keytype=SCHEMA.AnyString(),
keyval=KEYVAL_SCHEMA)
# An RSA key.
RSAKEY_SCHEMA = SCHEMA.Object(object_name='rsakey',
keytype=SCHEMA.String('rsa'),
keyid=KEYID_SCHEMA,
keyval=KEYVAL_SCHEMA)
# Info that describes both metadata and target files.
# This schema allows the storage of multiple hashes for the same file
# (e.g., sha256 and sha512 may be computed for the same file and stored).
FILEINFO_SCHEMA = SCHEMA.Object(object_name='fileinfo',
length=LENGTH_SCHEMA,
hashes=HASHDICT_SCHEMA,
custom=SCHEMA.Optional(SCHEMA.Object()))
# A dict holding the information for a particular file. The keys hold the
# relative file path and the values the relevant file information.
FILEDICT_SCHEMA = SCHEMA.DictOf(key_schema=RELPATH_SCHEMA,
value_schema=FILEINFO_SCHEMA)
# A dict holding a target file.
TARGETFILE_SCHEMA = SCHEMA.Object(object_name='targetfile',
filepath=RELPATH_SCHEMA,
fileinfo=FILEINFO_SCHEMA)
TARGETFILES_SCHEMA = SCHEMA.ListOf(TARGETFILE_SCHEMA)
# A single signature of an object. Indicates the signature, the id of the
# signing key, and the signing method.
# I debated making the signature schema not contain the key id and instead have
signed=VEHICLE_VERSION_MANIFEST_SCHEMA,
signatures=SCHEMA.ListOf(SIGNATURE_SCHEMA))
# Information sent to the director by the primary.
# There probably will be additional fields here.
VEHICLE_REPORT_TO_DIRECTOR_SCHEMA = SCHEMA.Object(
vin=VIN_SCHEMA, software_manifest=VEHICLE_VERSION_MANIFEST_SCHEMA)
DESCRIPTION_OF_ATTACKS_SCHEMA = SCHEMA.AnyString()
# This is the format for a single assignment given to an ECU by the Director.
ECU_SOFTWARE_ASSIGNMENT_SCHEMA = SCHEMA.Object(
ecu_serial=ECU_SERIAL_SCHEMA,
previous_time=tuf.formats.ISO8601_DATETIME_SCHEMA, #UTC_DATETIME_SCHEMA,
current_time=tuf.formats.ISO8601_DATETIME_SCHEMA,
security_attack=SCHEMA.Optional(DESCRIPTION_OF_ATTACKS_SCHEMA),
#image_type = SCHEMA.OneOf('bootloader', 'application', 'other'), # removed from spec
installed_image=tuf.formats.TARGETFILE_SCHEMA)
#load_order = SCHEMA.Integer(lo=0, hi=2147483647)) # not in spec
# A list of ECU_SOFTWARE_ASSIGNMENT_SCHEMA should be everything that is
# required for the director metadata to be written.
VEHICLE_SOFTWARE_ASSIGNMENTS_SCHEMA = SCHEMA.ListOf(
ECU_SOFTWARE_ASSIGNMENT_SCHEMA)
# The format for the timeserver's signed time response will be a
# SIGNABLE_SCHEMA (from TUF). THAT in TURN will contain, in field 'signed', one
# of these objects:
TIMESERVER_ATTESTATION_SCHEMA = SCHEMA.Object(time=ISO8601_DATETIME_SCHEMA,
nonces=NONCE_LIST_SCHEMA)
# An RSA key in PEM format.
PEMRSA_SCHEMA = SCHEMA.AnyString()
# A string representing a password.
PASSWORD_SCHEMA = SCHEMA.AnyString()
# A list of passwords.
PASSWORDS_SCHEMA = SCHEMA.ListOf(PASSWORD_SCHEMA)
# The actual values of a key, as opposed to meta data such as a key type and
# key identifier ('rsa', 233df889cb). For RSA keys, the key value is a pair of
# public and private keys in PEM Format stored as strings.
KEYVAL_SCHEMA = SCHEMA.Object(object_name='KEYVAL_SCHEMA',
public=SCHEMA.AnyString(),
private=SCHEMA.Optional(SCHEMA.AnyString()))
# Supported TUF key types.
KEYTYPE_SCHEMA = SCHEMA.OneOf([SCHEMA.String('rsa'), SCHEMA.String('ed25519')])
# A generic TUF key. All TUF keys should be saved to metadata files in this
# format.
KEY_SCHEMA = SCHEMA.Object(object_name='KEY_SCHEMA',
keytype=SCHEMA.AnyString(),
keyval=KEYVAL_SCHEMA)
# A TUF key object. This schema simplifies validation of keys that may be
# one of the supported key types.
# Supported key types: 'rsa', 'ed25519'.
ANYKEY_SCHEMA = SCHEMA.Object(object_name='ANYKEY_SCHEMA',
keytype=KEYTYPE_SCHEMA,
keyid=KEYID_SCHEMA,
keyval=KEYVAL_SCHEMA)
# An ed25519 key.
ED25519KEY_SCHEMA = SCHEMA.Object(object_name='ed25519key',
keytype=SCHEMA.String('ed25519'),
keyid=KEYID_SCHEMA,
keyval=KEYVAL_SCHEMA)
# Info that describes both metadata and target files.
# This schema allows the storage of multiple hashes for the same file
# (e.g., sha256 and sha512 may be computed for the same file and stored).
FILEINFO_SCHEMA = SCHEMA.Object(object_name='fileinfo',
length=LENGTH_SCHEMA,
hashes=HASHDICT_SCHEMA,
custom=SCHEMA.Optional(SCHEMA.Object()))
# A dict holding the information for a particular file. The keys hold the
# relative file path and the values the relevant file information.
FILEDICT_SCHEMA = SCHEMA.DictOf(key_schema=RELPATH_SCHEMA,
value_schema=FILEINFO_SCHEMA)
# A dict holding a target file.
TARGETFILE_SCHEMA = SCHEMA.Object(object_name='targetfile',
filepath=RELPATH_SCHEMA,
fileinfo=FILEINFO_SCHEMA)
TARGETFILES_SCHEMA = SCHEMA.ListOf(TARGETFILE_SCHEMA)
# A single signature of an object. Indicates the signature, the id of the
# signing key, and the signing method.
# I debated making the signature schema not contain the key id and instead have
# An ED25519 raw signature, which must be 64 bytes.
ED25519SIGNATURE_SCHEMA = SCHEMA.LengthString(64)
# An ed25519 TUF key.
ED25519KEY_SCHEMA = SCHEMA.Object(object_name='ED25519KEY_SCHEMA',
keytype=SCHEMA.String('ed25519'),
keyid=KEYID_SCHEMA,
keyval=KEYVAL_SCHEMA)
# Info that describes both metadata and target files.
# This schema allows the storage of multiple hashes for the same file
# (e.g., sha256 and sha512 may be computed for the same file and stored).
FILEINFO_SCHEMA = SCHEMA.Object(object_name='FILEINFO_SCHEMA',
length=LENGTH_SCHEMA,
hashes=HASHDICT_SCHEMA,
custom=SCHEMA.Optional(SCHEMA.Object()))
# A dict holding the information for a particular file. The keys hold the
# relative file path and the values the relevant file information.
FILEDICT_SCHEMA = SCHEMA.DictOf(key_schema=RELPATH_SCHEMA,
value_schema=FILEINFO_SCHEMA)
# A dict holding a target file.
TARGETFILE_SCHEMA = SCHEMA.Object(object_name='TARGETFILE_SCHEMA',
filepath=RELPATH_SCHEMA,
fileinfo=FILEINFO_SCHEMA)
TARGETFILES_SCHEMA = SCHEMA.ListOf(TARGETFILE_SCHEMA)
# A single signature of an object. Indicates the signature, the id of the
# signing key, and the signing method.
# I debated making the signature schema not contain the key id and instead have
# An RSA key in PEM format.
PEMRSA_SCHEMA = SCHEMA.AnyString()
# A string representing a password.
PASSWORD_SCHEMA = SCHEMA.AnyString()
# A list of passwords.
PASSWORDS_SCHEMA = SCHEMA.ListOf(PASSWORD_SCHEMA)
# The actual values of a key, as opposed to meta data such as a key type and
# key identifier ('rsa', 233df889cb). For RSA keys, the key value is a pair of
# public and private keys in PEM Format stored as strings.
KEYVAL_SCHEMA = SCHEMA.Object(object_name='KEYVAL_SCHEMA',
public=SCHEMA.AnyString(),
private=SCHEMA.Optional(SCHEMA.AnyString()))
# Supported TUF key types.
KEYTYPE_SCHEMA = SCHEMA.OneOf([SCHEMA.String('rsa'), SCHEMA.String('ed25519')])
# A generic TUF key. All TUF keys should be saved to metadata files in this
# format.
KEY_SCHEMA = SCHEMA.Object(object_name='KEY_SCHEMA',
keytype=SCHEMA.AnyString(),
keyval=KEYVAL_SCHEMA,
expires=SCHEMA.Optional(ISO8601_DATETIME_SCHEMA))
# A TUF key object. This schema simplifies validation of keys that may be one
# of the supported key types. Supported key types: 'rsa', 'ed25519'.
ANYKEY_SCHEMA = SCHEMA.Object(
object_name='ANYKEY_SCHEMA',
signatures = SCHEMA.ListOf(SIGNATURE_SCHEMA))
# Information sent to the director by the primary.
# There probably will be additional fields here.
VEHICLE_REPORT_TO_DIRECTOR_SCHEMA = SCHEMA.Object(
vin = VIN_SCHEMA,
software_manifest = VEHICLE_VERSION_MANIFEST_SCHEMA)
# This is the format for a single assignment given to an ECU by the Director.
ECU_SOFTWARE_ASSIGNMENT_SCHEMA = SCHEMA.Object(
ecu_serial = ECU_SERIAL_SCHEMA,
previous_time = tuf.formats.ISO8601_DATETIME_SCHEMA, #UTC_DATETIME_SCHEMA,
current_time = tuf.formats.ISO8601_DATETIME_SCHEMA,
security_attack = SCHEMA.Optional(SCHEMA.AnyString()), # TODO: Clear this up
#image_type = SCHEMA.OneOf('bootloader', 'application', 'other'), # removed from spec
installed_image = tuf.formats.TARGETFILE_SCHEMA)
#load_order = SCHEMA.Integer(lo=0, hi=2147483647)) # not in spec
# A list of ECU_SOFTWARE_ASSIGNMENT_SCHEMA should be everything that is
# required for the director metadata to be written.
VEHICLE_SOFTWARE_ASSIGNMENTS_SCHEMA = SCHEMA.ListOf(
ECU_SOFTWARE_ASSIGNMENT_SCHEMA)
# The format for the timeserver's signed time response will be a
# SIGNABLE_SCHEMA (from TUF). THAT in TURN will contain, in field 'signed', one
# of these objects:
TIMESERVER_ATTESTATION_SCHEMA = SCHEMA.Object(
time = ISO8601_DATETIME_SCHEMA,
