keytype=SCHEMA.AnyString(), keyval=KEYVAL_SCHEMA) # An RSA key. RSAKEY_SCHEMA = SCHEMA.Object(object_name='rsakey', keytype=SCHEMA.String('rsa'), keyid=KEYID_SCHEMA, keyval=KEYVAL_SCHEMA) # Info that describes both metadata and target files. # This schema allows the storage of multiple hashes for the same file # (e.g., sha256 and sha512 may be computed for the same file and stored). FILEINFO_SCHEMA = SCHEMA.Object(object_name='fileinfo', length=LENGTH_SCHEMA, hashes=HASHDICT_SCHEMA, custom=SCHEMA.Optional(SCHEMA.Object())) # A dict holding the information for a particular file. The keys hold the # relative file path and the values the relevant file information. FILEDICT_SCHEMA = SCHEMA.DictOf(key_schema=RELPATH_SCHEMA, value_schema=FILEINFO_SCHEMA) # A dict holding a target file. TARGETFILE_SCHEMA = SCHEMA.Object(object_name='targetfile', filepath=RELPATH_SCHEMA, fileinfo=FILEINFO_SCHEMA) TARGETFILES_SCHEMA = SCHEMA.ListOf(TARGETFILE_SCHEMA) # A single signature of an object. Indicates the signature, the id of the # signing key, and the signing method. # I debated making the signature schema not contain the key id and instead have
signed=VEHICLE_VERSION_MANIFEST_SCHEMA, signatures=SCHEMA.ListOf(SIGNATURE_SCHEMA)) # Information sent to the director by the primary. # There probably will be additional fields here. VEHICLE_REPORT_TO_DIRECTOR_SCHEMA = SCHEMA.Object( vin=VIN_SCHEMA, software_manifest=VEHICLE_VERSION_MANIFEST_SCHEMA) DESCRIPTION_OF_ATTACKS_SCHEMA = SCHEMA.AnyString() # This is the format for a single assignment given to an ECU by the Director. ECU_SOFTWARE_ASSIGNMENT_SCHEMA = SCHEMA.Object( ecu_serial=ECU_SERIAL_SCHEMA, previous_time=tuf.formats.ISO8601_DATETIME_SCHEMA, #UTC_DATETIME_SCHEMA, current_time=tuf.formats.ISO8601_DATETIME_SCHEMA, security_attack=SCHEMA.Optional(DESCRIPTION_OF_ATTACKS_SCHEMA), #image_type = SCHEMA.OneOf('bootloader', 'application', 'other'), # removed from spec installed_image=tuf.formats.TARGETFILE_SCHEMA) #load_order = SCHEMA.Integer(lo=0, hi=2147483647)) # not in spec # A list of ECU_SOFTWARE_ASSIGNMENT_SCHEMA should be everything that is # required for the director metadata to be written. VEHICLE_SOFTWARE_ASSIGNMENTS_SCHEMA = SCHEMA.ListOf( ECU_SOFTWARE_ASSIGNMENT_SCHEMA) # The format for the timeserver's signed time response will be a # SIGNABLE_SCHEMA (from TUF). THAT in TURN will contain, in field 'signed', one # of these objects: TIMESERVER_ATTESTATION_SCHEMA = SCHEMA.Object(time=ISO8601_DATETIME_SCHEMA, nonces=NONCE_LIST_SCHEMA)
# An RSA key in PEM format. PEMRSA_SCHEMA = SCHEMA.AnyString() # A string representing a password. PASSWORD_SCHEMA = SCHEMA.AnyString() # A list of passwords. PASSWORDS_SCHEMA = SCHEMA.ListOf(PASSWORD_SCHEMA) # The actual values of a key, as opposed to meta data such as a key type and # key identifier ('rsa', 233df889cb). For RSA keys, the key value is a pair of # public and private keys in PEM Format stored as strings. KEYVAL_SCHEMA = SCHEMA.Object(object_name='KEYVAL_SCHEMA', public=SCHEMA.AnyString(), private=SCHEMA.Optional(SCHEMA.AnyString())) # Supported TUF key types. KEYTYPE_SCHEMA = SCHEMA.OneOf([SCHEMA.String('rsa'), SCHEMA.String('ed25519')]) # A generic TUF key. All TUF keys should be saved to metadata files in this # format. KEY_SCHEMA = SCHEMA.Object(object_name='KEY_SCHEMA', keytype=SCHEMA.AnyString(), keyval=KEYVAL_SCHEMA) # A TUF key object. This schema simplifies validation of keys that may be # one of the supported key types. # Supported key types: 'rsa', 'ed25519'. ANYKEY_SCHEMA = SCHEMA.Object(object_name='ANYKEY_SCHEMA', keytype=KEYTYPE_SCHEMA,
keyid=KEYID_SCHEMA, keyval=KEYVAL_SCHEMA) # An ed25519 key. ED25519KEY_SCHEMA = SCHEMA.Object(object_name='ed25519key', keytype=SCHEMA.String('ed25519'), keyid=KEYID_SCHEMA, keyval=KEYVAL_SCHEMA) # Info that describes both metadata and target files. # This schema allows the storage of multiple hashes for the same file # (e.g., sha256 and sha512 may be computed for the same file and stored). FILEINFO_SCHEMA = SCHEMA.Object(object_name='fileinfo', length=LENGTH_SCHEMA, hashes=HASHDICT_SCHEMA, custom=SCHEMA.Optional(SCHEMA.Object())) # A dict holding the information for a particular file. The keys hold the # relative file path and the values the relevant file information. FILEDICT_SCHEMA = SCHEMA.DictOf(key_schema=RELPATH_SCHEMA, value_schema=FILEINFO_SCHEMA) # A dict holding a target file. TARGETFILE_SCHEMA = SCHEMA.Object(object_name='targetfile', filepath=RELPATH_SCHEMA, fileinfo=FILEINFO_SCHEMA) TARGETFILES_SCHEMA = SCHEMA.ListOf(TARGETFILE_SCHEMA) # A single signature of an object. Indicates the signature, the id of the # signing key, and the signing method. # I debated making the signature schema not contain the key id and instead have
# An ED25519 raw signature, which must be 64 bytes. ED25519SIGNATURE_SCHEMA = SCHEMA.LengthString(64) # An ed25519 TUF key. ED25519KEY_SCHEMA = SCHEMA.Object(object_name='ED25519KEY_SCHEMA', keytype=SCHEMA.String('ed25519'), keyid=KEYID_SCHEMA, keyval=KEYVAL_SCHEMA) # Info that describes both metadata and target files. # This schema allows the storage of multiple hashes for the same file # (e.g., sha256 and sha512 may be computed for the same file and stored). FILEINFO_SCHEMA = SCHEMA.Object(object_name='FILEINFO_SCHEMA', length=LENGTH_SCHEMA, hashes=HASHDICT_SCHEMA, custom=SCHEMA.Optional(SCHEMA.Object())) # A dict holding the information for a particular file. The keys hold the # relative file path and the values the relevant file information. FILEDICT_SCHEMA = SCHEMA.DictOf(key_schema=RELPATH_SCHEMA, value_schema=FILEINFO_SCHEMA) # A dict holding a target file. TARGETFILE_SCHEMA = SCHEMA.Object(object_name='TARGETFILE_SCHEMA', filepath=RELPATH_SCHEMA, fileinfo=FILEINFO_SCHEMA) TARGETFILES_SCHEMA = SCHEMA.ListOf(TARGETFILE_SCHEMA) # A single signature of an object. Indicates the signature, the id of the # signing key, and the signing method. # I debated making the signature schema not contain the key id and instead have
# An RSA key in PEM format. PEMRSA_SCHEMA = SCHEMA.AnyString() # A string representing a password. PASSWORD_SCHEMA = SCHEMA.AnyString() # A list of passwords. PASSWORDS_SCHEMA = SCHEMA.ListOf(PASSWORD_SCHEMA) # The actual values of a key, as opposed to meta data such as a key type and # key identifier ('rsa', 233df889cb). For RSA keys, the key value is a pair of # public and private keys in PEM Format stored as strings. KEYVAL_SCHEMA = SCHEMA.Object(object_name='KEYVAL_SCHEMA', public=SCHEMA.AnyString(), private=SCHEMA.Optional(SCHEMA.AnyString())) # Supported TUF key types. KEYTYPE_SCHEMA = SCHEMA.OneOf([SCHEMA.String('rsa'), SCHEMA.String('ed25519')]) # A generic TUF key. All TUF keys should be saved to metadata files in this # format. KEY_SCHEMA = SCHEMA.Object(object_name='KEY_SCHEMA', keytype=SCHEMA.AnyString(), keyval=KEYVAL_SCHEMA, expires=SCHEMA.Optional(ISO8601_DATETIME_SCHEMA)) # A TUF key object. This schema simplifies validation of keys that may be one # of the supported key types. Supported key types: 'rsa', 'ed25519'. ANYKEY_SCHEMA = SCHEMA.Object( object_name='ANYKEY_SCHEMA',
signatures = SCHEMA.ListOf(SIGNATURE_SCHEMA)) # Information sent to the director by the primary. # There probably will be additional fields here. VEHICLE_REPORT_TO_DIRECTOR_SCHEMA = SCHEMA.Object( vin = VIN_SCHEMA, software_manifest = VEHICLE_VERSION_MANIFEST_SCHEMA) # This is the format for a single assignment given to an ECU by the Director. ECU_SOFTWARE_ASSIGNMENT_SCHEMA = SCHEMA.Object( ecu_serial = ECU_SERIAL_SCHEMA, previous_time = tuf.formats.ISO8601_DATETIME_SCHEMA, #UTC_DATETIME_SCHEMA, current_time = tuf.formats.ISO8601_DATETIME_SCHEMA, security_attack = SCHEMA.Optional(SCHEMA.AnyString()), # TODO: Clear this up #image_type = SCHEMA.OneOf('bootloader', 'application', 'other'), # removed from spec installed_image = tuf.formats.TARGETFILE_SCHEMA) #load_order = SCHEMA.Integer(lo=0, hi=2147483647)) # not in spec # A list of ECU_SOFTWARE_ASSIGNMENT_SCHEMA should be everything that is # required for the director metadata to be written. VEHICLE_SOFTWARE_ASSIGNMENTS_SCHEMA = SCHEMA.ListOf( ECU_SOFTWARE_ASSIGNMENT_SCHEMA) # The format for the timeserver's signed time response will be a # SIGNABLE_SCHEMA (from TUF). THAT in TURN will contain, in field 'signed', one # of these objects: TIMESERVER_ATTESTATION_SCHEMA = SCHEMA.Object( time = ISO8601_DATETIME_SCHEMA,