9ecd899e25
Removing key import and gun from cryptoservice
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-03-18 11:31:03 -07:00
bde878cdb6
changing API for updating delegations
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-23 11:57:08 -08:00
729bb88537
addressing review comments
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-23 11:55:31 -08:00
06e34e825a
walk for updating/creating delegations, validate changes to paths
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-23 11:55:31 -08:00
fe1c8ea1d8
More robust errors for visitor and walker, improve comments
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-23 11:55:31 -08:00
0d10758c32
Merge pull request #566 from docker/role-types-getters
...
Role types with keys, remove keyDB
2016-02-17 18:17:34 -08:00
d1ac37fd33
addressing review comments
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2016-02-17 16:31:48 -08:00
1db128778d
completely removing KeyDB
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2016-02-16 21:11:13 -08:00
5931f93134
fix current typos
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-16 13:36:57 -08:00
c3c24be66b
remove path restriction from getting delegations, use in future visitor
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-15 22:38:41 -08:00
10865d2310
addressing review comments
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-15 22:38:41 -08:00
1d9e375680
add delegation role methods, more tests
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-15 22:38:41 -08:00
affd18f3d5
limit role methods
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-15 22:38:41 -08:00
dcbdc258c1
update the path validation
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-15 22:38:41 -08:00
d379f9918c
add GetBaseRole and GetDelegationRole with path validation
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-02-15 22:38:41 -08:00
a16e6b58b5
use only canonical IDs for display on delegation CLI commands, translate to TUF key IDs for metadata usage under the hood
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-01-29 16:00:42 -08:00
25a1e9aed7
change to ListRoles, and GetAllLoadedRoles
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-01-20 15:58:55 -08:00
a052d9e105
client library for retrieving keys and signatures for all roles
...
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-01-20 12:00:09 -08:00
cf4b77b760
Revert "switching out to consistently use canonical json for all marshalling of TUF data"
...
This reverts commit f417c834c4
2016-01-08 14:53:09 -08:00
11795a4573
rename data.ValidRoles to data.BaseRoles
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2016-01-07 17:38:52 -08:00
d52dbde683
removing the ability to configure role names. It adds a lot of complexity without adding much value. If somebody wants custom role names they can implement it at the display level
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2016-01-07 17:38:05 -08:00
f417c834c4
switching out to consistently use canonical json for all marshalling of TUF data
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2016-01-06 11:15:27 -08:00
34055f8cf7
Code cleanups as per review, and after rebasing.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-12-18 16:51:48 -08:00
0892ebb13f
Add checks to TUFRepo to fail on updating a target if there are no signing keys.
...
So UpdateDelegation, DeleteDelegation, AddTargets, RemoveTargets now
all check for the role existence, not metadata existence. And they
also check the role's signing keys - there's no point in adding if
we can't sign.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-12-18 16:37:24 -08:00
c12958af36
Do not sign the actual targets metadata unless it's dirty.
...
Previously we were always signing it, but we can't do that anymore
because then delegated users won't be able to publish ever (they
probably don't have the target key).
Some other related changes: when role keys are rotated, that role
needs to be marked as dirty now in order to be re-signed and
published.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-12-18 16:37:24 -08:00
7592a029ef
Do not create the delegation metadata when the delegation is created.
...
Only create it when a target is added to it, or other delegations
are added to it, or when getting a child delegation.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-12-18 16:37:24 -08:00
d3a54cab25
the empty string should be used in delegation Paths to indicate a role can sign anything
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-18 16:10:43 -08:00
829254a98c
minor test cleanup and small new tests
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-16 15:06:48 -08:00
5891805b29
addressing review
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-15 16:21:30 -08:00
79b05d4c0a
changelists for delegations
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-14 17:23:47 -08:00
fb5c9b28a4
low level tuf delegation primitives with full test coverage
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-14 10:11:47 -08:00
7dc0dbec84
Remove the cryptoservice argument to sign
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 16:34:21 -07:00
f73560d839
creating concrete types for the various key ciphers
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-28 16:02:55 -07:00
2833a88292
adding gotuf to notary
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-27 16:36:06 -07:00
Riyaz Faizullabhoy
Riyaz Faizullabhoy
David Lawrence
Ying Li