docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
367 Commits 21 Branches 28 Tags 816 MiB
Commit Graph

43 Commits

Author SHA1 Message Date
David Lawrence 5015b1f47d fixing timestamps, clearing changelists, and the Adding target byte log 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-18 17:55:13 -07:00
David Lawrence d453c6548d client side of multi TUF file atomic update 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-17 17:48:06 -07:00
Aaron Lehmann 36a8f77129 Rename certificate stores to trustedCertificateStore and trustedCAStore 
Add convenience methods to KeyStoreManager to add certs to both cert
stores.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-15 18:10:53 -07:00
Aaron Lehmann e5a42d4df9 Add ExportKeysByGUN function 
It exports the keys for a particular GUN to a zip, encrypted with a
specified passphrase.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-15 17:14:57 -07:00
Aaron Lehmann a16581ecc7 Move CryptoService and UnlockedCryptoService into a cryptoservice package 
Move GenRootKey and GetRootCryptoService to KeyStoreManager, now that
they don't depend on client-specific types.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 18:39:38 -07:00
Aaron Lehmann 6068f30145 Move caStore and certificateStore into KeyStoreManager 
Refactor validateRoot into KeyStoreManager. It now takes the DNS name as
a parameter. When KeyStoreManager is used with a NotaryRepository, the
DNS name should be the GUN of the repository.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 18:39:38 -07:00
Aaron Lehmann d5c7c40955 Introduce a KeyStoreManager to abstract management of root and non-root key storage 
This structure encapsulates what used to be "rootKeyStore" and
"privKeyStore". These are being moved out of NotaryRepository, so that
operations like listing keys, importing keys, and exporting keys aren't
tied to a NotaryRepository structure.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 18:39:38 -07:00
Diogo Monica ead0224526 Removing commented out code 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 20:32:51 -07:00
Aaron Lehmann e4704f9729 Update notary for removal of signed.Signer 
We now deal with CryptoServices directly instead of passing around
Signers.

UnlockedSigner becomes UnlockedCryptoService because it no longer
contains a Signer.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-13 15:18:02 -07:00
Diogo Monica a139807d89 Fixing lint 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 14:01:26 -07:00
Diogo Monica 765a2cf661 Refactor crypto service 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 13:53:47 -07:00
Diogo Monica ba94fdd19d Signature/key types are now used correcty and are represented by constants. 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 085c613527 Refactored fingerprint cert and added better debugging 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 39482c2397 Working ECDSA implementation 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 43d0ec8a75 Initial ECDSA trustmanager methods 
Signed-off-by: Diogo Monica <diogo@docker.com>

Splitting CryptoService into ECDSA and RSA cryptoservices

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>

Working ECDSA support

Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Derek McGowan f292b562e2 Use logrus instead of fmt.Println 
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
 2015-07-10 17:10:23 -07:00
Aaron Lehmann f8e087a17a Unify CryptoService and RootCryptoService 
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-10 15:10:44 -07:00
David Lawrence d1b09962f1 using roundtripper in notary client 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-10 10:02:38 -07:00
Diogo Monica 06a28c89ee Added root key creation if non-existing to notary 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 18:56:06 -07:00
Diogo Monica 682e7ea00b Fixing lint 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 17:58:55 -07:00
Aaron Lehmann 082d4f3c7c Change NotaryRepository to honor the baseURL passed in 
Remove "transport", because it's not used.

In the actual notary client, pass in a hard-coded URL for now (same one
previously hardcoded in getRemoteStore). In tests, create a trivial HTTP
server using net/http/httptest, which returns a timestamp.key file.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 17:58:33 -07:00
Diogo Monica 8c6de46aca Added list keys that ignores symlinks 2015-07-09 17:58:10 -07:00
David Lawrence 53ad4a7539 fixing publish 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:10 -07:00
Diogo Monica 4635bed2db Major refactor of keys 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 17:58:10 -07:00
David Lawrence 73ca456297 annotating Publish and making it accept a password retriever function 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence 6bff14a679 refactoring NotaryClient out 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence ebbb30b56c hold unlocked signer on repository 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence c3e49afe1a passing cert to initialize 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence 6982d2f1ae put rootSigner on repository 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence c9ab3394de further publish updates, it pushes now, but doesn't sign roots correctly 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
Diogo Monica f9f11e5781 Starting the key refactor; rename UnlockedRootKey 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 17:58:09 -07:00
Diogo Monica 2f986f1a1b WIP 2015-07-09 17:58:09 -07:00
Aaron Lehmann 8b1e9e0faf Fix uninitialized privKeyStore member in NotaryRepository 
Store a pointer to trustmanager.KeyFileStore in CryptoService,
RootCryptoService, NotaryClient, and NotaryRepository, instead of
copying the KeyFileStore structure.

Populate this pointer when creating a NotaryRepository. Previously, it
was left uninitialized.
 2015-07-09 17:58:09 -07:00
David Lawrence 12b4b3d80d working on publish with changelist 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence 1d163650a3 changelist implementation 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)

Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence 9d5e988586 working refactor 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:08 -07:00
David Lawrence 21d45a0f8d IDs for root are now correct 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:08 -07:00
David Lawrence be6e22c355 fixes for list/lookup 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:08 -07:00
Diogo Monica 3891f724bb Changed root directory 2015-07-09 17:58:08 -07:00
Diogo Monica e66dc12eca More refactor 2015-07-09 17:58:08 -07:00
Diogo Monica 93f7d9911f Implementing ListTargets 2015-07-09 17:58:08 -07:00
Diogo Monica 30c0856266 Remove config from libnotary 2015-07-09 17:58:08 -07:00
Diogo Monica 1346296869 Initial libnotary refactor 
Signed-off-by: Diogo Monica <diogo@docker.com>

Ported more functionality to libnotary
 2015-07-09 17:57:48 -07:00