5acab543e4
Update the client to have an old builder and a new builder, and to only use
...
cached version numbers to check downloaded version numbers of cached data
validates against the old builder.
This also removes the `GetRepo` function of the builder and adds some data
accessors instead that are necessary to do a consistent download and check
versions, that way the downloader doesn't need to fish around in the repo
itself for data in order to figure out what to download.
Signed-off-by: Ying Li <ying.li@docker.com>
2016-04-27 10:58:58 -07:00
82c88e95a5
Convert bootstrap repo to use the builder
...
Signed-off-by: Ying Li <ying.li@docker.com>
2016-04-27 10:58:57 -07:00
5f3eaf411b
Update the downloading client to use the builder.
...
Delete the remaining TUF client download tests because they are already covered by
the client update tests.
Signed-off-by: Ying Li <ying.li@docker.com>
2016-04-27 10:58:57 -07:00
ed1bf1a0a6
Address review comments
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-04-26 17:00:12 -07:00
01bbd532c6
Update update logic to error out on corrupted previous root metadata
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-04-26 16:59:22 -07:00
9da40f07da
Foundation for removing certstore
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-04-26 16:59:22 -07:00
378116d37c
Add empty hashes check for AddTarget
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-04-19 13:39:26 -07:00
94a2e3a741
Change config to disable_tofu instead of tofu
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-04-19 11:01:56 -07:00
bbf51108c0
Rename certs package to trustpinning
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-04-19 11:01:55 -07:00
7d6fdc08cd
Update function description for expected behavior, groundwork for config
...
in validation
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-04-19 11:01:54 -07:00
cea46f7c3e
Change root cert rotation to be root key rotation instead
...
Signed-off-by: Ying Li <ying.li@docker.com>
2016-04-13 22:12:53 -07:00
708507adde
Require signing with all previous roles, instead of just the immediately previous role
...
Signed-off-by: Ying Li <ying.li@docker.com>
2016-04-13 22:10:58 -07:00
160ea2bc54
Address review comments and improve docstrings
...
Signed-off-by: Ying Li <ying.li@docker.com>
2016-04-13 11:48:36 -07:00
d835fbbca2
Implement root certificate rotation in NotaryRepository
...
NotaryRepository can now list root certificates, and
generate new versions (as changelists to be applied
on Publish).
This is a pretty mechanical encapsulation of the
root certificate rotation support in Repo.AddBaseKeys
and Repo.RemoveBaseKeys. The only slightly interesting
part is ListRootCert, which requires on-line access
to ensure fresh data, and depends on CertStore doing
some verification for us.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2016-04-13 11:48:36 -07:00
f23f2093e3
Create enough signatures as role's threshold requires
...
Tell signed.Sign how many signatures are necessary to sign a role, and
have it fail if it cannot create that many.
For most uses this does not make much of a difference because the
threshold tends to be 1 and signed.Sign was already failing if no key
could be found or if no signature could be created; only >1-threshold
roles now (correctly) fail in additional situations. But the knowledge
of a role’s threshold will be useful in a future commit.
Always use ErrInsufficientSignatures for this failure, whether this is
when loading the keys or actually using them (also fixing
ErrInsufficentSignature documentation to refer to signing and not
verification). ErrNoKeys is no longer returned by signed.Sign.
So, adjust the “snapshot key is not available” logic in
NotaryRepository.Publish accordingly, which also makes it more precise
(actually triggering only when no snapshot key is available).
Now that role's threshold is enforced when signing, update
TestValidateRootInvalidTimestampThreshold to create the second key
necessary to correctly sign the timestamp role.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2016-04-13 11:48:36 -07:00
14a563bb51
Add a few more descriptive comments
...
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2016-04-12 14:33:45 -07:00
f8c42e4cbf
NotaryRepository.Update now just returns an error, rather than a client
...
an error, because we don't actually use the client anymore.
Signed-off-by: Ying Li <ying.li@docker.com>
2016-04-06 14:08:08 -07:00
0a60261fab
Use constant for root role
...
Signed-off-by: Hu Keping <hukeping@huawei.com>
2016-03-29 07:08:23 +08:00
ddff581bd8
Use constant for targets role
...
Signed-off-by: Hu Keping <hukeping@huawei.com>
2016-03-29 07:08:16 +08:00
67b0ec3771
Use constant for snapshot
...
Signed-off-by: Hu Keping <hukeping@huawei.com>
2016-03-28 17:21:24 +08:00
9ecd899e25
Removing key import and gun from cryptoservice
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-03-18 11:31:03 -07:00
44cccbb4db
Make all key rotations publish immediately, not just remote key rotations
...
Signed-off-by: Ying Li <ying.li@docker.com>
2016-03-15 18:35:30 -07:00
fa5edc40af
Publish only the key rotation changes after a remote key rotation
...
Signed-off-by: Ying Li <ying.li@docker.com>
2016-03-15 18:17:27 -07:00
e3716f0be9
Change the CLI for rotate key to require a role type
...
Signed-off-by: Ying Li <ying.li@docker.com>
2016-03-15 18:17:27 -07:00
07b9f504e4
Update the CLI and client to no longer reject remote timestamp rotations.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2016-03-15 18:17:27 -07:00
6b96c7e56d
[PATCH 3/8] Add sha512 when creating target, snapshot and timestamp
...
Signed-off-by: Hu Keping <hukeping@huawei.com>
2016-03-11 10:44:42 +08:00
cb2dd07edc
the server was not setting the longer snapshot expiry time. When generating a timestamp it was also retriving the snapshot directly from the database and only validating the checksum still matched what was in the timestamp. Due to the addition of consistent downloads, this mean a new snapshot never got generated. It is necessary for GetOrCreateTimestamp to call GetOrCreateSnapshot to ensure a new snapshot is generated as and when required
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2016-02-24 15:51:31 -08:00
729bb88537
addressing review comments
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-23 11:55:31 -08:00
06e34e825a
walk for updating/creating delegations, validate changes to paths
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-23 11:55:31 -08:00
fe1c8ea1d8
More robust errors for visitor and walker, improve comments
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-23 11:55:31 -08:00
a7153aeccb
WalkTargets on tuf repo, use in getting targets/roles
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-23 11:55:31 -08:00
0d10758c32
Merge pull request #566 from docker/role-types-getters
...
Role types with keys, remove keyDB
2016-02-17 18:17:34 -08:00
1db128778d
completely removing KeyDB
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2016-02-16 21:11:13 -08:00
5931f93134
fix current typos
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-16 13:36:57 -08:00
0369344a78
split client.go into delegations.go
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-02 17:10:07 -08:00
9c84547853
Add tests against old style changes and clear paths
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-02 17:01:35 -08:00
70ee4f8670
PoC broken down client api for delegations
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-02 17:01:35 -08:00
c07c7b49c2
removing last vestiges of target download code
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2016-02-02 11:39:17 -08:00
637a2331d4
client side of consistent downloads
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2016-01-29 16:52:58 -08:00
a16e6b58b5
use only canonical IDs for display on delegation CLI commands, translate to TUF key IDs for metadata usage under the hood
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-01-29 16:00:42 -08:00
41643d4a9c
make -1 read up to 100MB of data, use for non-timestamps. Reduce
...
timestamp to 1MB max
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-01-28 10:17:17 -08:00
a6159a45d1
ensure filestore GetMeta only returns up to size bytes. Standardize constant for max size
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-01-28 10:16:19 -08:00
3cd3614de6
Tiny refactor
...
Just to keep consistent with the others.
Signed-off-by: Hu Keping <hukeping@huawei.com>
2016-01-25 15:14:08 +08:00
25a1e9aed7
change to ListRoles, and GetAllLoadedRoles
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-01-20 15:58:55 -08:00
a052d9e105
client library for retrieving keys and signatures for all roles
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-01-20 12:00:09 -08:00
3c72ef762b
Merge pull request #482 from docker/random-lint-fix
...
Add some comments about the notary constants, and other lint fixes.
2016-01-19 23:39:11 -08:00
6f2e851b29
Merge pull request #479 from docker/remove_to_lower
...
Do not lowercase role names when adding a change
2016-01-19 16:22:41 -08:00
2ff7bf6375
Add some comments about the notary constants, and other lint fixes.
...
It seems that `make vet` sometimes disagrees locally vs on CircleCI. This
just fixes my local `make vet` complaints.
Signed-off-by: Ying Li <ying.li@docker.com>
2016-01-19 15:55:47 -08:00
a3b9a5543f
Do not lowercase role names when adding a change
...
Signed-off-by: Ying Li <ying.li@docker.com>
2016-01-19 14:32:00 -08:00
cf0bb5a9be
Merge pull request #440 from docker/diogo-cli-adding-delegations
...
delegation command for notary-cli
2016-01-19 13:54:56 -08:00
Ying Li
Riyaz Faizullabhoy
Miloslav Trmač
HuKeping
David Lawrence
Riyaz Faizullabhoy
Ying Li