def test_DictOf(self):
# Test conditions for valid arguments.
dictof_schema = SCHEMA.DictOf(
SCHEMA.RegularExpression(r'[aeiou]+'),
SCHEMA.Struct([SCHEMA.AnyString(),
SCHEMA.AnyString()]))
self.assertTrue(dictof_schema.matches({}))
self.assertTrue(dictof_schema.matches({
'a': ['x', 'y'],
'e': ['', '']
}))
# Test conditions for invalid arguments.
self.assertFalse(dictof_schema.matches(''))
self.assertFalse(dictof_schema.matches({'a': ['x', 3], 'e': ['', '']}))
self.assertFalse(
dictof_schema.matches({
'a': ['x', 'y'],
'e': ['', ''],
'd': ['a', 'b']
}))
# Test conditions for invalid arguments in a schema definition.
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.DictOf, 1, 1)
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.DictOf, [1], [1])
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.DictOf, {'a': 1}, 1)
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.DictOf, SCHEMA.AnyString(), 1)
def test_ListOf(self):
# Test conditions for valid arguments.
listof_schema = SCHEMA.ListOf(SCHEMA.RegularExpression('(?:..)*'))
listof2_schema = SCHEMA.ListOf(SCHEMA.Integer(),
min_count=3,
max_count=10)
self.assertTrue(listof_schema.matches([]))
self.assertTrue(
listof_schema.matches(
['Hi', 'this', 'list', 'is', 'full', 'of', 'even', 'strs']))
self.assertTrue(listof2_schema.matches([3] * 3))
self.assertTrue(listof2_schema.matches([3] * 10))
# Test conditions for invalid arguments.
self.assertFalse(listof_schema.matches('hi'))
self.assertFalse(listof_schema.matches({}))
self.assertFalse(listof_schema.matches(['This', 'one', 'is not']))
self.assertFalse(listof2_schema.matches([3] * 2))
self.assertFalse(listof2_schema.matches(([3] * 11)))
# Test conditions for invalid arguments in a schema definition.
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.ListOf, 1)
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.ListOf, [1])
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.ListOf, {'a': 1})
def test_RegularExpression(self):
# Test conditions for valid arguments.
# RegularExpression(pattern, modifiers, re_object, re_name).
re_schema = SCHEMA.RegularExpression('h.*d')
self.assertTrue(re_schema.matches('hello world'))
# Provide a pattern that contains the trailing '$'
re_schema_2 = SCHEMA.RegularExpression(pattern='abc$',
modifiers=0,
re_object=None,
re_name='my_re')
self.assertTrue(re_schema_2.matches('abc'))
# Test for valid optional arguments.
compiled_re = re.compile('^[a-z].*')
re_schema_optional = SCHEMA.RegularExpression(pattern='abc',
modifiers=0,
re_object=compiled_re,
re_name='my_re')
self.assertTrue(re_schema_optional.matches('abc'))
# Valid arguments, but the 'pattern' argument is unset (required if the
# 're_object' is 'None'.)
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.RegularExpression, None, 0, None, None)
# Valid arguments, 're_name' is unset, and 'pattern' is None. An exception
# is not raised, but 're_name' is set to 'pattern'.
re_schema_optional = SCHEMA.RegularExpression(pattern=None,
modifiers=0,
re_object=compiled_re,
re_name=None)
self.assertTrue(re_schema_optional.matches('abc'))
self.assertTrue(re_schema_optional._re_name == 'pattern')
# Test conditions for invalid arguments.
self.assertFalse(re_schema.matches('Hello World'))
self.assertFalse(re_schema.matches('hello world!'))
self.assertFalse(re_schema.matches([33, 'Hello']))
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.RegularExpression, 8)
import securesystemslib.schema as SCHEMA
import securesystemslib.exceptions
# Note that in the schema definitions below, the 'SCHEMA.Object' types allow
# additional keys which are not defined. Thus, any additions to them will be
# easily backwards compatible with clients that are already deployed.
ANY_STRING_SCHEMA = SCHEMA.AnyString()
LIST_OF_ANY_STRING_SCHEMA = SCHEMA.ListOf(ANY_STRING_SCHEMA)
# A datetime in 'YYYY-MM-DDTHH:MM:SSZ' ISO 8601 format. The "Z" zone designator
# for the zero UTC offset is always used (i.e., a numerical offset is not
# supported.) Example: '2015-10-21T13:20:00Z'. Note: This is a simple format
# check, and an ISO8601 string should be fully verified when it is parsed.
ISO8601_DATETIME_SCHEMA = SCHEMA.RegularExpression(
r'\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z')
# A Unix/POSIX time format. An integer representing the number of seconds
# since the epoch (January 1, 1970.) Metadata uses this format for the
# 'expires' field. Set 'hi' to the upper timestamp limit (year 2038), the max
# value of an int.
UNIX_TIMESTAMP_SCHEMA = SCHEMA.Integer(lo=0, hi=2147483647)
# A hexadecimal value in '23432df87ab..' format.
HEX_SCHEMA = SCHEMA.RegularExpression(r'[a-fA-F0-9]+')
HASH_SCHEMA = HEX_SCHEMA
# A dict in {'sha256': '23432df87ab..', 'sha512': '34324abc34df..', ...} format.
HASHDICT_SCHEMA = SCHEMA.DictOf(key_schema=SCHEMA.AnyString(),
value_schema=HASH_SCHEMA)
<Author>
Lukas Puehringer <*****@*****.**>
Santiago Torres-Arias <*****@*****.**>
<Started>
November 28, 2017.
<Copyright>
See LICENSE for licensing information.
<Purpose>
Format schemas for in-toto metadata, based on securesystemslib.schema.
The schemas can be verified using the following methods inherited from
securesystemslib.schema:
in_toto.formats.<SCHEMA>.check_match(<object to verify>)
in_toto.formats.<SCHEMA>.matches(<object to verify>)
`check_match` raises a securesystemslib.exceptions.FormatError and `matches`
returns False if the verified object does not match the schema (True
otherwise).
"""
import securesystemslib.schema as ssl_schema
# pylint: disable=bad-whitespace
PARAMETER_DICTIONARY_KEY = ssl_schema.RegularExpression(r'[a-zA-Z0-9_-]+')
PARAMETER_DICTIONARY_SCHEMA = ssl_schema.DictOf(
key_schema=PARAMETER_DICTIONARY_KEY, value_schema=ssl_schema.AnyString())
import time
import copy
from securesystemslib import exceptions as sslib_exceptions
from securesystemslib import formats as sslib_formats
from securesystemslib import schema as SCHEMA
import tuf
from tuf import exceptions
# As per TUF spec 1.0.0 the spec version field must follow the Semantic
# Versioning 2.0.0 (semver) format. The regex pattern is provided by semver.
# https://semver.org/spec/v2.0.0.html#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
SEMVER_2_0_0_SCHEMA = SCHEMA.RegularExpression(
r'(?P<major>0|[1-9]\d*)\.(?P<minor>0|[1-9]\d*)\.(?P<patch>0|[1-9]\d*)'
r'(?:-(?P<prerelease>(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)'
r'(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?'
r'(?:\+(?P<buildmetadata>[0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?')
SPECIFICATION_VERSION_SCHEMA = SCHEMA.OneOf([
# However, temporarily allow "1.0" for backwards-compatibility in tuf-0.12.PATCH.
SCHEMA.String("1.0"),
SEMVER_2_0_0_SCHEMA
])
# A datetime in 'YYYY-MM-DDTHH:MM:SSZ' ISO 8601 format. The "Z" zone designator
# for the zero UTC offset is always used (i.e., a numerical offset is not
# supported.) Example: '2015-10-21T13:20:00Z'. Note: This is a simple format
# check, and an ISO8601 string should be fully verified when it is parsed.
ISO8601_DATETIME_SCHEMA = SCHEMA.RegularExpression(
r'\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z')
import securesystemslib.schema as SCHEMA
import securesystemslib.exceptions
# Note that in the schema definitions below, the 'SCHEMA.Object' types allow
# additional keys which are not defined. Thus, any additions to them will be
# easily backwards compatible with clients that are already deployed.
ANY_STRING_SCHEMA = SCHEMA.AnyString()
LIST_OF_ANY_STRING_SCHEMA = SCHEMA.ListOf(ANY_STRING_SCHEMA)
# A datetime in 'YYYY-MM-DDTHH:MM:SSZ' ISO 8601 format. The "Z" zone designator
# for the zero UTC offset is always used (i.e., a numerical offset is not
# supported.) Example: '2015-10-21T13:20:00Z'. Note: This is a simple format
# check, and an ISO8601 string should be fully verified when it is parsed.
ISO8601_DATETIME_SCHEMA = SCHEMA.RegularExpression(r'\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z')
# A Unix/POSIX time format. An integer representing the number of seconds
# since the epoch (January 1, 1970.) Metadata uses this format for the
# 'expires' field. Set 'hi' to the upper timestamp limit (year 2038), the max
# value of an int.
UNIX_TIMESTAMP_SCHEMA = SCHEMA.Integer(lo=0, hi=2147483647)
# A hexadecimal value in '23432df87ab..' format.
HEX_SCHEMA = SCHEMA.RegularExpression(r'[a-fA-F0-9]+')
HASH_SCHEMA = HEX_SCHEMA
# A dict in {'sha256': '23432df87ab..', 'sha512': '34324abc34df..', ...} format.
HASHDICT_SCHEMA = SCHEMA.DictOf(
key_schema = SCHEMA.AnyString(),
# pyspx's 'cffi' dependency may raise an 'IOError' exception when importing
except (ImportError, IOError): # pragma: no cover
pass
import securesystemslib.schema as SCHEMA
import securesystemslib.exceptions
# Note that in the schema definitions below, the 'SCHEMA.Object' types allow
# additional keys which are not defined. Thus, any additions to them will be
# easily backwards compatible with clients that are already deployed.
# A datetime in 'YYYY-MM-DDTHH:MM:SSZ' ISO 8601 format. The "Z" zone designator
# for the zero UTC offset is always used (i.e., a numerical offset is not
# supported.) Example: '2015-10-21T13:20:00Z'. Note: This is a simple format
# check, and an ISO8601 string should be fully verified when it is parsed.
ISO8601_DATETIME_SCHEMA = SCHEMA.RegularExpression(
r'\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z')
# A Unix/POSIX time format. An integer representing the number of seconds
# since the epoch (January 1, 1970.) Metadata uses this format for the
# 'expires' field. Set 'hi' to the upper timestamp limit (year 2038), the max
# value of an int.
UNIX_TIMESTAMP_SCHEMA = SCHEMA.Integer(lo=0, hi=2147483647)
# A hexadecimal value in '23432df87ab..' format.
HASH_SCHEMA = SCHEMA.RegularExpression(r'[a-fA-F0-9]+')
# A dict in {'sha256': '23432df87ab..', 'sha512': '34324abc34df..', ...} format.
HASHDICT_SCHEMA = SCHEMA.DictOf(key_schema=SCHEMA.AnyString(),
value_schema=HASH_SCHEMA)
# A hexadecimal value in '23432df87ab..' format.
