def delegate(args):
# parse the options
options, args = getopt.getopt(args, "", ["keyid=", "keystore=", "repo="])
fuzzy_keys = _get_key_ids(options)
parentrole, role, rolekey, paths = args[0], args[1], args[2], args[3:]
_keystore = _get_keystore(options)
metadir = _get_meta_dir(options)
targets_file = _get_meta_filenames(metadir)['targets']
# get the key from the keystore
key = signerlib.get_key(_keystore, rolekey)
# extract the metadata from the targets file
targets_metadata = signerlib.read_metadata_file(targets_file)
# extract the delegations structure if it exists
delegations = targets_metadata.get('delegations', {})
# update the keys field
keys = delegations.get('keys', {})
keys[rolekey] = key.get_meta()
delegations['keys'] = keys
# update the roles field
roles = delegations.get('roles', {})
roles[role] = tuf.formats.make_role_meta([key.get_key_id()], 1, paths)
delegations['roles'] = roles
# update the larger metadata structure
targets_metadata['delegations'] = delegations
# and try to write the whole thing
meta = tuf.formats.make_signable(targets_metadata)
_sign_and_write(meta, fuzzy_keys, targets_file, options)
def delegate(args):
# parse the options
options, args = getopt.getopt(args, "", ["keyid=", "keystore=", "repo="])
fuzzy_keys = _get_key_ids(options)
parentrole, role, rolekey, paths = args[0], args[1], args[2], args[3:]
_keystore = _get_keystore(options)
metadir = _get_meta_dir(options)
targets_file = _get_meta_filenames(metadir)['targets']
# get the key from the keystore
key = signerlib.get_key(_keystore, rolekey)
# extract the metadata from the targets file
targets_metadata = signerlib.read_metadata_file(targets_file)
# extract the delegations structure if it exists
delegations = targets_metadata.get('delegations', {})
# update the keys field
keys = delegations.get('keys', {})
keys[rolekey] = key.get_meta()
delegations['keys'] = keys
# update the roles field
roles = delegations.get('roles', {})
roles[role] = tuf.formats.make_role_meta([key.get_key_id()], 1, paths)
delegations['roles'] = roles
# update the larger metadata structure
targets_metadata['delegations'] = delegations
# and try to write the whole thing
meta = tuf.formats.make_signable(targets_metadata)
_sign_and_write(meta, fuzzy_keys, targets_file, options)
def dumpkey(args):
options, args = getopt.getopt(args, "", ["keystore=", "include-secret"])
includeSecret = False
for o, v in options:
if o == '--include-secret':
includeSecret = True
ks = _get_keystore(options)
keys = []
if len(args):
keys = [signerlib.get_key(ks, a) for a in args]
else:
keys = list(ks.iterkeys())
for k in keys:
data = k.get_meta(private=includeSecret)
print "Key(", json.dumps(data, indent=2, sort_keys=True), ")"
def dumpkey(args):
options, args = getopt.getopt(args, "", ["keystore=", "include-secret"])
includeSecret = False
for o, v in options:
if o == '--include-secret':
includeSecret = True
ks = _get_keystore(options)
keys = []
if len(args):
keys = [signerlib.get_key(ks, a) for a in args]
else:
keys = list(ks.iterkeys())
for k in keys:
data = k.get_meta(private=includeSecret)
print "Key(", json.dumps(data, indent=2, sort_keys=True), ")"
