
||||
_, err = GetOrCreateSnapshot("gun", store, crypto)
|
||||
|
|
@ -179,7 +179,7 @@ func TestGetSnapshotCurrCorrupt(t *testing.T) {
|
|||
_, err := GetOrCreateSnapshotKey("gun", store, crypto, data.ED25519Key)
|
||||
|
||||
snapshot := &data.SignedSnapshot{}
|
||||
snapJSON, _ := json.MarshalCanonical(snapshot)
|
||||
snapJSON, _ := json.Marshal(snapshot)
|
||||
|
||||
store.UpdateCurrent("gun", storage.MetaUpdate{Role: "snapshot", Version: 0, Data: snapJSON[1:]})
|
||||
_, err = GetOrCreateSnapshot("gun", store, crypto)
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ func GetOrCreateTimestamp(gun string, store storage.MetaStore, cryptoService sig
|
|||
logrus.Error("Failed to create a new timestamp")
|
||||
return nil, err
|
||||
}
|
||||
out, err := json.MarshalCanonical(sgnd)
|
||||
out, err := json.Marshal(sgnd)
|
||||
if err != nil {
|
||||
logrus.Error("Failed to marshal new timestamp")
|
||||
return nil, err
|
||||
|
|
|
|||
|
|
@ -1,15 +1,15 @@
|
|||
package timestamp
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/jfrazelle/go/canonical/json"
|
||||
"github.com/docker/notary/tuf/data"
|
||||
"github.com/docker/notary/tuf/signed"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/docker/notary/server/storage"
|
||||
"github.com/docker/notary/tuf/data"
|
||||
"github.com/docker/notary/tuf/signed"
|
||||
)
|
||||
|
||||
func TestTimestampExpired(t *testing.T) {
|
||||
|
|
@ -53,7 +53,7 @@ func TestGetTimestamp(t *testing.T) {
|
|||
crypto := signed.NewEd25519()
|
||||
|
||||
snapshot := &data.SignedSnapshot{}
|
||||
snapJSON, _ := json.MarshalCanonical(snapshot)
|
||||
snapJSON, _ := json.Marshal(snapshot)
|
||||
|
||||
store.UpdateCurrent("gun", storage.MetaUpdate{Role: "snapshot", Version: 0, Data: snapJSON})
|
||||
// create a key to be used by GetTimestamp
|
||||
|
|
@ -70,7 +70,7 @@ func TestGetTimestampNewSnapshot(t *testing.T) {
|
|||
|
||||
snapshot := data.SignedSnapshot{}
|
||||
snapshot.Signed.Version = 0
|
||||
snapJSON, _ := json.MarshalCanonical(snapshot)
|
||||
snapJSON, _ := json.Marshal(snapshot)
|
||||
|
||||
store.UpdateCurrent("gun", storage.MetaUpdate{Role: "snapshot", Version: 0, Data: snapJSON})
|
||||
// create a key to be used by GetTimestamp
|
||||
|
|
@ -82,7 +82,7 @@ func TestGetTimestampNewSnapshot(t *testing.T) {
|
|||
|
||||
snapshot = data.SignedSnapshot{}
|
||||
snapshot.Signed.Version = 1
|
||||
snapJSON, _ = json.MarshalCanonical(snapshot)
|
||||
snapJSON, _ = json.Marshal(snapshot)
|
||||
|
||||
store.UpdateCurrent("gun", storage.MetaUpdate{Role: "snapshot", Version: 1, Data: snapJSON})
|
||||
|
||||
|
|
|
|||
|
|
@ -2,20 +2,20 @@ package client
|
|||
|
||||
import (
|
||||
"crypto/sha256"
|
||||
"encoding/json"
|
||||
"strconv"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/Sirupsen/logrus"
|
||||
"github.com/jfrazelle/go/canonical/json"
|
||||
tuf "github.com/docker/notary/tuf"
|
||||
"github.com/docker/notary/tuf/testutils"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
tuf "github.com/docker/notary/tuf"
|
||||
"github.com/docker/notary/tuf/data"
|
||||
"github.com/docker/notary/tuf/keys"
|
||||
"github.com/docker/notary/tuf/signed"
|
||||
"github.com/docker/notary/tuf/store"
|
||||
"github.com/docker/notary/tuf/testutils"
|
||||
)
|
||||
|
||||
func TestRotation(t *testing.T) {
|
||||
|
|
@ -204,7 +204,7 @@ func TestCheckRootExpired(t *testing.T) {
|
|||
|
||||
signedRoot, err := root.ToSigned()
|
||||
assert.NoError(t, err)
|
||||
rootJSON, err := json.MarshalCanonical(signedRoot)
|
||||
rootJSON, err := json.Marshal(signedRoot)
|
||||
assert.NoError(t, err)
|
||||
|
||||
rootHash := sha256.Sum256(rootJSON)
|
||||
|
|
@ -238,7 +238,7 @@ func TestChecksumMismatch(t *testing.T) {
|
|||
client := NewClient(repo, remoteStorage, nil, localStorage)
|
||||
|
||||
sampleTargets := data.NewTargets()
|
||||
orig, err := json.MarshalCanonical(sampleTargets)
|
||||
orig, err := json.Marshal(sampleTargets)
|
||||
origSha256 := sha256.Sum256(orig)
|
||||
orig[0] = '}' // corrupt data, should be a {
|
||||
assert.NoError(t, err)
|
||||
|
|
@ -256,7 +256,7 @@ func TestChecksumMatch(t *testing.T) {
|
|||
client := NewClient(repo, remoteStorage, nil, localStorage)
|
||||
|
||||
sampleTargets := data.NewTargets()
|
||||
orig, err := json.MarshalCanonical(sampleTargets)
|
||||
orig, err := json.Marshal(sampleTargets)
|
||||
origSha256 := sha256.Sum256(orig)
|
||||
assert.NoError(t, err)
|
||||
|
||||
|
|
@ -273,7 +273,7 @@ func TestSizeMismatchLong(t *testing.T) {
|
|||
client := NewClient(repo, remoteStorage, nil, localStorage)
|
||||
|
||||
sampleTargets := data.NewTargets()
|
||||
orig, err := json.MarshalCanonical(sampleTargets)
|
||||
orig, err := json.Marshal(sampleTargets)
|
||||
origSha256 := sha256.Sum256(orig)
|
||||
assert.NoError(t, err)
|
||||
l := int64(len(orig))
|
||||
|
|
@ -296,7 +296,7 @@ func TestSizeMismatchShort(t *testing.T) {
|
|||
client := NewClient(repo, remoteStorage, nil, localStorage)
|
||||
|
||||
sampleTargets := data.NewTargets()
|
||||
orig, err := json.MarshalCanonical(sampleTargets)
|
||||
orig, err := json.Marshal(sampleTargets)
|
||||
origSha256 := sha256.Sum256(orig)
|
||||
assert.NoError(t, err)
|
||||
l := int64(len(orig))
|
||||
|
|
@ -319,7 +319,7 @@ func TestDownloadTargetsHappy(t *testing.T) {
|
|||
|
||||
signedOrig, err := repo.SignTargets("targets", data.DefaultExpires("targets"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta("targets", orig)
|
||||
assert.NoError(t, err)
|
||||
|
|
@ -369,7 +369,7 @@ func TestDownloadTargetsDeepHappy(t *testing.T) {
|
|||
// serialize and store role
|
||||
signedOrig, err := repo.SignTargets(r, data.DefaultExpires("targets"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta(r, orig)
|
||||
assert.NoError(t, err)
|
||||
|
|
@ -378,7 +378,7 @@ func TestDownloadTargetsDeepHappy(t *testing.T) {
|
|||
// serialize and store targets after adding all delegations
|
||||
signedOrig, err := repo.SignTargets("targets", data.DefaultExpires("targets"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta("targets", orig)
|
||||
assert.NoError(t, err)
|
||||
|
|
@ -414,7 +414,7 @@ func TestDownloadTargetChecksumMismatch(t *testing.T) {
|
|||
// create and "upload" sample targets
|
||||
signedOrig, err := repo.SignTargets("targets", data.DefaultExpires("targets"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
origSha256 := sha256.Sum256(orig)
|
||||
orig[0] = '}' // corrupt data, should be a {
|
||||
|
|
@ -454,7 +454,7 @@ func TestDownloadTargetsNoChecksum(t *testing.T) {
|
|||
// create and "upload" sample targets
|
||||
signedOrig, err := repo.SignTargets("targets", data.DefaultExpires("targets"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta("targets", orig)
|
||||
assert.NoError(t, err)
|
||||
|
|
@ -476,7 +476,7 @@ func TestDownloadTargetsNoSnapshot(t *testing.T) {
|
|||
// create and "upload" sample targets
|
||||
signedOrig, err := repo.SignTargets("targets", data.DefaultExpires("targets"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta("targets", orig)
|
||||
assert.NoError(t, err)
|
||||
|
|
@ -496,7 +496,7 @@ func TestBootstrapDownloadRootHappy(t *testing.T) {
|
|||
// create and "upload" sample root
|
||||
signedOrig, err := repo.SignRoot(data.DefaultExpires("root"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta("root", orig)
|
||||
assert.NoError(t, err)
|
||||
|
|
@ -517,7 +517,7 @@ func TestUpdateDownloadRootHappy(t *testing.T) {
|
|||
// create and "upload" sample root, snapshot, and timestamp
|
||||
signedOrig, err := repo.SignRoot(data.DefaultExpires("root"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta("root", orig)
|
||||
assert.NoError(t, err)
|
||||
|
|
@ -542,7 +542,7 @@ func TestUpdateDownloadRootBadChecksum(t *testing.T) {
|
|||
// create and "upload" sample root, snapshot, and timestamp
|
||||
signedOrig, err := repo.SignRoot(data.DefaultExpires("root"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta("root", orig)
|
||||
assert.NoError(t, err)
|
||||
|
|
@ -562,7 +562,7 @@ func TestDownloadTimestampHappy(t *testing.T) {
|
|||
// create and "upload" sample timestamp
|
||||
signedOrig, err := repo.SignTimestamp(data.DefaultExpires("timestamp"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta("timestamp", orig)
|
||||
assert.NoError(t, err)
|
||||
|
|
@ -580,14 +580,14 @@ func TestDownloadSnapshotHappy(t *testing.T) {
|
|||
// create and "upload" sample snapshot and timestamp
|
||||
signedOrig, err := repo.SignSnapshot(data.DefaultExpires("snapshot"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta("snapshot", orig)
|
||||
assert.NoError(t, err)
|
||||
|
||||
signedOrig, err = repo.SignTimestamp(data.DefaultExpires("timestamp"))
|
||||
assert.NoError(t, err)
|
||||
orig, err = json.MarshalCanonical(signedOrig)
|
||||
orig, err = json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta("timestamp", orig)
|
||||
assert.NoError(t, err)
|
||||
|
|
@ -607,7 +607,7 @@ func TestDownloadSnapshotNoTimestamp(t *testing.T) {
|
|||
// create and "upload" sample snapshot and timestamp
|
||||
signedOrig, err := repo.SignSnapshot(data.DefaultExpires("snapshot"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta("snapshot", orig)
|
||||
assert.NoError(t, err)
|
||||
|
|
@ -627,7 +627,7 @@ func TestDownloadSnapshotNoChecksum(t *testing.T) {
|
|||
// create and "upload" sample snapshot and timestamp
|
||||
signedOrig, err := repo.SignSnapshot(data.DefaultExpires("snapshot"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta("snapshot", orig)
|
||||
assert.NoError(t, err)
|
||||
|
|
@ -651,7 +651,7 @@ func TestDownloadSnapshotBadChecksum(t *testing.T) {
|
|||
// create and "upload" sample snapshot and timestamp
|
||||
signedOrig, err := repo.SignSnapshot(data.DefaultExpires("snapshot"))
|
||||
assert.NoError(t, err)
|
||||
orig, err := json.MarshalCanonical(signedOrig)
|
||||
orig, err := json.Marshal(signedOrig)
|
||||
assert.NoError(t, err)
|
||||
err = remoteStorage.SetMeta("snapshot", orig)
|
||||
assert.NoError(t, err)
|
||||
|
|
|
|||
|
|
@ -27,12 +27,12 @@ type Snapshot struct {
|
|||
// and targets objects
|
||||
func NewSnapshot(root *Signed, targets *Signed) (*SignedSnapshot, error) {
|
||||
logrus.Debug("generating new snapshot...")
|
||||
targetsJSON, err := json.MarshalCanonical(targets)
|
||||
targetsJSON, err := json.Marshal(targets)
|
||||
if err != nil {
|
||||
logrus.Debug("Error Marshalling Targets")
|
||||
return nil, err
|
||||
}
|
||||
rootJSON, err := json.MarshalCanonical(root)
|
||||
rootJSON, err := json.Marshal(root)
|
||||
if err != nil {
|
||||
logrus.Debug("Error Marshalling Root")
|
||||
return nil, err
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ type Timestamp struct {
|
|||
|
||||
// NewTimestamp initializes a timestamp with an existing snapshot
|
||||
func NewTimestamp(snapshot *Signed) (*SignedTimestamp, error) {
|
||||
snapshotJSON, err := json.MarshalCanonical(snapshot)
|
||||
snapshotJSON, err := json.Marshal(snapshot)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,17 +1,17 @@
|
|||
package testutils
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"math/rand"
|
||||
"time"
|
||||
|
||||
"github.com/docker/notary/tuf/data"
|
||||
"github.com/docker/notary/tuf/utils"
|
||||
fuzz "github.com/google/gofuzz"
|
||||
"github.com/jfrazelle/go/canonical/json"
|
||||
|
||||
tuf "github.com/docker/notary/tuf"
|
||||
"github.com/docker/notary/tuf/data"
|
||||
"github.com/docker/notary/tuf/keys"
|
||||
"github.com/docker/notary/tuf/signed"
|
||||
"github.com/docker/notary/tuf/utils"
|
||||
)
|
||||
|
||||
// EmptyRepo creates an in memory key database, crypto service
|
||||
|
|
@ -83,19 +83,19 @@ func Sign(repo *tuf.Repo) (root, targets, snapshot, timestamp *data.Signed, err
|
|||
|
||||
// Serialize takes the Signed objects for the 4 top level roles and serializes them all to JSON
|
||||
func Serialize(sRoot, sTargets, sSnapshot, sTimestamp *data.Signed) (root, targets, snapshot, timestamp []byte, err error) {
|
||||
root, err = json.MarshalCanonical(sRoot)
|
||||
root, err = json.Marshal(sRoot)
|
||||
if err != nil {
|
||||
return nil, nil, nil, nil, err
|
||||
}
|
||||
targets, err = json.MarshalCanonical(sTargets)
|
||||
targets, err = json.Marshal(sTargets)
|
||||
if err != nil {
|
||||
return nil, nil, nil, nil, err
|
||||
}
|
||||
snapshot, err = json.MarshalCanonical(sSnapshot)
|
||||
snapshot, err = json.Marshal(sSnapshot)
|
||||
if err != nil {
|
||||
return nil, nil, nil, nil, err
|
||||
}
|
||||
timestamp, err = json.MarshalCanonical(sTimestamp)
|
||||
timestamp, err = json.Marshal(sTimestamp)
|
||||
if err != nil {
|
||||
return nil, nil, nil, nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,14 +5,13 @@ import (
|
|||
"bytes"
|
||||
"crypto/sha256"
|
||||
"encoding/hex"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"path"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/Sirupsen/logrus"
|
||||
"github.com/jfrazelle/go/canonical/json"
|
||||
|
||||
"github.com/docker/notary/tuf/data"
|
||||
"github.com/docker/notary/tuf/keys"
|
||||
"github.com/docker/notary/tuf/signed"
|
||||
|
|
@ -607,7 +606,7 @@ func (tr *Repo) RemoveTargets(role string, targets ...string) error {
|
|||
|
||||
// UpdateSnapshot updates the FileMeta for the given role based on the Signed object
|
||||
func (tr *Repo) UpdateSnapshot(role string, s *data.Signed) error {
|
||||
jsonData, err := json.MarshalCanonical(s)
|
||||
jsonData, err := json.Marshal(s)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -622,7 +621,7 @@ func (tr *Repo) UpdateSnapshot(role string, s *data.Signed) error {
|
|||
|
||||
// UpdateTimestamp updates the snapshot meta in the timestamp based on the Signed object
|
||||
func (tr *Repo) UpdateTimestamp(s *data.Signed) error {
|
||||
jsonData, err := json.MarshalCanonical(s)
|
||||
jsonData, err := json.Marshal(s)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,18 +2,17 @@ package tuf
|
|||
|
||||
import (
|
||||
"crypto/sha256"
|
||||
"encoding/json"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"path"
|
||||
"path/filepath"
|
||||
"testing"
|
||||
|
||||
"github.com/jfrazelle/go/canonical/json"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/docker/notary/tuf/data"
|
||||
"github.com/docker/notary/tuf/keys"
|
||||
"github.com/docker/notary/tuf/signed"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
func initRepo(t *testing.T, cryptoService signed.CryptoService, keyDB *keys.KeyDB) *Repo {
|
||||
|
|
@ -113,13 +112,13 @@ func writeRepo(t *testing.T, dir string, repo *Repo) {
|
|||
assert.NoError(t, err)
|
||||
signedRoot, err := repo.SignRoot(data.DefaultExpires("root"))
|
||||
assert.NoError(t, err)
|
||||
rootJSON, _ := json.MarshalCanonical(signedRoot)
|
||||
rootJSON, _ := json.Marshal(signedRoot)
|
||||
ioutil.WriteFile(dir+"/root.json", rootJSON, 0755)
|
||||
|
||||
for r := range repo.Targets {
|
||||
signedTargets, err := repo.SignTargets(r, data.DefaultExpires("targets"))
|
||||
assert.NoError(t, err)
|
||||
targetsJSON, _ := json.MarshalCanonical(signedTargets)
|
||||
targetsJSON, _ := json.Marshal(signedTargets)
|
||||
p := path.Join(dir, r+".json")
|
||||
parentDir := filepath.Dir(p)
|
||||
os.MkdirAll(parentDir, 0755)
|
||||
|
|
@ -128,12 +127,12 @@ func writeRepo(t *testing.T, dir string, repo *Repo) {
|
|||
|
||||
signedSnapshot, err := repo.SignSnapshot(data.DefaultExpires("snapshot"))
|
||||
assert.NoError(t, err)
|
||||
snapshotJSON, _ := json.MarshalCanonical(signedSnapshot)
|
||||
snapshotJSON, _ := json.Marshal(signedSnapshot)
|
||||
ioutil.WriteFile(dir+"/snapshot.json", snapshotJSON, 0755)
|
||||
|
||||
signedTimestamp, err := repo.SignTimestamp(data.DefaultExpires("timestamp"))
|
||||
assert.NoError(t, err)
|
||||
timestampJSON, _ := json.MarshalCanonical(signedTimestamp)
|
||||
timestampJSON, _ := json.Marshal(signedTimestamp)
|
||||
ioutil.WriteFile(dir+"/timestamp.json", timestampJSON, 0755)
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue