GetCryptoService is a helper function and we have injected a specific
http.ResponseWriter object for it to write back error message. Meanwhile
the caller for that function checks whether the cryptoService is nil
or not and return immediately if it is nil.
I think it's not a good idea to write back HTTP response in the helper function,
it's the caller's work and thus there is no need to inject the specific
ResponseWriter object into it.
Signed-off-by: Hu Keping <hukeping@huawei.com>
- Add MemoryFileStore, a partial FileStore implementation that doesn't
persist on disk.
- Create a KeyStore interface that allows pluggable key store types. Use
this interface in the cryptoservice implementation.
- Add KeyMemoryStore, which uses MemoryFileStore to provide a KeyStore.
- Add GetKey and DeleteKey functions to cryptoservice.CryptoService.
- Refactor the hardware RSA signing service as a CryptoService.
- Replace custom ed25519 code with cryptoservice.CryptoService.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This causes notary-signer to use gotuf's Key interface instead of
defining its own redundant types.
We can go further with this in the future by removing the redundant
ED25519 implementation. This would be refactored into the cryptoservice
package, and notary-signer would be changed to use that package's
cryptoservice for key creation and signing operations.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
When we need to find a key from its ID, search all available signing
services. There should only be a few, so this shouldn't have much
overhead. This avoids the need to maintain a persistent mapping between
key ID and the responsible signing service.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
HuKeping
David Lawrence
Aaron Lehmann
Diogo Monica