notary: github.com/docker/notary/cryptoservice Index | Files

package cryptoservice

import "github.com/docker/notary/cryptoservice"

Index

Package Files

certificate.go crypto_service.go

Variables

var (
    // ErrNoValidPrivateKey is returned if a key being imported doesn't
    // look like a private key
    ErrNoValidPrivateKey = errors.New("no valid private key found")

    // ErrRootKeyNotEncrypted is returned if a root key being imported is
    // unencrypted
    ErrRootKeyNotEncrypted = errors.New("only encrypted root keys may be imported")

    // EmptyService is an empty crypto service
    EmptyService = NewCryptoService()
)

func CheckRootKeyIsEncrypted Uses

func CheckRootKeyIsEncrypted(pemBytes []byte) error

CheckRootKeyIsEncrypted makes sure the root key is encrypted. We have internal assumptions that depend on this.

func GenerateCertificate Uses

func GenerateCertificate(rootKey data.PrivateKey, gun data.GUN, startTime, endTime time.Time) (*x509.Certificate, error)

GenerateCertificate generates an X509 Certificate from a template, given a GUN and validity interval

type CryptoService Uses

type CryptoService struct {
    // contains filtered or unexported fields
}

CryptoService implements Sign and Create, holding a specific GUN and keystore to operate on

func NewCryptoService Uses

func NewCryptoService(keyStores ...trustmanager.KeyStore) *CryptoService

NewCryptoService returns an instance of CryptoService

func (*CryptoService) AddKey Uses

func (cs *CryptoService) AddKey(role data.RoleName, gun data.GUN, key data.PrivateKey) (err error)

AddKey adds a private key to a specified role. The GUN is inferred from the cryptoservice itself for non-root roles

func (*CryptoService) Create Uses

func (cs *CryptoService) Create(role data.RoleName, gun data.GUN, algorithm string) (data.PublicKey, error)

Create is used to generate keys for targets, snapshots and timestamps

func (*CryptoService) GetKey Uses

func (cs *CryptoService) GetKey(keyID string) data.PublicKey

GetKey returns a key by ID

func (*CryptoService) GetKeyInfo Uses

func (cs *CryptoService) GetKeyInfo(keyID string) (trustmanager.KeyInfo, error)

GetKeyInfo returns role and GUN info of a key by ID

func (*CryptoService) GetPrivateKey Uses

func (cs *CryptoService) GetPrivateKey(keyID string) (k data.PrivateKey, role data.RoleName, err error)

GetPrivateKey returns a private key and role if present by ID.

func (*CryptoService) ListAllKeys Uses

func (cs *CryptoService) ListAllKeys() map[string]data.RoleName

ListAllKeys returns a map of key IDs to role

func (*CryptoService) ListKeys Uses

func (cs *CryptoService) ListKeys(role data.RoleName) []string

ListKeys returns a list of key IDs valid for the given role

func (*CryptoService) RemoveKey Uses

func (cs *CryptoService) RemoveKey(keyID string) (err error)

RemoveKey deletes a key by ID

Package cryptoservice imports 12 packages (graph) and is imported by 14 packages. Updated 2018-09-24. Refresh now. Tools for package owners.