docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
320 Commits 25 Branches 28 Tags 827 MiB
Commit Graph

57 Commits

Author SHA1 Message Date
Diogo Mónica 0ed6072a4a Merge pull request #67 from docker/adding-certs 
Adding new certificates
 2015-07-15 22:35:54 -07:00
Diogo Monica 3debfbca10 Reissued all certs with correct SANs 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-15 21:42:24 -07:00
David Lawrence 72d7d35221 fixing database queries 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-15 16:19:14 -07:00
Aaron Lehmann a16581ecc7 Move CryptoService and UnlockedCryptoService into a cryptoservice package 
Move GenRootKey and GetRootCryptoService to KeyStoreManager, now that
they don't depend on client-specific types.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 18:39:38 -07:00
Aaron Lehmann d5c7c40955 Introduce a KeyStoreManager to abstract management of root and non-root key storage 
This structure encapsulates what used to be "rootKeyStore" and
"privKeyStore". These are being moved out of NotaryRepository, so that
operations like listing keys, importing keys, and exporting keys aren't
tied to a NotaryRepository structure.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 18:39:38 -07:00
Aaron Lehmann e4704f9729 Update notary for removal of signed.Signer 
We now deal with CryptoServices directly instead of passing around
Signers.

UnlockedSigner becomes UnlockedCryptoService because it no longer
contains a Signer.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-13 15:18:02 -07:00
Diogo Monica 765a2cf661 Refactor crypto service 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 13:53:47 -07:00
Diogo Monica ba94fdd19d Signature/key types are now used correcty and are represented by constants. 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 39482c2397 Working ECDSA implementation 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
David Lawrence d1b09962f1 using roundtripper in notary client 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-10 10:02:38 -07:00
Diogo Monica 06a28c89ee Added root key creation if non-existing to notary 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 18:56:06 -07:00
Aaron Lehmann 082d4f3c7c Change NotaryRepository to honor the baseURL passed in 
Remove "transport", because it's not used.

In the actual notary client, pass in a hard-coded URL for now (same one
previously hardcoded in getRemoteStore). In tests, create a trivial HTTP
server using net/http/httptest, which returns a timestamp.key file.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 17:58:33 -07:00
David Lawrence 73ca456297 annotating Publish and making it accept a password retriever function 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence 6bff14a679 refactoring NotaryClient out 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence ebbb30b56c hold unlocked signer on repository 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence c9ab3394de further publish updates, it pushes now, but doesn't sign roots correctly 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
Diogo Monica f9f11e5781 Starting the key refactor; rename UnlockedRootKey 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 17:58:09 -07:00
David Lawrence 1d163650a3 changelist implementation 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)

Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence 9d5e988586 working refactor 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:08 -07:00
Diogo Monica e66dc12eca More refactor 2015-07-09 17:58:08 -07:00
Diogo Monica 93f7d9911f Implementing ListTargets 2015-07-09 17:58:08 -07:00
Diogo Monica 1346296869 Initial libnotary refactor 
Signed-off-by: Diogo Monica <diogo@docker.com>

Ported more functionality to libnotary
 2015-07-09 17:57:48 -07:00
David Lawrence 89379a728c adding timestamping and some general cleanup 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-03 15:38:09 -07:00
Diogo Monica 1eb972a820 Changed FingerprintCert to return string; renamed kID fingerprint everywhere in notary 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-06-30 21:44:57 -07:00
Diogo Monica a0e63bcaeb Fixed verification to use exact match and fallback to CA + tests 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-06-30 19:38:52 -07:00
Diogo Monica da7a1e67f5 Rebased off of master, fixed tests 2015-06-28 16:42:27 -07:00
David Lawrence cf2a819b21 validate root file against cert store 2015-06-28 16:35:24 -07:00
David Lawrence 779d3b687e refactoring verify and switching os.Stderr to use logrus which is set to output on stderr 2015-06-21 16:07:29 -07:00
Diogo Monica 09c9099fdf Adding ListGUN to allow listing of specific keys 2015-06-21 15:14:46 -04:00
David Lawrence 989c821d59 validate root file against cert store 2015-06-20 17:03:38 -07:00
Nathan McCauley 9ee5299b86 Add error checking 
Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>
 2015-06-20 13:01:56 -07:00
David Lawrence 03fcba1c98 exist verify with 1 on fail and make size print correctly in cli output 2015-06-19 12:38:33 -07:00
David Lawrence c7a956bdbb updating cli output for tuf to say Trusted Collection rather than TUF Repository 2015-06-19 11:47:21 -07:00
Nathan McCauley e46a95227c rename vetinari to notary 
Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>
 2015-06-19 11:01:19 -07:00
Diogo Monica 7b86665cf8 Descriptions now use Trusted Collection everywhere 2015-06-18 21:44:54 -07:00
Diogo Monica 21782098cb Initial implementation of verify 2015-06-18 20:43:02 -07:00
David Lawrence c9df04c4c0 remove actually working now 2015-06-18 19:44:33 -07:00
David Lawrence 06abf201c3 adding remove 2015-06-18 19:33:47 -07:00
David Lawrence 0ce1572c20 set logrus to stderr and refactor list/lookup 2015-06-18 19:09:34 -07:00
David Lawrence 91c1380070 list/lookup have empty output if they fail 2015-06-18 18:24:36 -07:00
Diogo Monica 6a7a08195e Rename push to publish 2015-06-18 17:19:42 -07:00
Diogo Monica 49819d239d Remove tuf from cmdline 2015-06-18 17:14:06 -07:00
David Lawrence bfe4d1e196 implementing lookup 2015-06-18 15:07:56 -07:00
Diogo Monica 1bef68654e Changed cryptoservice and rufus interface 2015-06-18 14:02:44 -07:00
David Lawrence 5b64c7b084 updating calls to CryptoService.Create to pass role name 2015-06-18 13:53:10 -07:00
David Lawrence 6ad97259df updating tuf subcommand to list targets when run as 2015-06-18 00:37:31 -07:00
David Lawrence e434232709 list works 2015-06-17 23:45:51 -07:00
David Lawrence 322f60b1ba tuf push working 2015-06-17 22:10:07 -07:00
David Lawrence bb32390698 adding target now works 2015-06-17 21:01:24 -07:00
David Lawrence e11cab0519 tuf init working 2015-06-17 18:19:39 -07:00