File: const.go

package info (click to toggle)
notary 0.6.1~ds1-3
  • links: PTS, VCS
  • area: main
  • in suites: buster, sid
  • size: 4,692 kB
  • sloc: python: 1,112; sh: 481; makefile: 181; sql: 155
file content (95 lines) | stat: -rw-r--r-- 3,463 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
package notary

import (
	"time"
)

// application wide constants
const (
	// MaxDownloadSize is the maximum size we'll download for metadata if no limit is given
	MaxDownloadSize int64 = 100 << 20
	// MaxTimestampSize is the maximum size of timestamp metadata - 1MiB.
	MaxTimestampSize int64 = 1 << 20
	// MinRSABitSize is the minimum bit size for RSA keys allowed in notary
	MinRSABitSize = 2048
	// MinThreshold requires a minimum of one threshold for roles; currently we do not support a higher threshold
	MinThreshold = 1
	// SHA256HexSize is how big a SHA256 hex is in number of characters
	SHA256HexSize = 64
	// SHA512HexSize is how big a SHA512 hex is in number of characters
	SHA512HexSize = 128
	// SHA256 is the name of SHA256 hash algorithm
	SHA256 = "sha256"
	// SHA512 is the name of SHA512 hash algorithm
	SHA512 = "sha512"
	// TrustedCertsDir is the directory, under the notary repo base directory, where trusted certs are stored
	TrustedCertsDir = "trusted_certificates"
	// PrivDir is the directory, under the notary repo base directory, where private keys are stored
	PrivDir = "private"
	// RootKeysSubdir is the subdirectory under PrivDir where root private keys are stored
	// DEPRECATED: The only reason we need this constant is compatibility with older versions
	RootKeysSubdir = "root_keys"
	// NonRootKeysSubdir is the subdirectory under PrivDir where non-root private keys are stored
	// DEPRECATED: The only reason we need this constant is compatibility with older versions
	NonRootKeysSubdir = "tuf_keys"
	// KeyExtension is the file extension to use for private key files
	KeyExtension = "key"

	// Day is a duration of one day
	Day  = 24 * time.Hour
	Year = 365 * Day

	// NotaryRootExpiry is the duration representing the expiry time of the Root role
	NotaryRootExpiry      = 10 * Year
	NotaryTargetsExpiry   = 3 * Year
	NotarySnapshotExpiry  = 3 * Year
	NotaryTimestampExpiry = 14 * Day

	ConsistentMetadataCacheMaxAge = 30 * Day
	CurrentMetadataCacheMaxAge    = 5 * time.Minute
	// CacheMaxAgeLimit is the generally recommended maximum age for Cache-Control headers
	// (one year, in seconds, since one year is forever in terms of internet
	// content)
	CacheMaxAgeLimit = 1 * Year

	MySQLBackend     = "mysql"
	MemoryBackend    = "memory"
	PostgresBackend  = "postgres"
	SQLiteBackend    = "sqlite3"
	RethinkDBBackend = "rethinkdb"
	FileBackend      = "file"

	DefaultImportRole = "delegation"

	// HealthCheckKeyManagement and HealthCheckSigner are the grpc service name
	// for "KeyManagement" and "Signer" respectively which used for health check.
	// The "Overall" indicates the querying for overall status of the server.
	HealthCheckKeyManagement = "grpc.health.v1.Health.KeyManagement"
	HealthCheckSigner        = "grpc.health.v1.Health.Signer"
	HealthCheckOverall       = "grpc.health.v1.Health.Overall"

	// PrivExecPerms indicates the file permissions for directory
	// and PrivNoExecPerms for file.
	PrivExecPerms   = 0700
	PrivNoExecPerms = 0600

	// DefaultPageSize is the default number of records to return from the changefeed
	DefaultPageSize = 100
)

// enum to use for setting and retrieving values from contexts
const (
	CtxKeyMetaStore CtxKey = iota
	CtxKeyKeyAlgo
	CtxKeyCryptoSvc
	CtxKeyRepo
)

// NotarySupportedBackends contains the backends we would like to support at present
var NotarySupportedBackends = []string{
	MemoryBackend,
	MySQLBackend,
	SQLiteBackend,
	RethinkDBBackend,
	PostgresBackend,
}