Refactor validateRoot into KeyStoreManager. It now takes the DNS name as
a parameter. When KeyStoreManager is used with a NotaryRepository, the
DNS name should be the GUN of the repository.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This structure encapsulates what used to be "rootKeyStore" and
"privKeyStore". These are being moved out of NotaryRepository, so that
operations like listing keys, importing keys, and exporting keys aren't
tied to a NotaryRepository structure.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
We now deal with CryptoServices directly instead of passing around
Signers.
UnlockedSigner becomes UnlockedCryptoService because it no longer
contains a Signer.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This test now checks ListTargets and GetTargetByName as well. To do
this, it needs to expose signed metadata files over the internal HTTP
server. This means adding the timestamp private key to the key store and
exposing various json files as endpoints that serialize the necessary
data.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Remove "transport", because it's not used.
In the actual notary client, pass in a hard-coded URL for now (same one
previously hardcoded in getRemoteStore). In tests, create a trivial HTTP
server using net/http/httptest, which returns a timestamp.key file.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Signed-off-by: Diogo Monica <diogo@docker.com>
Aaron Lehmann
Diogo Monica
David Lawrence