def _sign_and_write(meta, fuzzy_keys, filename, options): """Sign metadata and write it to a file. Overwrites the original file. If any of the keyids have already signed the file, the old signatures of those keyids will be replaced. """ keystore = _get_keystore(options) meta = signerlib.sign_meta(meta, fuzzy_keys, keystore) signerlib.write_metadata_file(meta, filename)
def build_targets_txt(target_root, fuzzy_keys, key_db, server_root): server_root = os.path.abspath(server_root) target_root = os.path.abspath(target_root) logger.info(target_root) metadata_root = os.path.join(server_root, "meta") cwd = os.getcwd() os.chdir(server_root) server_root_length = len(server_root) # get the list of targets targets = [] for root, dirs, files in walk(target_root): for target_file in files: targets.append(os.path.join(root, target_file)[server_root_length+1:]) # feed it to signerlib targets_meta = signerlib.generate_targets_meta(targets) # sign it signed = signerlib.sign_meta(targets_meta, fuzzy_keys, key_db) # write it signerlib.write_metadata_file(signed, metadata_root + pathsep + "targets.txt") os.chdir(cwd)
def build_timestamp_txt(fuzzy_keys, key_db, metadata_root): release_path = metadata_root + pathsep + "release.txt" timestamp_meta = signerlib.generate_timestamp_meta(release_path) signed = signerlib.sign_meta(timestamp_meta, fuzzy_keys, key_db) signerlib.write_metadata_file(signed, metadata_root + pathsep + "timestamp.txt")
def build_release_txt(fuzzy_keys, key_db, metadata_root): release_meta = signerlib.generate_release_meta(metadata_root) signed = signerlib.sign_meta(release_meta, fuzzy_keys, key_db) signerlib.write_metadata_file(signed, metadata_root + pathsep + "release.txt")
def build_root_txt(location, fuzzy_keys, key_db, metadata_root): root_meta = signerlib.generate_root_meta(location, key_db) signed = signerlib.sign_meta(root_meta, fuzzy_keys, key_db) signerlib.write_metadata_file(signed, metadata_root + pathsep + "root.txt")