def test_metadata_snapshot(self): snapshot_path = os.path.join( self.repo_dir, 'metadata', 'snapshot.json') snapshot = Metadata.from_file(snapshot_path) # Create a MetaFile instance representing what we expect # the updated data to be. hashes = {'sha256': 'c2986576f5fdfd43944e2b19e775453b96748ec4fe2638a6d2f32f1310967095'} fileinfo = MetaFile(2, 123, hashes) self.assertNotEqual( snapshot.signed.meta['role1.json'].to_dict(), fileinfo.to_dict() ) snapshot.signed.update('role1', fileinfo) self.assertEqual( snapshot.signed.meta['role1.json'].to_dict(), fileinfo.to_dict() )
def update_snapshot(self) -> None: """Update snapshot, assign targets versions and update timestamp.""" for role, delegate in self.all_targets(): hashes = None length = None if self.compute_metafile_hashes_length: hashes, length = self._compute_hashes_and_length(role) self.snapshot.meta[f"{role}.json"] = MetaFile( delegate.version, length, hashes) self.snapshot.version += 1 self.update_timestamp()
def update_timestamp(self) -> None: """Update timestamp and assign snapshot version to snapshot_meta version. """ hashes = None length = None if self.compute_metafile_hashes_length: hashes, length = self._compute_hashes_and_length(Snapshot.type) self.timestamp.snapshot_meta = MetaFile(self.snapshot.version, length, hashes) self.timestamp.version += 1
def test_metadata_timestamp(self): timestamp_path = os.path.join( self.repo_dir, 'metadata', 'timestamp.json') timestamp = Metadata.from_file(timestamp_path) self.assertEqual(timestamp.signed.version, 1) timestamp.signed.bump_version() self.assertEqual(timestamp.signed.version, 2) self.assertEqual(timestamp.signed.expires, datetime(2030, 1, 1, 0, 0)) timestamp.signed.bump_expiration() self.assertEqual(timestamp.signed.expires, datetime(2030, 1, 2, 0, 0)) timestamp.signed.bump_expiration(timedelta(days=365)) self.assertEqual(timestamp.signed.expires, datetime(2031, 1, 2, 0, 0)) # Test whether dateutil.relativedelta works, this provides a much # easier to use interface for callers delta = relativedelta(days=1) timestamp.signed.bump_expiration(delta) self.assertEqual(timestamp.signed.expires, datetime(2031, 1, 3, 0, 0)) delta = relativedelta(years=5) timestamp.signed.bump_expiration(delta) self.assertEqual(timestamp.signed.expires, datetime(2036, 1, 3, 0, 0)) # Create a MetaFile instance representing what we expect # the updated data to be. hashes = {'sha256': '0ae9664468150a9aa1e7f11feecb32341658eb84292851367fea2da88e8a58dc'} fileinfo = MetaFile(2, 520, hashes) self.assertNotEqual( timestamp.signed.meta['snapshot.json'].to_dict(), fileinfo.to_dict() ) timestamp.signed.update(fileinfo) self.assertEqual( timestamp.signed.meta['snapshot.json'].to_dict(), fileinfo.to_dict() )
def meta_modifier(snapshot: Snapshot) -> None: for metafile_path in snapshot.meta: snapshot.meta[metafile_path] = MetaFile(version=2)
def test_metafile_serialization(self, test_case_data: str): case_dict = json.loads(test_case_data) metafile = MetaFile.from_dict(copy.copy(case_dict)) self.assertDictEqual(case_dict, metafile.to_dict())
def test_invalid_metafile_serialization(self, test_case_data: Dict[str, str]): case_dict = json.loads(test_case_data) with self.assertRaises((TypeError, ValueError, AttributeError)): MetaFile.from_dict(copy.deepcopy(case_dict))
def test_invalid_metafile_serialization(self, test_case_data: str) -> None: case_dict = json.loads(test_case_data) with self.assertRaises((TypeError, ValueError, AttributeError)): MetaFile.from_dict(case_dict)
# Increase expiry (delegators should be less volatile) roles["targets"].signed.expires = _in(365) # Snapshot + Timestamp + Sign + Persist # ------------------------------------- # In order to publish a new consistent set of metadata, we need to update # dependent roles (snapshot, timestamp) accordingly, bumping versions of all # changed metadata. # Bump targets version roles["targets"].signed.version += 1 # Update snapshot to account for changed and new targets metadata roles["snapshot"].signed.meta["targets.json"].version = roles[ "targets"].signed.version roles["snapshot"].signed.meta[f"{delegatee_name}.json"] = MetaFile(version=1) roles["snapshot"].signed.version += 1 # Update timestamp to account for changed snapshot metadata roles["timestamp"].signed.snapshot_meta.version = roles[ "snapshot"].signed.version roles["timestamp"].signed.version += 1 # Sign and write metadata for all changed roles, i.e. all but root for role_name in ["targets", "python-scripts", "snapshot", "timestamp"]: signer = SSlibSigner(keys[role_name]) roles[role_name].sign(signer) # Prefix all but timestamp with version number (see consistent snapshot) filename = f"{role_name}.json" if role_name != "timestamp":