def _get_signed_role_info(self, role, directory=None):
role_info = self._get_role_info(role, directory=directory)
filename = repr(role + ".txt")
# Try sign_metadata(), see if signable is returned.
signed_meta = signerlib.sign_metadata(role_info[0], role_info[1], filename)
return signed_meta, role_info
def _get_signed_role_info(self, role, directory=None):
role_info = self._get_role_info(role, directory=directory)
filename = repr(role+'.txt')
# Try sign_metadata(), see if signable is returned.
signed_meta = signerlib.sign_metadata(role_info[0], role_info[1],
filename)
return signed_meta, role_info
def _remake_timestamp(metadata_dir, keyids):
"""Create timestamp metadata object. Modify expiration date. Sign and
write the metadata.
"""
global version
version = version + 1
expiration_date = tuf.formats.format_time(time.time() + EXPIRATION)
release_filepath = os.path.join(metadata_dir, 'release.txt')
timestamp_filepath = os.path.join(metadata_dir, 'timestamp.txt')
timestamp_metadata = signerlib.generate_timestamp_metadata(
release_filepath, version, expiration_date)
signable = \
signerlib.sign_metadata(timestamp_metadata, keyids, timestamp_filepath)
signerlib.write_metadata_file(signable, timestamp_filepath)
def _remake_timestamp(metadata_dir, keyids):
"""Create timestamp metadata object. Modify expiration date. Sign and
write the metadata.
"""
global version
version = version+1
expiration_date = tuf.formats.format_time(time.time()+EXPIRATION)
release_filepath = os.path.join(metadata_dir, 'release.txt')
timestamp_filepath = os.path.join(metadata_dir, 'timestamp.txt')
timestamp_metadata = signerlib.generate_timestamp_metadata(release_filepath,
version,
expiration_date)
signable = \
signerlib.sign_metadata(timestamp_metadata, keyids, timestamp_filepath)
signerlib.write_metadata_file(signable, timestamp_filepath)
def test_4_sign_metadata(self):
"""
test_4_sign_metadata() will require us to create metadata using one of
the generate_role_metadata() and use monkey patched keystore's get_key().
"""
# SETUP.
original_get_key = tuf.repo.keystore.get_key
for role in ['root', 'targets']:
role_info = self._get_role_info(role)
filename = role+'.txt'
# TESTS
# Test: normal case.
signable = signerlib.sign_metadata(role_info[0], role_info[1],
filename)
# Check if signable is returned.
self.assertTrue(formats.SIGNABLE_SCHEMA.matches(signable))
# Test: Incorrect arguments.
self.assertRaises(tuf.FormatError, signerlib.sign_metadata,
self.random_string(), role_info[1], filename)
self.assertRaises(tuf.FormatError, signerlib.sign_metadata,
role_info[0], 12345, filename)
# Test: Verifying 'keytype' value, once is sufficient.
if role == 'root':
# Alter 'keytype' value of the rsa key. Restore it after.
for keyid in role_info[1]:
key = self.get_keystore_key(keyid)
key['keytype'] = 'unknown_type'
self.assertRaises(tuf.Error, signerlib.sign_metadata, role_info[0],
role_info[1], filename)
# Restoring the initial state of rsa_keystore.
for keyid in role_info[1]:
key = self.get_keystore_key(keyid)
key['keytype'] = 'rsa'
# RESTORE
tuf.repo.keystore.get_key = original_get_key
def test_4_sign_metadata(self):
"""
test_4_sign_metadata() will require us to create metadata using one of
the generate_role_metadata() and use monkey patched keystore's get_key().
"""
# SETUP.
original_get_key = tuf.repo.keystore.get_key
for role in ['root', 'targets']:
role_info = self._get_role_info(role)
filename = role+'.txt'
# TESTS
# Test: normal case.
signable = signerlib.sign_metadata(role_info[0], role_info[1],
filename)
# Check if signable is returned.
self.assertTrue(formats.SIGNABLE_SCHEMA.matches(signable))
# Test: Incorrect arguments.
self.assertRaises(tuf.FormatError, signerlib.sign_metadata,
self.random_string(), role_info[1], filename)
self.assertRaises(tuf.FormatError, signerlib.sign_metadata,
role_info[0], 12345, filename)
# Test: Verifying 'keytype' value, once is sufficient.
if role == 'root':
# Alter 'keytype' value of the rsa key. Restore it after.
for keyid in role_info[1]:
key = self.get_keystore_key(keyid)
key['keytype'] = 'unknown_type'
self.assertRaises(tuf.Error, signerlib.sign_metadata, role_info[0],
role_info[1], filename)
# Restoring the initial state of rsa_keystore.
for keyid in role_info[1]:
key = self.get_keystore_key(keyid)
key['keytype'] = 'rsa'
# RESTORE
tuf.repo.keystore.get_key = original_get_key
def test_4_sign_metadata(self):
"""
test_4_sign_metadata() will require us to create metadata using one of
the generate_role_metadata() and use monkey patched keystore's get_key().
"""
for role in ['root', 'targets']:
# SETUP.
role_info = self._get_role_info(role)
filename = role+'.txt'
# Test: normal case.
try:
signable = signerlib.sign_metadata(role_info[0], role_info[1],
filename)
except Exception, e:
raise
# Check if signable is returned.
self.assertTrue(formats.SIGNABLE_SCHEMA.matches(signable))
# Test: various bogus parameters.
self.assertRaises(tuf.FormatError, signerlib.sign_metadata,
self.random_string(), role_info[1], filename)
self.assertRaises(tuf.FormatError, signerlib.sign_metadata,
role_info[0], 12345, filename)
# Test: Verifying 'keytype', once is sufficient.
if role == 'root':
# Alter keytype field of the rsa key. Restore it after.
for keyid in role_info[1]:
key = self.get_keystore_key(keyid)
key['keytype'] = 'unknown_type'
self.assertRaises(tuf.Error, signerlib.sign_metadata, role_info[0],
role_info[1], filename)
# Restoring the initial state of rsa_keystore.
for keyid in role_info[1]:
key = self.get_keystore_key(keyid)
key['keytype'] = 'rsa'