0b3377a86c
Merge pull request #263 from jfrazelle/update-canonical
...
rebased canonical/json off go 1.5.1
2015-11-03 16:52:32 +00:00
2d8ebb9d4a
Merge pull request #264 from jfrazelle/fix-makefile
...
Fix version in makefile
2015-11-02 22:41:32 -08:00
412679084a
Fix version in makefile
...
OLD:
```
jessie at debian in ~/notary on fix-makefile
$ ./bin/notary version
notary
Version: '1.0-rc1'
Git commit: 'ab66379'
```
WITH PATCH:
```
jessie at debian in ~/notary on fix-makefile
$ ./bin/notary version
notary
Version: 1.0-rc1
Git commit: ab66379
2015-11-02 17:33:33 -08:00
ab6637934d
Merge pull request #258 from mtrmac/unused-sha256
...
Don't compute an unnecessary cryptographic hash
2015-11-02 11:12:39 -08:00
8e8c2977da
rebased canonical/json off go 1.5.1
...
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-11-02 10:26:42 -08:00
29ae808472
Don't compute an unnecessary cryptographic hash
...
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2015-11-02 15:27:02 +01:00
dfaa8daf9b
Merge pull request #255 from mtrmac/no-P224
...
Don't use elliptic.P224()
2015-11-01 10:32:03 +00:00
fd0775e1dc
Merge pull request #257 from mtrmac/fix-export-root
...
Fix (notary key export-root)
2015-11-01 10:31:29 +00:00
75c1b48a58
Merge pull request #260 from cyli/document-require-1.5.1
...
Update README to reflect go 1.5.1 requirement
2015-11-01 10:21:13 +00:00
07ae585485
Fix dockerfiles to no longer have the "-X ...GitCommit" deprecation warning
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-11-01 01:47:55 -07:00
301c0892f3
Update README to reflect go 1.5.1 requirement and add an endpoint
...
to the makefile to check the go version
Signed-off-by: Ying Li <ying.li@docker.com>
2015-11-01 01:47:02 -07:00
fa5c4e608d
Merge pull request #256 from mtrmac/fix-import-root
...
Remove key ID from (notary key import-root)
2015-10-30 13:23:33 -07:00
e2c6e989e9
Merge pull request #259 from mtrmac/drop-debug-print
...
Remove a left-over debugging Println
2015-10-30 13:15:49 -07:00
40bfc3f890
Don't use elliptic.P224()
...
This curve is not available on Fedora and RHEL systems, so removing the
reference allows tests to pass there. Vast majority of the
curve-specific work is done in the golang crypto/elliptic package, so
this does not weaken the tests noticeably.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2015-10-30 20:44:05 +01:00
62dc66e936
Remove key ID from (notary key import-root)
...
PR #242 has started requiring a passphrase for the imported key, and
recomputes the key ID, making the command-line argument redundant. So,
remove it from the command line and from the KeyStoreManager API.
Also updates the comment for KeyStoreManager.ImportRootKey, and changes
(notary key import-root) to refuse unexpected arguments instead of
silently ignoring them.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2015-10-30 20:40:03 +01:00
93c28ccb1b
Fix (notary key export-root)
...
-c was recently taken over by --configFile; using it for
--change-passphrase as well results in
panic: shorthand redefinition
So, move --change-passphrase to -p.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2015-10-30 20:39:20 +01:00
c2d560c789
Remove a left-over debugging Println
...
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2015-10-30 20:38:41 +01:00
29f5a4523c
Merge pull request #254 from endophage/cryptoservice_multiple_keystores
...
cryptoservices can abstract multiple keystores
2015-10-30 11:21:52 -07:00
9428beea50
expose cryptoservice in NotarySigner
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-30 11:08:35 -07:00
f791c01974
cryptoservices can abstract multiple keystores
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-30 11:05:43 -07:00
e5c388d470
Merge pull request #246 from endophage/private_signer
...
Private keys implement crypto.Signer
2015-10-30 10:33:46 -07:00
06990fd5a1
integreating with @cyli's improvements
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-30 10:15:52 -07:00
7e5cc048b7
Merge pull request #253 from cyli/prometheus-server
...
Add prometheus stats to server http handlers
2015-10-29 22:22:24 -07:00
5ea5b40d3f
Add prometheus stats to server http handlers
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 21:04:35 -07:00
3bd4637b09
Merge pull request #251 from HuKeping/fix-list
...
Fix broken list
2015-10-29 20:03:49 -07:00
169d67169c
Fix broken list
...
Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-10-30 10:46:06 +08:00
4c195db439
Merge pull request #249 from jfrazelle/dockerfile-cleanup
...
better named dockerfiles and upgrade to go 1.5.1
2015-10-29 19:04:11 -07:00
7a24fbf32f
adding singer interfaces to private keys:
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-29 17:48:15 -07:00
e904675043
Merge pull request #247 from cyli/remove-unlocked-cryptoservice
...
Remove unlocked_cryptoservice and GetRootCryptoService
2015-10-29 17:47:31 -07:00
4e59ed05bc
better named dockerfiles and upgrade to go 1.5.1
...
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-10-29 17:18:43 -07:00
91d54899d7
Add a GetPrivateKey method to cryptoservice so that we can future-proof
...
cryptoservice having multiple keystores
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 16:34:40 -07:00
7dc0dbec84
Remove the cryptoservice argument to sign
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 16:34:21 -07:00
a3e9558b03
1. Add docstring as to why we are trying a key ID with a GUN and one without - thanks @diogo!
...
2. Call NotaryRepository.cryptoService.GetKey rather than
NotaryRepository.KeyStoreManager.KeyStore.GetKey
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 16:13:23 -07:00
a0b8fa4957
Rename unlocked_crypto_service files
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 15:17:08 -07:00
b9a4175ea9
Update the client NotaryRepository to initialize with a root key ID
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 15:11:15 -07:00
9d2585ea8a
Remove unlocked crypto service and get root crypto service.
...
Generate key is now just a function.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 15:03:27 -07:00
f9019873a6
Merge pull request #243 from endophage/key_types
...
creating concrete types for the various key ciphers
2015-10-29 14:21:33 -07:00
0e5ebb984a
Merge pull request #245 from cyli/prometheus
...
Add prometheus as a dependency
2015-10-29 14:18:31 -07:00
8696c64d12
Add prometheus as a dependency
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 20:21:45 -07:00
b7ce16ab6f
fixes for Diogo's comments
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-28 19:24:51 -07:00
ca7988d642
fixing lint + vet things
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-28 16:20:08 -07:00
f73560d839
creating concrete types for the various key ciphers
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-28 16:02:55 -07:00
570ef86584
Merge pull request #233 from cyli/codecov
...
Use make targets in circleci, more complete coverage
2015-10-28 15:55:33 -07:00
6dcad7860f
Merge pull request #237 from cyli/mutual-auth
...
Support mutual authentication between the server and signer
2015-10-28 15:55:24 -07:00
aa5b621968
Fix import error after rebase
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 15:44:33 -07:00
adda5776cb
Use ListenAndServeTLS with blank args, since ListenAndServe doesn't actually set up TLS
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 15:42:36 -07:00
126691ac9e
Update the notary server and signer configs to make use of client authentication.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 15:42:33 -07:00
34aecae033
Split out parsing the client TLS in notary-server.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 15:40:41 -07:00
04a78e720f
Factor out and test TLS configuration in notary-server.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 15:39:52 -07:00
bbf941d198
Allow client CAs to be provided to notary-signer.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 15:39:52 -07:00
Diogo Mónica
Ying Li
Jessica Frazelle
David Lawrence
Miloslav Trmač
Ying Li
David Lawrence
HuKeping