package trustmanager

import "github.com/theupdateframework/notary/trustmanager"

Index

Functions

func GetPasswdDecryptBytes 

func GetPasswdDecryptBytes(passphraseRetriever notary.PassRetriever, pemBytes []byte, name, alias string) (data.PrivateKey, string, error)

GetPasswdDecryptBytes gets the password to decrypt the given pem bytes. Returns the password and private key

Types

type ErrAttemptsExceeded 

type ErrAttemptsExceeded struct{}

ErrAttemptsExceeded is returned when too many attempts have been made to decrypt a key

func (ErrAttemptsExceeded) Error 

func (err ErrAttemptsExceeded) Error() string

ErrAttemptsExceeded is returned when too many attempts have been made to decrypt a key

type ErrKeyNotFound 

type ErrKeyNotFound struct {
	KeyID string
}

ErrKeyNotFound is returned when the keystore fails to retrieve a specific key.

func (ErrKeyNotFound) Error 

func (err ErrKeyNotFound) Error() string

ErrKeyNotFound is returned when the keystore fails to retrieve a specific key.

type ErrPasswordInvalid 

type ErrPasswordInvalid struct{}

ErrPasswordInvalid is returned when signing fails. It could also mean the signing key file was corrupted, but we have no way to distinguish.

func (ErrPasswordInvalid) Error 

func (err ErrPasswordInvalid) Error() string

ErrPasswordInvalid is returned when signing fails. It could also mean the signing key file was corrupted, but we have no way to distinguish.

type GenericKeyStore 

type GenericKeyStore struct {
	sync.Mutex
	notary.PassRetriever
	// contains filtered or unexported fields
}

GenericKeyStore is a wrapper for Storage instances that provides translation between the []byte form and Public/PrivateKey objects

func NewGenericKeyStore 

func NewGenericKeyStore(s Storage, p notary.PassRetriever) *GenericKeyStore

NewGenericKeyStore creates a GenericKeyStore wrapping the provided Storage instance, using the PassRetriever to enc/decrypt keys

func NewKeyFileStore 

func NewKeyFileStore(baseDir string, p notary.PassRetriever) (*GenericKeyStore, error)

NewKeyFileStore returns a new KeyFileStore creating a private directory to hold the keys.

func NewKeyMemoryStore 

func NewKeyMemoryStore(p notary.PassRetriever) *GenericKeyStore

NewKeyMemoryStore returns a new KeyMemoryStore which holds keys in memory

func (*GenericKeyStore) AddKey 

func (s *GenericKeyStore) AddKey(keyInfo KeyInfo, privKey data.PrivateKey) error

AddKey stores the contents of a PEM-encoded private key as a PEM block

func (*GenericKeyStore) GetKey 

func (s *GenericKeyStore) GetKey(name string) (data.PrivateKey, string, error)

GetKey returns the PrivateKey given a KeyID

func (*GenericKeyStore) GetKeyInfo 

func (s *GenericKeyStore) GetKeyInfo(keyID string) (KeyInfo, error)

GetKeyInfo returns the corresponding gun and role key info for a keyID

func (*GenericKeyStore) ListKeys 

func (s *GenericKeyStore) ListKeys() map[string]KeyInfo

ListKeys returns a list of unique PublicKeys present on the KeyFileStore, by returning a copy of the keyInfoMap

func (*GenericKeyStore) Name 

func (s *GenericKeyStore) Name() string

Name returns a user friendly name for the location this store keeps its data

func (*GenericKeyStore) RemoveKey 

func (s *GenericKeyStore) RemoveKey(keyID string) error

RemoveKey removes the key from the keyfilestore

type KeyInfo 

type KeyInfo struct {
	Gun  string
	Role string
}

KeyInfo stores the role, path, and gun for a corresponding private key ID It is assumed that each private key ID is unique

func KeyInfoFromPEM 

func KeyInfoFromPEM(pemBytes []byte, filename string) (string, KeyInfo, error)

KeyInfoFromPEM attempts to get a keyID and KeyInfo from the filename and PEM bytes of a key

type KeyStore 

type KeyStore interface {
	// AddKey adds a key to the KeyStore, and if the key already exists,
	// succeeds.  Otherwise, returns an error if it cannot add.
	AddKey(keyInfo KeyInfo, privKey data.PrivateKey) error
	// Should fail with ErrKeyNotFound if the keystore is operating normally
	// and knows that it does not store the requested key.
	GetKey(keyID string) (data.PrivateKey, string, error)
	GetKeyInfo(keyID string) (KeyInfo, error)
	ListKeys() map[string]KeyInfo
	RemoveKey(keyID string) error
	Name() string
}

KeyStore is a generic interface for private key storage

type Storage 

type Storage interface {
	// Add writes a file to the specified location, returning an error if this
	// is not possible (reasons may include permissions errors). The path is cleaned
	// before being made absolute against the store's base dir.
	Set(fileName string, data []byte) error

	// Remove deletes a file from the store relative to the store's base directory.
	// The path is cleaned before being made absolute to ensure no path traversal
	// outside the base directory is possible.
	Remove(fileName string) error

	// Get returns the file content found at fileName relative to the base directory
	// of the file store. The path is cleaned before being made absolute to ensure
	// path traversal outside the store is not possible. If the file is not found
	// an error to that effect is returned.
	Get(fileName string) ([]byte, error)

	// ListFiles returns a list of paths relative to the base directory of the
	// filestore. Any of these paths must be retrievable via the
	// Storage.Get method.
	ListFiles() []string

	// Location returns a human readable name indicating where the implementer
	// is storing keys
	Location() string
}

Storage implements the bare bones primitives (no hierarchy)

Source Files

interfaces.go keystore.go

Directories

PathSynopsis
trustmanager/yubikey
Version
v0.4.3
Published
Jan 3, 2017
Platform
js/wasm
Imports
10 packages
Last checked
8 months ago

Tools for package owners.