Exemple #1
0
    def _get_signed_role_info(self, role, directory=None):
        role_info = self._get_role_info(role, directory=directory)
        filename = repr(role + ".txt")

        # Try sign_metadata(), see if signable is returned.
        signed_meta = signerlib.sign_metadata(role_info[0], role_info[1], filename)
        return signed_meta, role_info
Exemple #2
0
  def _get_signed_role_info(self, role, directory=None):
    role_info = self._get_role_info(role, directory=directory)
    filename = repr(role+'.txt')

    # Try sign_metadata(), see if signable is returned.
    signed_meta = signerlib.sign_metadata(role_info[0], role_info[1],
                                          filename)
    return signed_meta, role_info
Exemple #3
0
def _remake_timestamp(metadata_dir, keyids):
    """Create timestamp metadata object.  Modify expiration date.  Sign and
  write the metadata.
  """

    global version
    version = version + 1
    expiration_date = tuf.formats.format_time(time.time() + EXPIRATION)

    release_filepath = os.path.join(metadata_dir, 'release.txt')
    timestamp_filepath = os.path.join(metadata_dir, 'timestamp.txt')
    timestamp_metadata = signerlib.generate_timestamp_metadata(
        release_filepath, version, expiration_date)
    signable = \
      signerlib.sign_metadata(timestamp_metadata, keyids, timestamp_filepath)
    signerlib.write_metadata_file(signable, timestamp_filepath)
def _remake_timestamp(metadata_dir, keyids):
  """Create timestamp metadata object.  Modify expiration date.  Sign and
  write the metadata.
  """
  
  global version
  version = version+1
  expiration_date = tuf.formats.format_time(time.time()+EXPIRATION)
  
  release_filepath = os.path.join(metadata_dir, 'release.txt')
  timestamp_filepath = os.path.join(metadata_dir, 'timestamp.txt')
  timestamp_metadata = signerlib.generate_timestamp_metadata(release_filepath,
                                                             version,
                                                             expiration_date)
  signable = \
    signerlib.sign_metadata(timestamp_metadata, keyids, timestamp_filepath)
  signerlib.write_metadata_file(signable, timestamp_filepath)
Exemple #5
0
  def test_4_sign_metadata(self):
    """
    test_4_sign_metadata() will require us to create metadata using one of
    the generate_role_metadata() and use monkey patched keystore's get_key().
    """

    # SETUP.
    original_get_key = tuf.repo.keystore.get_key
    
    for role in ['root', 'targets']:

      role_info = self._get_role_info(role)
      filename = role+'.txt'


      # TESTS
      #  Test: normal case.
      signable = signerlib.sign_metadata(role_info[0], role_info[1],
                                         filename)

      #  Check if signable is returned.
      self.assertTrue(formats.SIGNABLE_SCHEMA.matches(signable))

      #  Test: Incorrect arguments.
      self.assertRaises(tuf.FormatError, signerlib.sign_metadata,
                        self.random_string(), role_info[1], filename)
      self.assertRaises(tuf.FormatError, signerlib.sign_metadata,
                        role_info[0], 12345, filename)

      #  Test: Verifying 'keytype' value, once is sufficient.
      if role == 'root':
        #  Alter 'keytype' value of the rsa key.  Restore it after.
        for keyid in role_info[1]:
          key = self.get_keystore_key(keyid)
          key['keytype'] = 'unknown_type'
        self.assertRaises(tuf.Error, signerlib.sign_metadata, role_info[0],
            role_info[1], filename)

        #  Restoring the initial state of rsa_keystore.
        for keyid in role_info[1]:
          key = self.get_keystore_key(keyid)
          key['keytype'] = 'rsa'

    # RESTORE
    tuf.repo.keystore.get_key = original_get_key
Exemple #6
0
  def test_4_sign_metadata(self):
    """
    test_4_sign_metadata() will require us to create metadata using one of
    the generate_role_metadata() and use monkey patched keystore's get_key().
    """

    # SETUP.
    original_get_key = tuf.repo.keystore.get_key
    
    for role in ['root', 'targets']:

      role_info = self._get_role_info(role)
      filename = role+'.txt'


      # TESTS
      #  Test: normal case.
      signable = signerlib.sign_metadata(role_info[0], role_info[1],
                                         filename)

      #  Check if signable is returned.
      self.assertTrue(formats.SIGNABLE_SCHEMA.matches(signable))

      #  Test: Incorrect arguments.
      self.assertRaises(tuf.FormatError, signerlib.sign_metadata,
                        self.random_string(), role_info[1], filename)
      self.assertRaises(tuf.FormatError, signerlib.sign_metadata,
                        role_info[0], 12345, filename)

      #  Test: Verifying 'keytype' value, once is sufficient.
      if role == 'root':
        #  Alter 'keytype' value of the rsa key.  Restore it after.
        for keyid in role_info[1]:
          key = self.get_keystore_key(keyid)
          key['keytype'] = 'unknown_type'
        self.assertRaises(tuf.Error, signerlib.sign_metadata, role_info[0],
            role_info[1], filename)

        #  Restoring the initial state of rsa_keystore.
        for keyid in role_info[1]:
          key = self.get_keystore_key(keyid)
          key['keytype'] = 'rsa'

    # RESTORE
    tuf.repo.keystore.get_key = original_get_key
Exemple #7
0
  def test_4_sign_metadata(self):
    """
    test_4_sign_metadata() will require us to create metadata using one of
    the generate_role_metadata() and use monkey patched keystore's get_key().
    """

    for role in ['root', 'targets']:

      # SETUP.
      role_info = self._get_role_info(role)
      filename = role+'.txt'

      #  Test: normal case.
      try:
        signable = signerlib.sign_metadata(role_info[0], role_info[1],
                                           filename)
      except Exception, e:
        raise

      #  Check if signable is returned.
      self.assertTrue(formats.SIGNABLE_SCHEMA.matches(signable))


      #  Test: various bogus parameters.
      self.assertRaises(tuf.FormatError, signerlib.sign_metadata,
                        self.random_string(), role_info[1], filename)
      self.assertRaises(tuf.FormatError, signerlib.sign_metadata,
                        role_info[0], 12345, filename)


      #  Test: Verifying 'keytype', once is sufficient.
      if role == 'root':

        #  Alter keytype field of the rsa key.  Restore it after.
        for keyid in role_info[1]:
          key = self.get_keystore_key(keyid)
          key['keytype'] = 'unknown_type'
        self.assertRaises(tuf.Error, signerlib.sign_metadata, role_info[0],
            role_info[1], filename)

        #  Restoring the initial state of rsa_keystore.
        for keyid in role_info[1]:
          key = self.get_keystore_key(keyid)
          key['keytype'] = 'rsa'