notary – github.com/theupdateframework/notary Index | Files | Directories

package notary

import "github.com/theupdateframework/notary"

Index

Constants 

const (
	// MaxDownloadSize is the maximum size we'll download for metadata if no limit is given
	MaxDownloadSize int64 = 100 << 20
	// MaxTimestampSize is the maximum size of timestamp metadata - 1MiB.
	MaxTimestampSize int64 = 1 << 20
	// MinRSABitSize is the minimum bit size for RSA keys allowed in notary
	MinRSABitSize = 2048
	// MinThreshold requires a minimum of one threshold for roles; currently we do not support a higher threshold
	MinThreshold = 1
	// PrivKeyPerms are the file permissions to use when writing private keys to disk
	PrivKeyPerms = 0700
	// PubCertPerms are the file permissions to use when writing public certificates to disk
	PubCertPerms = 0755
	// Sha256HexSize is how big a Sha256 hex is in number of characters
	Sha256HexSize = 64
	// Sha512HexSize is how big a Sha512 hex is in number of characters
	Sha512HexSize = 128
	// SHA256 is the name of SHA256 hash algorithm
	SHA256 = "sha256"
	// SHA512 is the name of SHA512 hash algorithm
	SHA512 = "sha512"
	// TrustedCertsDir is the directory, under the notary repo base directory, where trusted certs are stored
	TrustedCertsDir = "trusted_certificates"
	// PrivDir is the directory, under the notary repo base directory, where private keys are stored
	PrivDir = "private"
	// RootKeysSubdir is the subdirectory under PrivDir where root private keys are stored
	RootKeysSubdir = "root_keys"
	// NonRootKeysSubdir is the subdirectory under PrivDir where non-root private keys are stored
	NonRootKeysSubdir = "tuf_keys"
	// KeyExtension is the file extension to use for private key files
	KeyExtension = "key"

	// Day is a duration of one day
	Day  = 24 * time.Hour
	Year = 365 * Day

	// NotaryRootExpiry is the duration representing the expiry time of the Root role
	NotaryRootExpiry      = 10 * Year
	NotaryTargetsExpiry   = 3 * Year
	NotarySnapshotExpiry  = 3 * Year
	NotaryTimestampExpiry = 14 * Day

	ConsistentMetadataCacheMaxAge = 30 * Day
	CurrentMetadataCacheMaxAge    = 5 * time.Minute
	// CacheMaxAgeLimit is the generally recommended maximum age for Cache-Control headers
	// (one year, in seconds, since one year is forever in terms of internet
	// content)
	CacheMaxAgeLimit = 1 * Year

	MySQLBackend     = "mysql"
	MemoryBackend    = "memory"
	SQLiteBackend    = "sqlite3"
	RethinkDBBackend = "rethinkdb"

	DefaultImportRole = "delegation"
)

application wide constants

Variables 

var NotaryDefaultExpiries = map[string]time.Duration{
	"root":      NotaryRootExpiry,
	"targets":   NotaryTargetsExpiry,
	"snapshot":  NotarySnapshotExpiry,
	"timestamp": NotaryTimestampExpiry,
}

NotaryDefaultExpiries is the construct used to configure the default expiry times of the various role files. 

var NotarySupportedSignals = []os.Signal{
	syscall.SIGUSR1,
	syscall.SIGUSR2,
}

NotarySupportedSignals contains the signals we would like to capture: - SIGUSR1, indicates a increment of the log level. - SIGUSR2, indicates a decrement of the log level.

Types

type CtxKey 

type CtxKey int

CtxKey is a wrapper type for use in context.WithValue() to satisfy golint https://github.com/golang/go/issues/17293 https://github.com/golang/lint/pull/245 

const (
	CtxKeyMetaStore CtxKey = iota
	CtxKeyKeyAlgo
	CtxKeyCryptoSvc
	CtxKeyRepo
)

enum to use for setting and retrieving values from contexts

type PassRetriever 

type PassRetriever func(keyName, alias string, createNew bool, attempts int) (passphrase string, giveup bool, err error)

PassRetriever is a callback function that should retrieve a passphrase for a given named key. If it should be treated as new passphrase (e.g. with confirmation), createNew will be true. Attempts is passed in so that implementers decide how many chances to give to a human, for example.

Source Files

const.go const_nowindows.go notary.go

Directories

PathSynopsis
client
client/changelist
cmd
cmd/notary
cmd/notary-server
cmd/notary-signer
cryptoservice
passphrasePackage passphrase is a utility function for managing passphrase for TUF and Notary keys.
protoPackage proto is a generated protocol buffer package.
server
server/errors
server/handlers
server/snapshot
server/storage
server/timestamp
signer
signer/api
signer/client
signer/keydbstore
storage
storage/rethinkdb
trustmanager
trustmanager/yubikey
trustpinning
tufPackage tuf defines the core TUF logic around manipulating a repo.
tuf/data
tuf/signed
tuf/testutils
tuf/testutils/interfaces
tuf/utils
tuf/validation
utils
version
Version
v0.4.4
Published
Jan 7, 2017
Platform
linux/amd64
Imports
3 packages
Last checked
27 minutes ago

Tools for package owners.