centersl/docker-docs
1
0
Fork 0
mirror of https://github.com/docker/docs.git synced 2026-04-01 16:58:54 +07:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #256 from mtrmac/fix-import-root

Browse Source 
Remove key ID from (notary key import-root)
This commit is contained in:
Ying Li
2015-10-30 13:23:33 -07:00
parent e2c6e989e9 62dc66e936
commit fa5c4e608d
3 changed files with 12 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
cmd/notary/keys.go
View File

@@ -96,7 +96,7 @@ var cmdKeyImport = &cobra.Command{
}
var cmdKeyImportRoot = &cobra.Command{
Use: "import-root [ keyID ] [ filename ]",
Use: "import-root [ filename ]",
Short: "Imports root key.",
Long: "imports a root key from a PEM file.",
Run: keysImportRoot,
@@ -342,17 +342,12 @@ func keysImport(cmd *cobra.Command, args []string) {
// keysImportRoot imports a root key from a PEM file
func keysImportRoot(cmd *cobra.Command, args []string) {
if len(args) < 2 {
if len(args) != 1 {
cmd.Usage()
fatalf("must specify key ID and input filename for import")
fatalf("must specify input filename for import")
}
keyID := args[0]
importFilename := args[1]
if len(keyID) != idSize {
fatalf("please specify a valid root key ID")
}
importFilename := args[0]
parseConfig()
@@ -367,7 +362,7 @@ func keysImportRoot(cmd *cobra.Command, args []string) {
}
defer importFile.Close()
err = keyStoreManager.ImportRootKey(importFile, keyID)
err = keyStoreManager.ImportRootKey(importFile)
if err != nil {
fatalf("error importing root key: %v", err)

7
keystoremanager/import_export.go
View File

@@ -101,10 +101,9 @@ func checkRootKeyIsEncrypted(pemBytes []byte) error {
}
// ImportRootKey imports a root in PEM format key from an io.Reader
// The key's existing encryption is preserved. The keyID parameter is
// necessary because otherwise we'd need the passphrase to decrypt the key
// in order to compute the ID.
func (km *KeyStoreManager) ImportRootKey(source io.Reader, keyID string) error {
// It prompts for the key's passphrase to verify the data and to determine
// the key ID.
func (km *KeyStoreManager) ImportRootKey(source io.Reader) error {
pemBytes, err := ioutil.ReadAll(source)
if err != nil {
return err

8
keystoremanager/import_export_test.go
View File

@@ -347,7 +347,7 @@ func TestImportExportRootKey(t *testing.T) {
keyReader, err := os.Open(tempKeyFilePath)
assert.NoError(t, err, "could not open key file")
err = repo2.KeyStoreManager.ImportRootKey(keyReader, rootKeyID)
err = repo2.KeyStoreManager.ImportRootKey(keyReader)
assert.NoError(t, err)
keyReader.Close()
@@ -367,11 +367,11 @@ func TestImportExportRootKey(t *testing.T) {
decryptedPEMBytes, err := trustmanager.KeyToPEM(privKey)
assert.NoError(t, err, "could not convert key to PEM")
err = repo2.KeyStoreManager.ImportRootKey(bytes.NewReader(decryptedPEMBytes), rootKeyID)
err = repo2.KeyStoreManager.ImportRootKey(bytes.NewReader(decryptedPEMBytes))
assert.EqualError(t, err, keystoremanager.ErrRootKeyNotEncrypted.Error())
// Try to import garbage and make sure it doesn't succeed
err = repo2.KeyStoreManager.ImportRootKey(strings.NewReader("this is not PEM"), rootKeyID)
err = repo2.KeyStoreManager.ImportRootKey(strings.NewReader("this is not PEM"))
assert.EqualError(t, err, keystoremanager.ErrNoValidPrivateKey.Error())
// Should be able to unlock the root key with the old password
@@ -428,7 +428,7 @@ func TestImportExportRootKeyReencrypt(t *testing.T) {
keyReader, err := os.Open(tempKeyFilePath)
assert.NoError(t, err, "could not open key file")
err = repo2.KeyStoreManager.ImportRootKey(keyReader, rootKeyID)
err = repo2.KeyStoreManager.ImportRootKey(keyReader)
assert.NoError(t, err)
keyReader.Close()