Signed-off-by: Ying Li <ying.li@docker.com>
Signed-off-by: David Lawrence <david.lawrence@docker.com>
Signed-off-by: Ying Li <ying.li@docker.com> (github: endophage)
Add build tags and a check in Makefile to be sure you do not import
pkcs11 lib somewhere where it should not be. This will ensure docker
import and integration will continue to work.
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
Signed-off-by: David Lawrence <david.lawrence@docker.com>
Signed-off-by: Jessica Frazelle <acidburn@docker.com> (github: endophage)
- Add MemoryFileStore, a partial FileStore implementation that doesn't
persist on disk.
- Create a KeyStore interface that allows pluggable key store types. Use
this interface in the cryptoservice implementation.
- Add KeyMemoryStore, which uses MemoryFileStore to provide a KeyStore.
- Add GetKey and DeleteKey functions to cryptoservice.CryptoService.
- Refactor the hardware RSA signing service as a CryptoService.
- Replace custom ed25519 code with cryptoservice.CryptoService.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This causes notary-signer to use gotuf's Key interface instead of
defining its own redundant types.
We can go further with this in the future by removing the redundant
ED25519 implementation. This would be refactored into the cryptoservice
package, and notary-signer would be changed to use that package's
cryptoservice for key creation and signing operations.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Riyaz Faizullabhoy
HuKeping
Ying Li
David Lawrence
Jessica Frazelle
Nathan McCauley
Aaron Lehmann
Diogo Monica