* RemoveKey must purge the cache entry
* Add mutexes to KeyFileStore and KeyMemoryStore so the cachedKeys map
is protected in the case that keystore operations happen from multiple
goroutines
* Change GetKey to return the alias along with the key. Remove
GetKeyAlias. This simplifies the code flows that retrieve the alias
(since they usually get the key and alias together).
* Fix tests affected by key caching
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Add unit test coverage that makes this check fail. Also add unit test
coverage for making sure trying to import something that isn't PEM fails
in the expected way.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This function reads a zip file and populates the keystores with the keys
in the zip file. Root keys are left encrypted, and non-root keys are
decrypted before being added to the keystore.
The unit test first exports a repo's keys to a zip file, then imports it
into another repo. It checks that all the correct keys exist in the new
repo after the import operation.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Aaron Lehmann
Nathan McCauley