Example #1
0
    def test_load_project(self):
        # This test case will first try to load an existing project and test for
        # verify the loaded object.  It will next try to load a nonexisting project
        # and expect a correct error handler.  Finally, it will try to overwrite the
        # existing prefix of the loaded project.

        # Create a local subfolder for this test.
        local_tmp = tempfile.mkdtemp(dir=self.tmp_dir)

        # Test non-existent project filepath.
        nonexistent_path = os.path.join(local_tmp, 'nonexistent')
        self.assertRaises(IOError, developer_tool.load_project,
                          nonexistent_path)

        # Copy the pregenerated metadata.
        project_data_filepath = os.path.join('repository_data', 'project')
        target_project_data_filepath = os.path.join(local_tmp, 'project')
        shutil.copytree('repository_data/project',
                        target_project_data_filepath)

        # Properly load a project.
        repo_filepath = os.path.join(local_tmp, 'project', 'test-repo')
        project = developer_tool.load_project(repo_filepath)

        self.assertTrue(project.layout_type == 'repo-like')

        repo_filepath = os.path.join(local_tmp, 'project', 'test-flat')
        new_targets_path = os.path.join(local_tmp, 'project', 'targets')
        project = developer_tool.load_project(
            repo_filepath, new_targets_location=new_targets_path)
        self.assertTrue(project._targets_directory == new_targets_path)
        self.assertTrue(project.layout_type == 'flat')

        # Load a project overwriting the prefix.
        project = developer_tool.load_project(repo_filepath, prefix='new')
        self.assertTrue(project._prefix == 'new')

        # Load a project with a file missing.
        file_to_corrupt = os.path.join(repo_filepath, 'test-flat',
                                       'role1.json')
        with open(file_to_corrupt, 'wt') as fp:
            fp.write('this is not a json file')

        self.assertRaises(tuf.Error, developer_tool.load_project,
                          repo_filepath)
Example #2
0
  def test_load_project(self):
    # This test case will first try to load an existing project and test for
    # verify the loaded object.  It will next try to load a nonexisting project
    # and expect a correct error handler.  Finally, it will try to overwrite the
    # existing prefix of the loaded project.

    # Create a local subfolder for this test.
    local_tmp = tempfile.mkdtemp(dir = self.tmp_dir)

    # Test non-existent project filepath.
    nonexistent_path = os.path.join(local_tmp, 'nonexistent')
    self.assertRaises(IOError, developer_tool.load_project, nonexistent_path)

    # Copy the pregenerated metadata.
    project_data_filepath = os.path.join('repository_data', 'project')
    target_project_data_filepath = os.path.join(local_tmp, 'project')
    shutil.copytree('repository_data/project', target_project_data_filepath)

    # Properly load a project.
    repo_filepath = os.path.join(local_tmp, 'project', 'test-repo')
    project = developer_tool.load_project(repo_filepath)
    
    self.assertTrue(project.layout_type == 'repo-like')

    repo_filepath = os.path.join(local_tmp, 'project', 'test-flat')
    new_targets_path = os.path.join(local_tmp, 'project', 'targets')
    project = developer_tool.load_project(repo_filepath,
        new_targets_location = new_targets_path)
    self.assertTrue(project._targets_directory == new_targets_path)
    self.assertTrue(project.layout_type == 'flat')

    
    # Load a project overwriting the prefix.
    project = developer_tool.load_project(repo_filepath, prefix='new')
    self.assertTrue(project._prefix == 'new')

    # Load a project with a file missing.
    file_to_corrupt = os.path.join(repo_filepath, 'test-flat', 'role1.json')
    with open(file_to_corrupt, 'wt') as fp:
      fp.write('this is not a json file')
    
    self.assertRaises(tuf.Error, developer_tool.load_project, repo_filepath)
Example #3
0
    def test_write(self):

        # Create tmp directory.
        local_tmp = tempfile.mkdtemp(dir=self.tmp_dir)

        # Create new project inside tmp directory.
        project = developer_tool.create_new_project('new_project', local_tmp,
                                                    'prefix')

        # Create some target files inside the tmp directory.
        target_filepath = os.path.join(local_tmp, 'targets', 'test_target')
        with open(target_filepath, 'wt') as fp:
            fp.write('testing file')

        # Add the targets.
        project.add_target(os.path.basename(target_filepath))

        # Add verification keys.
        keystore_path = os.path.join('repository_data', 'keystore')
        project_key_path = os.path.join(keystore_path, 'root_key.pub')
        project_key = \
          developer_tool.import_rsa_publickey_from_file(project_key_path)

        # Call status (for the sake of doing it and to improve test coverage by
        # executing its statements.)
        project.status()

        project.add_verification_key(project_key)

        # Add another verification key (should expect exception.)
        delegation_key_path = os.path.join(keystore_path, 'snapshot_key.pub')
        delegation_key = \
          developer_tool.import_ed25519_publickey_from_file(delegation_key_path)

        # Add a subdelegation.
        subdelegation_key_path = os.path.join(keystore_path,
                                              'timestamp_key.pub')
        subdelegation_key = \
            developer_tool.import_ed25519_publickey_from_file(subdelegation_key_path)

        # Add a delegation.
        project.delegate('delegation', [delegation_key], [])
        project('delegation').delegate('subdelegation', [subdelegation_key],
                                       [])

        # call write (except)
        self.assertRaises(securesystemslib.exceptions.Error, project.write, ())

        # Call status (for the sake of doing it and executing its statements.)
        project.status()

        # Load private keys.
        project_private_key_path = os.path.join(keystore_path, 'root_key')
        project_private_key = \
            developer_tool.import_rsa_privatekey_from_file(project_private_key_path,
                'password')

        delegation_private_key_path = os.path.join(keystore_path,
                                                   'snapshot_key')
        delegation_private_key = \
            developer_tool.import_ed25519_privatekey_from_file(delegation_private_key_path,
                'password')

        subdelegation_private_key_path =  \
            os.path.join(keystore_path, 'timestamp_key')
        subdelegation_private_key = \
            developer_tool.import_ed25519_privatekey_from_file(subdelegation_private_key_path,
                'password')

        # Test partial write.
        # backup everything (again)
        # + backup targets.
        targets_backup = project.target_files

        # + backup delegations.
        delegations_backup = \
            tuf.roledb.get_delegated_rolenames(project.project_name)

        # + backup layout type.
        layout_type_backup = project.layout_type

        # + backup keyids.
        keys_backup = project.keys
        delegation_keys_backup = project('delegation').keys

        # + backup the prefix.
        prefix_backup = project.prefix

        # + backup the name.
        name_backup = project.project_name

        # Write and reload.
        self.assertRaises(securesystemslib.exceptions.Error, project.write)
        project.write(write_partial=True)

        project = developer_tool.load_project(local_tmp)

        # Check against backup.
        self.assertEqual(list(project.target_files.keys()),
                         list(targets_backup.keys()))
        new_delegations = tuf.roledb.get_delegated_rolenames(
            project.project_name)
        self.assertEqual(new_delegations, delegations_backup)
        self.assertEqual(project.layout_type, layout_type_backup)
        self.assertEqual(project.keys, keys_backup)

        self.assertEqual(project('delegation').keys, delegation_keys_backup)

        self.assertEqual(project.prefix, prefix_backup)
        self.assertEqual(project.project_name, name_backup)

        roleinfo = tuf.roledb.get_roleinfo(project.project_name)

        self.assertEqual(roleinfo['partial_loaded'], True)

        # Load_signing_keys.
        project('delegation').load_signing_key(delegation_private_key)

        project.status()

        project.load_signing_key(project_private_key)

        # Backup everything.
        # + backup targets.
        targets_backup = project.target_files

        # + backup delegations.
        delegations_backup = \
            tuf.roledb.get_delegated_rolenames(project.project_name)

        # + backup layout type.
        layout_type_backup = project.layout_type

        # + backup keyids
        keys_backup = project.keys
        delegation_keys_backup = project('delegation').keys

        # + backup the prefix.
        prefix_backup = project.prefix

        # + backup the name.
        name_backup = project.project_name

        # Call status (for the sake of doing it.)
        project.status()

        # Call write.
        project.write()

        # Call load.
        project = developer_tool.load_project(local_tmp)

        # Check against backup.
        self.assertEqual(list(project.target_files.keys()),
                         list(targets_backup.keys()))

        new_delegations = tuf.roledb.get_delegated_rolenames(
            project.project_name)
        self.assertEqual(new_delegations, delegations_backup)
        self.assertEqual(project.layout_type, layout_type_backup)
        self.assertEqual(project.keys, keys_backup)
        self.assertEqual(project('delegation').keys, delegation_keys_backup)
        self.assertEqual(project.prefix, prefix_backup)
        self.assertEqual(project.project_name, name_backup)
Example #4
0
  def test_write(self):

    # Create tmp directory.
    local_tmp = tempfile.mkdtemp(dir=self.tmp_dir)

    # Create new project inside tmp directory.
    project = developer_tool.create_new_project('test_write', local_tmp, 
        'prefix');

    # Create some target files inside the tmp directory.
    target_filepath = os.path.join(local_tmp, 'targets', 'test_target')
    with open(target_filepath, 'wt') as fp:
      fp.write('testing file')
    

    # Add the targets.
    project.add_target(target_filepath)

    # Add verification keys.
    keystore_path = os.path.join('repository_data', 'keystore')
    project_key_path = os.path.join(keystore_path, 'root_key.pub')
    project_key = \
      developer_tool.import_rsa_publickey_from_file(project_key_path)


    # Call status (for the sake of doing it and to improve test coverage by 
    # executing its statements.)
    project.status()
  
    project.add_verification_key(project_key)


    # Add another verification key (should expect exception.)
    delegation_key_path = os.path.join(keystore_path, 'snapshot_key.pub')
    delegation_key = \
      developer_tool.import_rsa_publickey_from_file(delegation_key_path)

    # Add a subdelegation.
    subdelegation_key_path = os.path.join(keystore_path, 'timestamp_key.pub')
    subdelegation_key = \
        developer_tool.import_rsa_publickey_from_file(subdelegation_key_path)
    
    # Add a delegation.
    project.delegate('delegation', [delegation_key], [])
    project('delegation').delegate('subdelegation', [subdelegation_key], [])

    # call write (except)
    self.assertRaises(tuf.Error, project.write, ())

    # Call status (for the sake of doing it and executing its statements.)
    project.status()
  
    # Load private keys.
    project_private_key_path = os.path.join(keystore_path, 'root_key')
    project_private_key = \
        developer_tool.import_rsa_privatekey_from_file(project_private_key_path,
            'password')

    delegation_private_key_path = os.path.join(keystore_path, 'snapshot_key')
    delegation_private_key = \
        developer_tool.import_rsa_privatekey_from_file(delegation_private_key_path,
            'password')

    subdelegation_private_key_path =  \
        os.path.join(keystore_path, 'timestamp_key')
    subdelegation_private_key = \
        developer_tool.import_rsa_privatekey_from_file(subdelegation_private_key_path,
            'password')

    # Test partial write.
    # backup everything (again)
    # + backup targets.
    targets_backup = project.target_files

    # + backup delegations.
    delegations_backup = \
        tuf.roledb.get_delegated_rolenames(project._project_name)

    # + backup layout type.
    layout_type_backup = project.layout_type

    # + backup keyids.
    keys_backup = project.keys
    delegation_keys_backup = project('delegation').keys

    # + backup the prefix.
    prefix_backup = project._prefix
    
    # + backup the name. 
    name_backup = project._project_name
 
    # Set the compressions.  We will be checking this part here too.
    project.compressions = ['gz']
    project('delegation').compressions = project.compressions

    # Write and reload.
    self.assertRaises(tuf.Error, project.write)
    project.write(write_partial=True)

    project = developer_tool.load_project(local_tmp)

    # Check against backup.
    self.assertEqual(list(project.target_files.keys()), list(targets_backup.keys()))
    new_delegations = tuf.roledb.get_delegated_rolenames(project._project_name)
    self.assertEqual(new_delegations, delegations_backup)
    self.assertEqual(project.layout_type, layout_type_backup)
    self.assertEqual(project.keys, keys_backup)
    self.assertEqual(project('delegation').keys, delegation_keys_backup)
    self.assertEqual(project._prefix, prefix_backup)
    self.assertEqual(project._project_name, name_backup)

    

    roleinfo = tuf.roledb.get_roleinfo(project._project_name)

    self.assertEqual(roleinfo['partial_loaded'], True)



    # Load_signing_keys.
    project('delegation').load_signing_key(delegation_private_key)

    project.status()

    project('delegation')('subdelegation').load_signing_key(
        subdelegation_private_key)

    project.status()

    project.load_signing_key(project_private_key)

    # Backup everything.
    # + backup targets.
    targets_backup = project.target_files

    # + backup delegations.
    delegations_backup = \
        tuf.roledb.get_delegated_rolenames(project._project_name)

    # + backup layout type.
    layout_type_backup = project.layout_type

    # + backup keyids
    keys_backup = project.keys
    delegation_keys_backup = project('delegation').keys

    # + backup the prefix.
    prefix_backup = project._prefix
    
    # + backup the name.
    name_backup = project._project_name

    # Call status (for the sake of doing it.)
    project.status()

    # Call write.
    project.write()

    # Call load.
    project = developer_tool.load_project(local_tmp)


    # Check against backup.
    self.assertEqual(list(project.target_files.keys()), list(targets_backup.keys()))

    new_delegations = tuf.roledb.get_delegated_rolenames(project._project_name)
    self.assertEqual(new_delegations, delegations_backup)
    self.assertEqual(project.layout_type, layout_type_backup)
    self.assertEqual(project.keys, keys_backup)
    self.assertEqual(project('delegation').keys, delegation_keys_backup)
    self.assertEqual(project._prefix, prefix_backup)
    self.assertEqual(project._project_name, name_backup)