docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
docs/tuf
History
Miloslav Trmač d5c080ae9c Add cryptoservice.GenerateTestingCertificate 
Various tests have been calling trustmanager.NewCertificate and
open-coding most of cryptoservice.GenerateCertificate.  So, add
cryptoservice.GenerateTestingCertificate.  It differs only by using
crypto.Signer instead of data.PrivateKey because the tests
have a crypto.Signer more frequently available, and converting
from data.PrivateKey to crypto.Signer is easier than the other way.

This will make it easier to add policy parameters which the tests don't
care about to trustmanager.NewCertificate and
cryptoservice.GenerateCertificate in the future.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 		2015-12-09 20:02:10 +01:00
..
client Merge pull request #271 from docker/adding-pkcs11-signed 2015-11-12 01:40:38 -08:00
data removing all errors that aren't in use, fixing one place in memorystore that was using a different errorcode to all other stores, pushing errors into appropriate packages 2015-11-12 01:08:49 -08:00
db adding gotuf to notary 2015-10-27 16:36:06 -07:00
encrypted adding gotuf to notary 2015-10-27 16:36:06 -07:00
keys removing all errors that aren't in use, fixing one place in memorystore that was using a different errorcode to all other stores, pushing errors into appropriate packages 2015-11-12 01:08:49 -08:00
resources adding gotuf to notary 2015-10-27 16:36:06 -07:00
signed Add cryptoservice.GenerateTestingCertificate 2015-12-09 20:02:10 +01:00
store Address review comments. 2015-11-24 13:55:15 -05:00
testutils Remove the cryptoservice argument to sign 2015-10-29 16:34:21 -07:00
utils adding gotuf to notary 2015-10-27 16:36:06 -07:00
LICENSE adding gotuf to notary 2015-10-27 16:36:06 -07:00
README.md adding gotuf to notary 2015-10-27 16:36:06 -07:00
tuf.go delete non-root keys from cryptoservice when they get rotated out 2015-11-12 01:09:38 -08:00
tuf_test.go Remove the cryptoservice argument to sign 2015-10-29 16:34:21 -07:00

README.md

GOTUF

This is still a work in progress but will shortly be a fully compliant Go implementation of The Update Framework (TUF).

Where's the CLI

This repository provides a library only. The Notary project from Docker should be considered the official CLI to be used with this implementation of TUF.

TODOs:

  • Add Targets to existing repo
  • Sign metadata files
  • Refactor TufRepo to take care of signing and verification
  • Ensure consistent capitalization in naming (TUF___ vs Tuf___)
  • Make caching of metadata files smarter - PR #5
  • Add configuration for CLI commands. Order of configuration priority from most to least: flags, config file, defaults Notary should be the official CLI
  • Reasses organization of data types. Possibly consolidate a few things into the data package but break up package into a few more distinct files
  • Comprehensive test cases
  • Delete files no longer in use
  • Fix up errors. Some have to be instantiated, others don't, the inconsistency is annoying.
  • Bump version numbers in meta files (could probably be done better)

Credits

This implementation was originally forked from flynn/go-tuf, however in attempting to add delegations I found I was making such significant changes that I could not maintain backwards compatibility without the code becoming overly convoluted.

Some features such as pluggable verifiers have alreayd been merged upstream to flynn/go-tuf and we are in discussion with titanous about working to merge the 2 implementations.

This implementation retains the same 3 Clause BSD license present on the original flynn implementation.