keystoremanager

package

v0.0.0-...-a9fda57 Latest Latest Go to latest Published: Nov 10, 2015 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/rogaha/notary

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type ErrRootRotationFail
- func (err ErrRootRotationFail) Error() string
type ErrValidationFail
- func (err ErrValidationFail) Error() string
type KeyStoreManager
- func NewKeyStoreManager(baseDir string, passphraseRetriever passphrase.Retriever) (*KeyStoreManager, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrNoValidPrivateKey is returned if a key being imported doesn't
	// look like a private key
	ErrNoValidPrivateKey = errors.New("no valid private key found")

	// ErrRootKeyNotEncrypted is returned if a root key being imported is
	// unencrypted
	ErrRootKeyNotEncrypted = errors.New("only encrypted root keys may be imported")

	// ErrNoKeysFoundForGUN is returned if no keys are found for the
	// specified GUN during export
	ErrNoKeysFoundForGUN = errors.New("no keys found for specified GUN")
)

Functions ¶

This section is empty.

Types ¶

type ErrRootRotationFail ¶

type ErrRootRotationFail struct {
	Reason string
}

ErrRootRotationFail is returned when we fail to do a full root key rotation by either failing to add the new root certificate, or delete the old ones

func (ErrRootRotationFail) Error ¶

func (err ErrRootRotationFail) Error() string

ErrRootRotationFail is returned when we fail to do a full root key rotation by either failing to add the new root certificate, or delete the old ones

type ErrValidationFail ¶

type ErrValidationFail struct {
	Reason string
}

ErrValidationFail is returned when there is no valid trusted certificates being served inside of the roots.json

func (ErrValidationFail) Error ¶

func (err ErrValidationFail) Error() string

ErrValidationFail is returned when there is no valid trusted certificates being served inside of the roots.json

type KeyStoreManager ¶

type KeyStoreManager struct {
	KeyStore *trustmanager.KeyFileStore
	// contains filtered or unexported fields
}

KeyStoreManager is an abstraction around the root and non-root key stores, and related CA stores

func NewKeyStoreManager ¶

func NewKeyStoreManager(baseDir string, passphraseRetriever passphrase.Retriever) (*KeyStoreManager, error)

NewKeyStoreManager returns an initialized KeyStoreManager, or an error if it fails to create the KeyFileStores or load certificates

func (*KeyStoreManager) AddTrustedCACert ¶

func (km *KeyStoreManager) AddTrustedCACert(cert *x509.Certificate)

AddTrustedCACert adds a cert to the trusted CA certificate store

func (*KeyStoreManager) AddTrustedCert ¶

func (km *KeyStoreManager) AddTrustedCert(cert *x509.Certificate)

AddTrustedCert adds a cert to the trusted certificate store (not the CA store)

func (*KeyStoreManager) ExportAllKeys ¶

func (km *KeyStoreManager) ExportAllKeys(dest io.Writer, newPassphraseRetriever passphrase.Retriever) error

ExportAllKeys exports all keys to an io.Writer in zip format. newPassphraseRetriever will be used to obtain passphrases to use to encrypt the existing keys.

func (*KeyStoreManager) ExportKeysByGUN ¶

func (km *KeyStoreManager) ExportKeysByGUN(dest io.Writer, gun string, passphraseRetriever passphrase.Retriever) error

ExportKeysByGUN exports all keys associated with a specified GUN to an io.Writer in zip format. passphraseRetriever is used to select new passphrases to use to encrypt the keys.

func (*KeyStoreManager) ExportRootKey ¶

func (km *KeyStoreManager) ExportRootKey(dest io.Writer, keyID string) error

ExportRootKey exports the specified root key to an io.Writer in PEM format. The key's existing encryption is preserved.

func (*KeyStoreManager) ExportRootKeyReencrypt ¶

func (km *KeyStoreManager) ExportRootKeyReencrypt(dest io.Writer, keyID string, newPassphraseRetriever passphrase.Retriever) error

ExportRootKeyReencrypt exports the specified root key to an io.Writer in PEM format. The key is reencrypted with a new passphrase.

func (*KeyStoreManager) GenRootKey ¶

func (km *KeyStoreManager) GenRootKey(algorithm string) (string, error)

GenRootKey generates a new root key

func (*KeyStoreManager) ImportKeysZip ¶

func (km *KeyStoreManager) ImportKeysZip(zipReader zip.Reader) error

ImportKeysZip imports keys from a zip file provided as an zip.Reader. The keys in the root_keys directory are left encrypted, but the other keys are decrypted with the specified passphrase.

func (*KeyStoreManager) ImportRootKey ¶

func (km *KeyStoreManager) ImportRootKey(source io.Reader) error

ImportRootKey imports a root in PEM format key from an io.Reader It prompts for the key's passphrase to verify the data and to determine the key ID.

func (*KeyStoreManager) TrustedCAStore ¶

func (km *KeyStoreManager) TrustedCAStore() trustmanager.X509Store

TrustedCAStore returns the CA store being managed by this KeyStoreManager

func (*KeyStoreManager) TrustedCertificateStore ¶

func (km *KeyStoreManager) TrustedCertificateStore() trustmanager.X509Store

TrustedCertificateStore returns the trusted certificate store being managed by this KeyStoreManager

func (*KeyStoreManager) ValidateRoot ¶

func (km *KeyStoreManager) ValidateRoot(root *data.Signed, gun string) error

ValidateRoot receives a new root, validates its correctness and attempts to do root key rotation if needed.

First we list the current trusted certificates we have for a particular GUN. If that list is non-empty means that we've already seen this repository before, and have a list of trusted certificates for it. In this case, we use this list of certificates to attempt to validate this root file.

If the previous validation suceeds, or in the case where we found no trusted certificates for this particular GUN, we check the integrity of the root by making sure that it is validated by itself. This means that we will attempt to validate the root data with the certificates that are included in the root keys themselves.

If this last steps succeeds, we attempt to do root rotation, by ensuring that we only trust the certificates that are present in the new root.

This mechanism of operation is essentially Trust On First Use (TOFU): if we have never seen a certificate for a particular CN, we trust it. If later we see a different certificate for that certificate, we return an ErrValidationFailed error.

Note that since we only allow trust data to be downloaded over an HTTPS channel we are using the current public PKI to validate the first download of the certificate adding an extra layer of security over the normal (SSH style) trust model. We shall call this: TOFUS.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL