docker/docs - docs - Gitea: Git with a cup of tea

Commit Graph

Author	SHA1	Message	Date
Ying Li	0465365fb6	Return an error if unable to encrypt a key as a valid PEM file Also address review comments and fix semantic conflict after rebase. Signed-off-by: Ying Li <ying.li@docker.com>	2015-12-23 09:44:51 -08:00
David Lawrence	6d5b8ff54a	add role into PEM headers Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)	2015-12-23 09:41:03 -08:00
David Lawrence	1f329868e8	making filestores consistent so you can Get, Remove, etc... the paths returned by ListFiles Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)	2015-12-23 09:41:03 -08:00
Miloslav Trmač	3c6335c572	Explicitly supply validity times to certificate generation Add explicit startTime and endTime parameters to cryptoservice.GenerateCertificate and trustmanager.NewCertificate. trustmanager.NewCertificate as a low-level data manipulation function should not be hard-coding policy (10-year expiration); that policy belongs to its callers, or one more level higher to callers of cryptoservice.GenerateCertificate. These places hard-coding policy now also have an explict comment to that effect. In addition to conceptual cleanliness, this will allow writing tests of certificate expiry by generating appropriate expired or nearly-expired certificates. Tests which don't care about the policy much will continue to use the just added cryptoservice.GenerateTestingCertificate. Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2015-12-09 20:02:10 +01:00
David Lawrence	ee270b6a2b	fixing integrations tests for new list keys layout Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)	2015-11-12 01:12:21 -08:00
David Lawrence	06990fd5a1	integreating with @cyli's improvements Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)	2015-10-30 10:15:52 -07:00
David Lawrence	f73560d839	creating concrete types for the various key ciphers Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)	2015-10-28 16:02:55 -07:00
David Lawrence	2833a88292	adding gotuf to notary Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)	2015-10-27 16:36:06 -07:00
Ying Li	ed61974d10	Remove linking from the filestore Signed-off-by: Ying Li <ying.li@docker.com>	2015-10-23 21:19:47 -07:00
David Lawrence	e6460330bd	fixing camel casing of func Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)	2015-10-20 21:45:30 -07:00
Ying Li	208977b1ad	Add an extra test for ECDSAx509 keys Signed-off-by: Ying Li <ying.li@docker.com>	2015-10-20 20:57:18 -07:00
Ying Li	ea7d621705	Add a utility function to return a public key ID from a certificate. Signed-off-by: Ying Li <ying.li@docker.com>	2015-10-20 19:38:39 -07:00
David Calavera	740e5b095d	Use the random reader passed as argument to GenerateED25519Key. Rather than the global source. Signed-off-by: David Calavera <david.calavera@gmail.com>	2015-07-28 16:59:03 -07:00
Diogo Monica	be1d365626	Changed debug key type Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-22 16:51:55 -07:00
Diogo Monica	b8b59dbc20	Fixed but with listDirectory and added tests Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-20 19:48:17 -07:00
Diogo Monica	d1761eba25	Changing certificate expiration time to 10 years Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-20 14:55:36 -07:00
Nathan McCauley	23b7e8c6af	Update keyfilestore to use passwordRetriever Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>	2015-07-20 10:58:16 -07:00
Diogo Monica	3b261e8972	Removing comments Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-20 10:08:15 -07:00
Diogo Monica	1e9365a384	Addressed small nits Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-19 13:43:54 -07:00
Diogo Monica	cf9e6499e1	Addressing comments Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-19 01:45:43 -07:00
Diogo Monica	2eb77d3334	Removed organization from certificates and added tests for x509utils Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-18 21:48:53 -07:00
Diogo Monica	e3591c0b10	Added new helper functions Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-18 01:40:32 -07:00
Diogo Monica	945691912a	Added error type to X509FileStore Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-17 14:33:05 -07:00
Diogo Monica	0313aa5958	Adding parsing of multiple certificates, and leaf cert filtering methods Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-17 14:28:30 -07:00
Aaron Lehmann	d2ea9cc0d5	Updates to notary for gotuf's split of PublicKey and PrivateKey interfaces Functions should now take data.PublicKey or data.PrivateKey instead of data.Key. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>	2015-07-17 11:35:22 -07:00
Aaron Lehmann	f5c1d8dbc9	Add ED25519 support to cryptoservice and x509utils Add unit tests for cryptoservice that do sign and verify for all three supported algorithms. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>	2015-07-16 18:44:44 -07:00
Diogo Monica	765a2cf661	Refactor crypto service Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-13 13:53:47 -07:00
Diogo Monica	1f5d935cc8	Fixing lint Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-12 22:51:27 -07:00
Diogo Monica	1a054d7741	Small nits Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-12 22:21:29 -07:00
Diogo Monica	ba94fdd19d	Signature/key types are now used correcty and are represented by constants. Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-12 22:21:29 -07:00
Diogo Monica	085c613527	Refactored fingerprint cert and added better debugging Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-12 22:21:29 -07:00
Diogo Monica	39482c2397	Working ECDSA implementation Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-12 22:21:29 -07:00
Diogo Monica	43d0ec8a75	Initial ECDSA trustmanager methods Signed-off-by: Diogo Monica <diogo@docker.com> Splitting CryptoService into ECDSA and RSA cryptoservices Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com> Working ECDSA support Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-12 22:21:29 -07:00
Diogo Monica	682e7ea00b	Fixing lint Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-09 17:58:55 -07:00
Diogo Monica	8c6de46aca	Added list keys that ignores symlinks	2015-07-09 17:58:10 -07:00
Diogo Monica	4635bed2db	Major refactor of keys Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-09 17:58:10 -07:00
Aaron Lehmann	4f6b2da44d	Add TestValidateRootKey, validates presence of x509 cert in root.json	2015-07-09 17:58:09 -07:00
Diogo Monica	f9f11e5781	Starting the key refactor; rename UnlockedRootKey Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-09 17:58:09 -07:00
Diogo Monica	1346296869	Initial libnotary refactor Signed-off-by: Diogo Monica <diogo@docker.com> Ported more functionality to libnotary	2015-07-09 17:57:48 -07:00
Diogo Monica	d5cdeb93bb	Adding EncryptedFileStore and changing interfaces Signed-off-by: Diogo Monica <diogo@docker.com>	2015-07-05 21:02:16 -07:00
Diogo Monica	fd8471038c	Added a keyfilestore with encrypted PEM support	2015-07-04 12:17:54 -07:00
David Lawrence	89379a728c	adding timestamping and some general cleanup Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)	2015-07-03 15:38:09 -07:00
Diogo Mónica	66aec225f2	Merge pull request #8 from docker/validate_root validate root file against cert store	2015-07-03 14:23:25 -07:00
Diogo Monica	1eb972a820	Changed FingerprintCert to return string; renamed kID fingerprint everywhere in notary Signed-off-by: Diogo Monica <diogo@docker.com>	2015-06-30 21:44:57 -07:00
Diogo Monica	cf3d7d4b52	Removed all references of GUN from filestore Signed-off-by: Diogo Monica <diogo@docker.com>	2015-06-30 19:36:17 -07:00
Diogo Monica	2e96f13ded	Addressing all Comments; Renaming ID to CertID	2015-06-21 18:23:43 -04:00
Diogo Monica	db847379df	Major refactor the the FileStore	2015-06-20 23:04:34 -04:00

47 Commits