docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,662 Commits 21 Branches 28 Tags 816 MiB
Commit Graph

55 Commits

Author SHA1 Message Date
Riyaz Faizullabhoy 9ecd899e25 Removing key import and gun from cryptoservice 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-03-18 11:31:03 -07:00
Riyaz Faizullabhoy 0fdb2d1891 update positive tests 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-08 13:40:02 -08:00
Riyaz Faizullabhoy c66584989e add checks to CLI command for role and gun 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-08 13:38:42 -08:00
Riyaz Faizullabhoy 2964e8c6f4 add integration test for adding/listing/removing targets from roles 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-28 10:20:27 -08:00
Riyaz Faizullabhoy 83c5ed255b Add check for RSA key len before adding 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-26 23:27:06 -08:00
Riyaz Faizullabhoy 138d6cea09 Add, remove, and list delegation command. TUF changelist action change 
for deletions (force vs. individual items)
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-18 16:24:45 -08:00
HuKeping fdc0f04268 Keep code style consistent 
GetLeafCerts and GetIntermediaCerts are similiar and a consistent
implementation will be more friendly to those people who wants to read
the code.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-18 19:58:02 +08:00
David Lawrence 48ecd8d2cb some cleanup of certs code 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-15 11:30:32 -08:00
Ying Li 0465365fb6 Return an error if unable to encrypt a key as a valid PEM file 
Also address review comments and fix semantic conflict after rebase.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-23 09:44:51 -08:00
David Lawrence 6d5b8ff54a add role into PEM headers 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-23 09:41:03 -08:00
David Lawrence 1f329868e8 making filestores consistent so you can Get, Remove, etc... the paths returned by ListFiles 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-23 09:41:03 -08:00
Miloslav Trmač 3c6335c572 Explicitly supply validity times to certificate generation 
Add explicit startTime and endTime parameters to
cryptoservice.GenerateCertificate and trustmanager.NewCertificate.

trustmanager.NewCertificate as a low-level data manipulation function
should not be hard-coding policy (10-year expiration); that policy
belongs to its callers, or one more level higher to callers of
cryptoservice.GenerateCertificate.

These places hard-coding policy now also have an explict comment to
that effect.

In addition to conceptual cleanliness, this will allow writing tests
of certificate expiry by generating appropriate expired or nearly-expired
certificates.

Tests which don't care about the policy much will continue to use the
just added cryptoservice.GenerateTestingCertificate.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2015-12-09 20:02:10 +01:00
David Lawrence ee270b6a2b fixing integrations tests for new list keys layout 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-11-12 01:12:21 -08:00
David Lawrence 06990fd5a1 integreating with @cyli's improvements 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-30 10:15:52 -07:00
David Lawrence f73560d839 creating concrete types for the various key ciphers 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-28 16:02:55 -07:00
David Lawrence 2833a88292 adding gotuf to notary 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-27 16:36:06 -07:00
Ying Li ed61974d10 Remove linking from the filestore 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-10-23 21:19:47 -07:00
David Lawrence e6460330bd fixing camel casing of func 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-20 21:45:30 -07:00
Ying Li 208977b1ad Add an extra test for ECDSAx509 keys 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-10-20 20:57:18 -07:00
Ying Li ea7d621705 Add a utility function to return a public key ID from a certificate. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-10-20 19:38:39 -07:00
David Calavera 740e5b095d Use the random reader passed as argument to GenerateED25519Key. 
Rather than the global source.

Signed-off-by: David Calavera <david.calavera@gmail.com>
 2015-07-28 16:59:03 -07:00
Diogo Monica be1d365626 Changed debug key type 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-22 16:51:55 -07:00
Diogo Monica b8b59dbc20 Fixed but with listDirectory and added tests 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-20 19:48:17 -07:00
Diogo Monica d1761eba25 Changing certificate expiration time to 10 years 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-20 14:55:36 -07:00
Nathan McCauley 23b7e8c6af Update keyfilestore to use passwordRetriever 
Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>
 2015-07-20 10:58:16 -07:00
Diogo Monica 3b261e8972 Removing comments 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-20 10:08:15 -07:00
Diogo Monica 1e9365a384 Addressed small nits 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-19 13:43:54 -07:00
Diogo Monica cf9e6499e1 Addressing comments 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-19 01:45:43 -07:00
Diogo Monica 2eb77d3334 Removed organization from certificates and added tests for x509utils 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-18 21:48:53 -07:00
Diogo Monica e3591c0b10 Added new helper functions 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-18 01:40:32 -07:00
Diogo Monica 945691912a Added error type to X509FileStore 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-17 14:33:05 -07:00
Diogo Monica 0313aa5958 Adding parsing of multiple certificates, and leaf cert filtering methods 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-17 14:28:30 -07:00
Aaron Lehmann d2ea9cc0d5 Updates to notary for gotuf's split of PublicKey and PrivateKey interfaces 
Functions should now take data.PublicKey or data.PrivateKey instead of
data.Key.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-17 11:35:22 -07:00
Aaron Lehmann f5c1d8dbc9 Add ED25519 support to cryptoservice and x509utils 
Add unit tests for cryptoservice that do sign and verify for all three
supported algorithms.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-16 18:44:44 -07:00
Diogo Monica 765a2cf661 Refactor crypto service 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 13:53:47 -07:00
Diogo Monica 1f5d935cc8 Fixing lint 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:51:27 -07:00
Diogo Monica 1a054d7741 Small nits 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica ba94fdd19d Signature/key types are now used correcty and are represented by constants. 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 085c613527 Refactored fingerprint cert and added better debugging 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 39482c2397 Working ECDSA implementation 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 43d0ec8a75 Initial ECDSA trustmanager methods 
Signed-off-by: Diogo Monica <diogo@docker.com>

Splitting CryptoService into ECDSA and RSA cryptoservices

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>

Working ECDSA support

Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 682e7ea00b Fixing lint 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 17:58:55 -07:00
Diogo Monica 8c6de46aca Added list keys that ignores symlinks 2015-07-09 17:58:10 -07:00
Diogo Monica 4635bed2db Major refactor of keys 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 17:58:10 -07:00
Aaron Lehmann 4f6b2da44d Add TestValidateRootKey, validates presence of x509 cert in root.json 2015-07-09 17:58:09 -07:00
Diogo Monica f9f11e5781 Starting the key refactor; rename UnlockedRootKey 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 17:58:09 -07:00
Diogo Monica 1346296869 Initial libnotary refactor 
Signed-off-by: Diogo Monica <diogo@docker.com>

Ported more functionality to libnotary
 2015-07-09 17:57:48 -07:00
Diogo Monica d5cdeb93bb Adding EncryptedFileStore and changing interfaces 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-05 21:02:16 -07:00
Diogo Monica fd8471038c Added a keyfilestore with encrypted PEM support 2015-07-04 12:17:54 -07:00
David Lawrence 89379a728c adding timestamping and some general cleanup 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-03 15:38:09 -07:00