-
Notifications
You must be signed in to change notification settings - Fork 271
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WIP] Use separate keydb for delegated targets #1095
Commits on Aug 4, 2020
-
This WIP commit creates a separate keydb for each delegating instance.
This means that all roles delegated to by root will look for keys from the root metadata, roles delegated to by targets will look for keys in targets metadata, and so on. This commit adds this functionality to the keydb and ensures that these separate keydbs are created and used for storing keys. It requires a future change to the roledb to store the delegating role and further testing. Signed-off-by: marinamoore <mmoore32@calpoly.edu>
Configuration menu - View commit details
-
Copy full SHA for 6f7c541 - Browse repository at this point
Copy the full SHA 6f7c541View commit details -
This commit adds the parent_role field to roledb.
This field can be used by delegated targets to determine which role delegated to them, and thus which keys should be used to verify the role. Signed-off-by: marinamoore <mmoore32@calpoly.edu>
Configuration menu - View commit details
-
Copy full SHA for 043c056 - Browse repository at this point
Copy the full SHA 043c056View commit details -
Bug fixes for the per client keydb
Signed-off-by: marinamoore <mmoore32@calpoly.edu>
Configuration menu - View commit details
-
Copy full SHA for de40f85 - Browse repository at this point
Copy the full SHA de40f85View commit details -
The repository keydb will no longer store keys for delegated roles. Instead look for these keys in delegated keydbs. Signed-off-by: marinamoore <mmoore32@calpoly.edu>
Configuration menu - View commit details
-
Copy full SHA for 1c121e3 - Browse repository at this point
Copy the full SHA 1c121e3View commit details -
Signed-off-by: marinamoore <mmoore32@calpoly.edu>
Configuration menu - View commit details
-
Copy full SHA for e9a59f5 - Browse repository at this point
Copy the full SHA e9a59f5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4d866c4 - Browse repository at this point
Copy the full SHA 4d866c4View commit details -
use correct keydb when loading keys
Signed-off-by: marinamoore <mmoore32@calpoly.edu>
Configuration menu - View commit details
-
Copy full SHA for e0c50c0 - Browse repository at this point
Copy the full SHA e0c50c0View commit details -
Add parent_role in targets.delegate
Signed-off-by: marinamoore <mmoore32@calpoly.edu>
Configuration menu - View commit details
-
Copy full SHA for 5b57fa0 - Browse repository at this point
Copy the full SHA 5b57fa0View commit details -
Updated delegation information in repository_tool to use different ke…
…ydbs for delegations and add parent_role to roledb entries for delegations Signed-off-by: marinamoore <mnm678@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 7642140 - Browse repository at this point
Copy the full SHA 7642140View commit details -
Add delegating_rolename to sig.py
Signed-off-by: marinamoore <mnm678@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 7f4fd5c - Browse repository at this point
Copy the full SHA 7f4fd5cView commit details