- Add MemoryFileStore, a partial FileStore implementation that doesn't
persist on disk.
- Create a KeyStore interface that allows pluggable key store types. Use
this interface in the cryptoservice implementation.
- Add KeyMemoryStore, which uses MemoryFileStore to provide a KeyStore.
- Add GetKey and DeleteKey functions to cryptoservice.CryptoService.
- Refactor the hardware RSA signing service as a CryptoService.
- Replace custom ed25519 code with cryptoservice.CryptoService.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
When we need to find a key from its ID, search all available signing
services. There should only be a few, so this shouldn't have much
overhead. This avoids the need to maintain a persistent mapping between
key ID and the responsible signing service.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
David Lawrence
Aaron Lehmann