2015-10-30 17:31:02 -07:00
|
|
|
// +build pkcs11
|
|
|
|
|
|
|
|
|
|
package client
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
|
|
|
|
"net/http"
|
|
|
|
|
|
|
|
|
|
"github.com/docker/notary/passphrase"
|
|
|
|
|
"github.com/docker/notary/trustmanager"
|
|
|
|
|
"github.com/docker/notary/trustmanager/yubikey"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// NewNotaryRepository is a helper method that returns a new notary repository.
|
|
|
|
|
// It takes the base directory under where all the trust files will be stored
|
|
|
|
|
// (usually ~/.docker/trust/).
|
|
|
|
|
func NewNotaryRepository(baseDir, gun, baseURL string, rt http.RoundTripper,
|
2015-12-18 18:47:35 -08:00
|
|
|
retriever passphrase.Retriever) (
|
|
|
|
|
*NotaryRepository, error) {
|
2015-10-30 17:31:02 -07:00
|
|
|
|
|
|
|
|
fileKeyStore, err := trustmanager.NewKeyFileStore(baseDir, retriever)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to create private key store in directory: %s", baseDir)
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-18 18:47:35 -08:00
|
|
|
keyStores := []trustmanager.KeyStore{fileKeyStore}
|
2015-10-30 17:31:02 -07:00
|
|
|
yubiKeyStore, _ := yubikey.NewYubiKeyStore(fileKeyStore, retriever)
|
2015-12-18 18:47:35 -08:00
|
|
|
if yubiKeyStore != nil {
|
|
|
|
|
keyStores = append(keyStores, yubiKeyStore)
|
2015-10-30 17:31:02 -07:00
|
|
|
}
|
|
|
|
|
|
2015-12-18 18:47:35 -08:00
|
|
|
return repositoryFromKeystores(baseDir, gun, baseURL, rt, keyStores)
|
2015-10-30 17:31:02 -07:00
|
|
|
}
|
