Documentation
¶
Index ¶
- func GetPasswdDecryptBytes(passphraseRetriever notary.PassRetriever, pemBytes []byte, name, alias string) (data.PrivateKey, string, error)
- type ErrAttemptsExceeded
- type ErrKeyNotFound
- type ErrPasswordInvalid
- type GenericKeyStore
- func (s *GenericKeyStore) AddKey(keyInfo KeyInfo, privKey data.PrivateKey) error
- func (s *GenericKeyStore) GetKey(name string) (data.PrivateKey, string, error)
- func (s *GenericKeyStore) GetKeyInfo(keyID string) (KeyInfo, error)
- func (s *GenericKeyStore) ListKeys() map[string]KeyInfo
- func (s *GenericKeyStore) Name() string
- func (s *GenericKeyStore) RemoveKey(keyID string) error
- type KeyInfo
- type KeyStore
- type Storage
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetPasswdDecryptBytes ¶
func GetPasswdDecryptBytes(passphraseRetriever notary.PassRetriever, pemBytes []byte, name, alias string) (data.PrivateKey, string, error)
GetPasswdDecryptBytes gets the password to decrypt the given pem bytes. Returns the password and private key
Types ¶
type ErrAttemptsExceeded ¶
type ErrAttemptsExceeded struct{}
ErrAttemptsExceeded is returned when too many attempts have been made to decrypt a key
func (ErrAttemptsExceeded) Error ¶
func (err ErrAttemptsExceeded) Error() string
ErrAttemptsExceeded is returned when too many attempts have been made to decrypt a key
type ErrKeyNotFound ¶
type ErrKeyNotFound struct {
KeyID string
}
ErrKeyNotFound is returned when the keystore fails to retrieve a specific key.
func (ErrKeyNotFound) Error ¶
func (err ErrKeyNotFound) Error() string
ErrKeyNotFound is returned when the keystore fails to retrieve a specific key.
type ErrPasswordInvalid ¶
type ErrPasswordInvalid struct{}
ErrPasswordInvalid is returned when signing fails. It could also mean the signing key file was corrupted, but we have no way to distinguish.
func (ErrPasswordInvalid) Error ¶
func (err ErrPasswordInvalid) Error() string
ErrPasswordInvalid is returned when signing fails. It could also mean the signing key file was corrupted, but we have no way to distinguish.
type GenericKeyStore ¶ added in v0.4.0
type GenericKeyStore struct {
sync.Mutex
notary.PassRetriever
// contains filtered or unexported fields
}
GenericKeyStore is a wrapper for Storage instances that provides translation between the []byte form and Public/PrivateKey objects
func NewGenericKeyStore ¶ added in v0.4.0
func NewGenericKeyStore(s Storage, p notary.PassRetriever) *GenericKeyStore
NewGenericKeyStore creates a GenericKeyStore wrapping the provided Storage instance, using the PassRetriever to enc/decrypt keys
func NewKeyFileStore ¶
func NewKeyFileStore(baseDir string, p notary.PassRetriever) (*GenericKeyStore, error)
NewKeyFileStore returns a new KeyFileStore creating a private directory to hold the keys.
func NewKeyMemoryStore ¶
func NewKeyMemoryStore(p notary.PassRetriever) *GenericKeyStore
NewKeyMemoryStore returns a new KeyMemoryStore which holds keys in memory
func (*GenericKeyStore) AddKey ¶ added in v0.4.0
func (s *GenericKeyStore) AddKey(keyInfo KeyInfo, privKey data.PrivateKey) error
AddKey stores the contents of a PEM-encoded private key as a PEM block
func (*GenericKeyStore) GetKey ¶ added in v0.4.0
func (s *GenericKeyStore) GetKey(name string) (data.PrivateKey, string, error)
GetKey returns the PrivateKey given a KeyID
func (*GenericKeyStore) GetKeyInfo ¶ added in v0.4.0
func (s *GenericKeyStore) GetKeyInfo(keyID string) (KeyInfo, error)
GetKeyInfo returns the corresponding gun and role key info for a keyID
func (*GenericKeyStore) ListKeys ¶ added in v0.4.0
func (s *GenericKeyStore) ListKeys() map[string]KeyInfo
ListKeys returns a list of unique PublicKeys present on the KeyFileStore, by returning a copy of the keyInfoMap
func (*GenericKeyStore) Name ¶ added in v0.4.0
func (s *GenericKeyStore) Name() string
Name returns a user friendly name for the location this store keeps its data
func (*GenericKeyStore) RemoveKey ¶ added in v0.4.0
func (s *GenericKeyStore) RemoveKey(keyID string) error
RemoveKey removes the key from the keyfilestore
type KeyInfo ¶ added in v0.3.0
KeyInfo stores the role, path, and gun for a corresponding private key ID It is assumed that each private key ID is unique
type KeyStore ¶
type KeyStore interface {
// AddKey adds a key to the KeyStore, and if the key already exists,
// succeeds. Otherwise, returns an error if it cannot add.
AddKey(keyInfo KeyInfo, privKey data.PrivateKey) error
// Should fail with ErrKeyNotFound if the keystore is operating normally
// and knows that it does not store the requested key.
GetKey(keyID string) (data.PrivateKey, string, error)
GetKeyInfo(keyID string) (KeyInfo, error)
ListKeys() map[string]KeyInfo
RemoveKey(keyID string) error
Name() string
}
KeyStore is a generic interface for private key storage
type Storage ¶ added in v0.3.0
type Storage interface {
// Add writes a file to the specified location, returning an error if this
// is not possible (reasons may include permissions errors). The path is cleaned
// before being made absolute against the store's base dir.
Set(fileName string, data []byte) error
// Remove deletes a file from the store relative to the store's base directory.
// The path is cleaned before being made absolute to ensure no path traversal
// outside the base directory is possible.
Remove(fileName string) error
// Get returns the file content found at fileName relative to the base directory
// of the file store. The path is cleaned before being made absolute to ensure
// path traversal outside the store is not possible. If the file is not found
// an error to that effect is returned.
Get(fileName string) ([]byte, error)
// ListFiles returns a list of paths relative to the base directory of the
// filestore. Any of these paths must be retrievable via the
// Storage.Get method.
ListFiles() []string
// Location returns a human readable name indicating where the implementer
// is storing keys
Location() string
}
Storage implements the bare bones primitives (no hierarchy)
Source Files
Directories