Commit Graph

11 Commits

Author SHA1 Message Date
Riyaz Faizullabhoy 5d0b926b7f Use require for certs and trustmanager
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-04-04 14:44:48 -07:00
David Lawrence 6d5b8ff54a add role into PEM headers
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-23 09:41:03 -08:00
Miloslav Trmač 06e58c1d11 Tighten TestNewCertificate tests
Using the just added facility to generate a certificate as of a specific
time, tighten TestNewCertificate to use equality comparisons.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2015-12-09 20:02:10 +01:00
Miloslav Trmač 3c6335c572 Explicitly supply validity times to certificate generation
Add explicit startTime and endTime parameters to
cryptoservice.GenerateCertificate and trustmanager.NewCertificate.

trustmanager.NewCertificate as a low-level data manipulation function
should not be hard-coding policy (10-year expiration); that policy
belongs to its callers, or one more level higher to callers of
cryptoservice.GenerateCertificate.

These places hard-coding policy now also have an explict comment to
that effect.

In addition to conceptual cleanliness, this will allow writing tests
of certificate expiry by generating appropriate expired or nearly-expired
certificates.

Tests which don't care about the policy much will continue to use the
just added cryptoservice.GenerateTestingCertificate.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2015-12-09 20:02:10 +01:00
David Lawrence 2833a88292 adding gotuf to notary
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-27 16:36:06 -07:00
David Lawrence e6460330bd fixing camel casing of func
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-20 21:45:30 -07:00
Ying Li 208977b1ad Add an extra test for ECDSAx509 keys
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-20 20:57:18 -07:00
Ying Li ea7d621705 Add a utility function to return a public key ID from a certificate.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-20 19:38:39 -07:00
Diogo Monica d1761eba25 Changing certificate expiration time to 10 years
Signed-off-by: Diogo Monica <diogo@docker.com>
2015-07-20 14:55:36 -07:00
Diogo Monica cf9e6499e1 Addressing comments
Signed-off-by: Diogo Monica <diogo@docker.com>
2015-07-19 01:45:43 -07:00
Diogo Monica 2eb77d3334 Removed organization from certificates and added tests for x509utils
Signed-off-by: Diogo Monica <diogo@docker.com>
2015-07-18 21:48:53 -07:00