Пример #1
0
    def test_create_new_project(self):
        # Test cases for the create_new_project function. In this test we will
        # check input, correct file creation and format. We also check
        # that a proper object is generated. We will use the normal layout for this
        # test suite.

        # Create a local subfolder for this test.
        local_tmp = tempfile.mkdtemp(dir=self.tmp_dir)

        # These are the usual values we will be throwing to the function, however
        # we will swap these for nulls or malformed values every now and then to
        # test input.
        project_name = 'test_suite'
        metadata_directory = local_tmp
        location_in_repository = '/prefix'
        targets_directory = None
        key = None

        # Create a blank project.
        project = developer_tool.create_new_project(project_name,
                                                    metadata_directory,
                                                    location_in_repository)

        self.assertTrue(isinstance(project, developer_tool.Project))
        self.assertTrue(project.layout_type == 'repo-like')
        self.assertTrue(project.prefix == location_in_repository)
        self.assertTrue(project.project_name == project_name)
        self.assertTrue(project.metadata_directory == os.path.join(
            metadata_directory, METADATA_DIRECTORY_NAME))
        self.assertTrue(project.targets_directory == os.path.join(
            metadata_directory, TARGETS_DIRECTORY_NAME))

        # Create a blank project without a prefix.
        project = developer_tool.create_new_project(project_name,
                                                    metadata_directory)
        self.assertTrue(isinstance(project, developer_tool.Project))
        self.assertTrue(project.layout_type == 'repo-like')
        self.assertTrue(project.prefix == '')
        self.assertTrue(project.project_name == project_name)
        self.assertTrue(project.metadata_directory == os.path.join(
            metadata_directory, METADATA_DIRECTORY_NAME))
        self.assertTrue(project.targets_directory == os.path.join(
            metadata_directory, TARGETS_DIRECTORY_NAME))

        # Create a blank project without a valid metadata directory.
        self.assertRaises(securesystemslib.exceptions.FormatError,
                          developer_tool.create_new_project, 0,
                          metadata_directory, location_in_repository)
        self.assertRaises(securesystemslib.exceptions.FormatError,
                          developer_tool.create_new_project, project_name, 0,
                          location_in_repository)
        self.assertRaises(securesystemslib.exceptions.FormatError,
                          developer_tool.create_new_project, project_name,
                          metadata_directory, 0)

        # Create a new project with a flat layout.
        targets_directory = tempfile.mkdtemp(dir=local_tmp)
        metadata_directory = tempfile.mkdtemp(dir=local_tmp)
        project = developer_tool.create_new_project(project_name,
                                                    metadata_directory,
                                                    location_in_repository,
                                                    targets_directory)
        self.assertTrue(isinstance(project, developer_tool.Project))
        self.assertTrue(project.layout_type == 'flat')
        self.assertTrue(project.prefix == location_in_repository)
        self.assertTrue(project.project_name == project_name)
        self.assertTrue(project.metadata_directory == metadata_directory)
        self.assertTrue(project.targets_directory == targets_directory)

        # Finally, check that if targets_directory is set, it is valid.
        self.assertRaises(securesystemslib.exceptions.FormatError,
                          developer_tool.create_new_project, project_name,
                          metadata_directory, location_in_repository, 0)

        # Copy a key to our workspace and create a new project with it.
        keystore_path = os.path.join('repository_data', 'keystore')

        # I will use the same key as the one provided in the repository
        # tool tests for the root role, but this is not a root role...
        root_key_path = os.path.join(keystore_path, 'root_key.pub')
        project_key = developer_tool.import_rsa_publickey_from_file(
            root_key_path)

        # Test create new project with a key added by default.
        project = developer_tool.create_new_project(project_name,
                                                    metadata_directory,
                                                    location_in_repository,
                                                    targets_directory,
                                                    project_key)

        self.assertTrue(isinstance(project, developer_tool.Project))
        self.assertTrue(project.layout_type == 'flat')
        self.assertTrue(project.prefix == location_in_repository)
        self.assertTrue(project.project_name == project_name)
        self.assertTrue(project.metadata_directory == metadata_directory)
        self.assertTrue(project.targets_directory == targets_directory)
        self.assertTrue(len(project.keys) == 1)
        self.assertTrue(project.keys[0] == project_key['keyid'])

        # Try to write to an invalid location.  The OSError should be re-raised by
        # create_new_project().
        shutil.rmtree(targets_directory)
        tuf.roledb.clear_roledb()
        tuf.keydb.clear_keydb()

        metadata_directory = '/'
        valid_metadata_directory_name = developer_tool.METADATA_DIRECTORY_NAME
        developer_tool.METADATA_DIRECTORY_NAME = '/'

        try:
            developer_tool.create_new_project(project_name, metadata_directory,
                                              location_in_repository,
                                              targets_directory, project_key)

        except (OSError, tuf.exceptions.RepositoryError):
            pass

        developer_tool.METADATA_DIRECTORY_NAME = valid_metadata_directory_name
Пример #2
0
  def test_create_new_project(self):
    # Test cases for the create_new_project function. In this test we will
    # check input, correct file creation and format. We also check
    # that a proper object is generated. We will use the normal layout for this
    # test suite.
  
    # Create a local subfolder for this test.
    local_tmp = tempfile.mkdtemp(dir = self.tmp_dir)

    # These are the usual values we will be throwing to the function, however
    # we will swap these for nulls or malformed values every now and then to
    # test input.
    project_name = 'test_suite'
    metadata_directory = local_tmp 
    location_in_repository = '/prefix'
    targets_directory = None 
    key = None

    # Create a blank project.
    project = developer_tool.create_new_project(project_name, metadata_directory, 
        location_in_repository)

    self.assertTrue(isinstance(project, developer_tool.Project))
    self.assertTrue(project.layout_type == 'repo-like')
    self.assertTrue(project._prefix == location_in_repository)
    self.assertTrue(project._project_name == project_name)
    self.assertTrue(project._metadata_directory == 
        os.path.join(metadata_directory,METADATA_DIRECTORY_NAME))
    self.assertTrue(project._targets_directory == 
        os.path.join(metadata_directory,TARGETS_DIRECTORY_NAME))

    # Create a blank project without a prefix.
    project = developer_tool.create_new_project(project_name, metadata_directory)
    self.assertTrue(isinstance(project, developer_tool.Project))
    self.assertTrue(project.layout_type == 'repo-like')
    self.assertTrue(project._prefix == '')
    self.assertTrue(project._project_name == project_name)
    self.assertTrue(project._metadata_directory == 
        os.path.join(metadata_directory,METADATA_DIRECTORY_NAME))
    self.assertTrue(project._targets_directory == 
        os.path.join(metadata_directory,TARGETS_DIRECTORY_NAME))

    # Create a blank project without a valid metadata directory.
    self.assertRaises(tuf.FormatError, developer_tool.create_new_project,
       0, metadata_directory, location_in_repository) 
    self.assertRaises(tuf.FormatError, developer_tool.create_new_project,
       project_name, 0, location_in_repository) 
    self.assertRaises(tuf.FormatError, developer_tool.create_new_project,
       project_name, metadata_directory, 0) 


    # Create a new project with a flat layout.
    targets_directory = tempfile.mkdtemp(dir = local_tmp)
    metadata_directory = tempfile.mkdtemp(dir = local_tmp)
    project = developer_tool.create_new_project(project_name, metadata_directory,
        location_in_repository, targets_directory)
    self.assertTrue(isinstance(project, developer_tool.Project))
    self.assertTrue(project.layout_type == 'flat')
    self.assertTrue(project._prefix == location_in_repository)
    self.assertTrue(project._project_name == project_name)
    self.assertTrue(project._metadata_directory == metadata_directory)
    self.assertTrue(project._targets_directory == targets_directory)

    # Finally, check that if targets_directory is set, it is valid.
    self.assertRaises(tuf.FormatError, developer_tool.create_new_project,
        project_name, metadata_directory, location_in_repository, 0)
   
    # Copy a key to our workspace and create a new project with it.
    keystore_path = os.path.join('repository_data','keystore')

    # I will use the same key as the one provided in the repository
    # tool tests for the root role, but this is not a root role...
    root_key_path = os.path.join(keystore_path,'root_key.pub')
    project_key = developer_tool.import_rsa_publickey_from_file(root_key_path)

    # Test create new project with a key added by default.
    project = developer_tool.create_new_project(project_name, metadata_directory,
        location_in_repository, targets_directory, project_key)
    
    self.assertTrue(isinstance(project, developer_tool.Project))
    self.assertTrue(project.layout_type == 'flat')
    self.assertTrue(project._prefix == location_in_repository)
    self.assertTrue(project._project_name == project_name)
    self.assertTrue(project._metadata_directory == metadata_directory)
    self.assertTrue(project._targets_directory == targets_directory)
    self.assertTrue(len(project.keys) == 1)
    self.assertTrue(project.keys[0] == project_key['keyid'])

    # Set as readonly and try to write a repo.
    shutil.rmtree(targets_directory)
    os.chmod(local_tmp, 0o0555)

    tuf.roledb.clear_roledb()
    tuf.keydb.clear_keydb()
    self.assertRaises(OSError, developer_tool.create_new_project ,project_name,
        metadata_directory, location_in_repository, targets_directory,
        project_key)

    os.chmod(local_tmp, 0o0777)

    shutil.rmtree(metadata_directory)
    os.chmod(local_tmp, 0o0555)

    tuf.roledb.clear_roledb()
    tuf.keydb.clear_keydb()
    self.assertRaises(OSError, developer_tool.create_new_project ,project_name,
        metadata_directory, location_in_repository, targets_directory,
        project_key)


    os.chmod(local_tmp, 0o0777)
    shutil.rmtree(local_tmp)
Пример #3
0
    def test_write(self):

        # Create tmp directory.
        local_tmp = tempfile.mkdtemp(dir=self.tmp_dir)

        # Create new project inside tmp directory.
        project = developer_tool.create_new_project('new_project', local_tmp,
                                                    'prefix')

        # Create some target files inside the tmp directory.
        target_filepath = os.path.join(local_tmp, 'targets', 'test_target')
        with open(target_filepath, 'wt') as fp:
            fp.write('testing file')

        # Add the targets.
        project.add_target(os.path.basename(target_filepath))

        # Add verification keys.
        keystore_path = os.path.join('repository_data', 'keystore')
        project_key_path = os.path.join(keystore_path, 'root_key.pub')
        project_key = \
          developer_tool.import_rsa_publickey_from_file(project_key_path)

        # Call status (for the sake of doing it and to improve test coverage by
        # executing its statements.)
        project.status()

        project.add_verification_key(project_key)

        # Add another verification key (should expect exception.)
        delegation_key_path = os.path.join(keystore_path, 'snapshot_key.pub')
        delegation_key = \
          developer_tool.import_ed25519_publickey_from_file(delegation_key_path)

        # Add a subdelegation.
        subdelegation_key_path = os.path.join(keystore_path,
                                              'timestamp_key.pub')
        subdelegation_key = \
            developer_tool.import_ed25519_publickey_from_file(subdelegation_key_path)

        # Add a delegation.
        project.delegate('delegation', [delegation_key], [])
        project('delegation').delegate('subdelegation', [subdelegation_key],
                                       [])

        # call write (except)
        self.assertRaises(securesystemslib.exceptions.Error, project.write, ())

        # Call status (for the sake of doing it and executing its statements.)
        project.status()

        # Load private keys.
        project_private_key_path = os.path.join(keystore_path, 'root_key')
        project_private_key = \
            developer_tool.import_rsa_privatekey_from_file(project_private_key_path,
                'password')

        delegation_private_key_path = os.path.join(keystore_path,
                                                   'snapshot_key')
        delegation_private_key = \
            developer_tool.import_ed25519_privatekey_from_file(delegation_private_key_path,
                'password')

        subdelegation_private_key_path =  \
            os.path.join(keystore_path, 'timestamp_key')
        subdelegation_private_key = \
            developer_tool.import_ed25519_privatekey_from_file(subdelegation_private_key_path,
                'password')

        # Test partial write.
        # backup everything (again)
        # + backup targets.
        targets_backup = project.target_files

        # + backup delegations.
        delegations_backup = \
            tuf.roledb.get_delegated_rolenames(project.project_name)

        # + backup layout type.
        layout_type_backup = project.layout_type

        # + backup keyids.
        keys_backup = project.keys
        delegation_keys_backup = project('delegation').keys

        # + backup the prefix.
        prefix_backup = project.prefix

        # + backup the name.
        name_backup = project.project_name

        # Write and reload.
        self.assertRaises(securesystemslib.exceptions.Error, project.write)
        project.write(write_partial=True)

        project = developer_tool.load_project(local_tmp)

        # Check against backup.
        self.assertEqual(list(project.target_files.keys()),
                         list(targets_backup.keys()))
        new_delegations = tuf.roledb.get_delegated_rolenames(
            project.project_name)
        self.assertEqual(new_delegations, delegations_backup)
        self.assertEqual(project.layout_type, layout_type_backup)
        self.assertEqual(project.keys, keys_backup)

        self.assertEqual(project('delegation').keys, delegation_keys_backup)

        self.assertEqual(project.prefix, prefix_backup)
        self.assertEqual(project.project_name, name_backup)

        roleinfo = tuf.roledb.get_roleinfo(project.project_name)

        self.assertEqual(roleinfo['partial_loaded'], True)

        # Load_signing_keys.
        project('delegation').load_signing_key(delegation_private_key)

        project.status()

        project.load_signing_key(project_private_key)

        # Backup everything.
        # + backup targets.
        targets_backup = project.target_files

        # + backup delegations.
        delegations_backup = \
            tuf.roledb.get_delegated_rolenames(project.project_name)

        # + backup layout type.
        layout_type_backup = project.layout_type

        # + backup keyids
        keys_backup = project.keys
        delegation_keys_backup = project('delegation').keys

        # + backup the prefix.
        prefix_backup = project.prefix

        # + backup the name.
        name_backup = project.project_name

        # Call status (for the sake of doing it.)
        project.status()

        # Call write.
        project.write()

        # Call load.
        project = developer_tool.load_project(local_tmp)

        # Check against backup.
        self.assertEqual(list(project.target_files.keys()),
                         list(targets_backup.keys()))

        new_delegations = tuf.roledb.get_delegated_rolenames(
            project.project_name)
        self.assertEqual(new_delegations, delegations_backup)
        self.assertEqual(project.layout_type, layout_type_backup)
        self.assertEqual(project.keys, keys_backup)
        self.assertEqual(project('delegation').keys, delegation_keys_backup)
        self.assertEqual(project.prefix, prefix_backup)
        self.assertEqual(project.project_name, name_backup)
Пример #4
0
  def test_write(self):

    # Create tmp directory.
    local_tmp = tempfile.mkdtemp(dir=self.tmp_dir)

    # Create new project inside tmp directory.
    project = developer_tool.create_new_project('test_write', local_tmp, 
        'prefix');

    # Create some target files inside the tmp directory.
    target_filepath = os.path.join(local_tmp, 'targets', 'test_target')
    with open(target_filepath, 'wt') as fp:
      fp.write('testing file')
    

    # Add the targets.
    project.add_target(target_filepath)

    # Add verification keys.
    keystore_path = os.path.join('repository_data', 'keystore')
    project_key_path = os.path.join(keystore_path, 'root_key.pub')
    project_key = \
      developer_tool.import_rsa_publickey_from_file(project_key_path)


    # Call status (for the sake of doing it and to improve test coverage by 
    # executing its statements.)
    project.status()
  
    project.add_verification_key(project_key)


    # Add another verification key (should expect exception.)
    delegation_key_path = os.path.join(keystore_path, 'snapshot_key.pub')
    delegation_key = \
      developer_tool.import_rsa_publickey_from_file(delegation_key_path)

    # Add a subdelegation.
    subdelegation_key_path = os.path.join(keystore_path, 'timestamp_key.pub')
    subdelegation_key = \
        developer_tool.import_rsa_publickey_from_file(subdelegation_key_path)
    
    # Add a delegation.
    project.delegate('delegation', [delegation_key], [])
    project('delegation').delegate('subdelegation', [subdelegation_key], [])

    # call write (except)
    self.assertRaises(tuf.Error, project.write, ())

    # Call status (for the sake of doing it and executing its statements.)
    project.status()
  
    # Load private keys.
    project_private_key_path = os.path.join(keystore_path, 'root_key')
    project_private_key = \
        developer_tool.import_rsa_privatekey_from_file(project_private_key_path,
            'password')

    delegation_private_key_path = os.path.join(keystore_path, 'snapshot_key')
    delegation_private_key = \
        developer_tool.import_rsa_privatekey_from_file(delegation_private_key_path,
            'password')

    subdelegation_private_key_path =  \
        os.path.join(keystore_path, 'timestamp_key')
    subdelegation_private_key = \
        developer_tool.import_rsa_privatekey_from_file(subdelegation_private_key_path,
            'password')

    # Test partial write.
    # backup everything (again)
    # + backup targets.
    targets_backup = project.target_files

    # + backup delegations.
    delegations_backup = \
        tuf.roledb.get_delegated_rolenames(project._project_name)

    # + backup layout type.
    layout_type_backup = project.layout_type

    # + backup keyids.
    keys_backup = project.keys
    delegation_keys_backup = project('delegation').keys

    # + backup the prefix.
    prefix_backup = project._prefix
    
    # + backup the name. 
    name_backup = project._project_name
 
    # Set the compressions.  We will be checking this part here too.
    project.compressions = ['gz']
    project('delegation').compressions = project.compressions

    # Write and reload.
    self.assertRaises(tuf.Error, project.write)
    project.write(write_partial=True)

    project = developer_tool.load_project(local_tmp)

    # Check against backup.
    self.assertEqual(list(project.target_files.keys()), list(targets_backup.keys()))
    new_delegations = tuf.roledb.get_delegated_rolenames(project._project_name)
    self.assertEqual(new_delegations, delegations_backup)
    self.assertEqual(project.layout_type, layout_type_backup)
    self.assertEqual(project.keys, keys_backup)
    self.assertEqual(project('delegation').keys, delegation_keys_backup)
    self.assertEqual(project._prefix, prefix_backup)
    self.assertEqual(project._project_name, name_backup)

    

    roleinfo = tuf.roledb.get_roleinfo(project._project_name)

    self.assertEqual(roleinfo['partial_loaded'], True)



    # Load_signing_keys.
    project('delegation').load_signing_key(delegation_private_key)

    project.status()

    project('delegation')('subdelegation').load_signing_key(
        subdelegation_private_key)

    project.status()

    project.load_signing_key(project_private_key)

    # Backup everything.
    # + backup targets.
    targets_backup = project.target_files

    # + backup delegations.
    delegations_backup = \
        tuf.roledb.get_delegated_rolenames(project._project_name)

    # + backup layout type.
    layout_type_backup = project.layout_type

    # + backup keyids
    keys_backup = project.keys
    delegation_keys_backup = project('delegation').keys

    # + backup the prefix.
    prefix_backup = project._prefix
    
    # + backup the name.
    name_backup = project._project_name

    # Call status (for the sake of doing it.)
    project.status()

    # Call write.
    project.write()

    # Call load.
    project = developer_tool.load_project(local_tmp)


    # Check against backup.
    self.assertEqual(list(project.target_files.keys()), list(targets_backup.keys()))

    new_delegations = tuf.roledb.get_delegated_rolenames(project._project_name)
    self.assertEqual(new_delegations, delegations_backup)
    self.assertEqual(project.layout_type, layout_type_backup)
    self.assertEqual(project.keys, keys_backup)
    self.assertEqual(project('delegation').keys, delegation_keys_backup)
    self.assertEqual(project._prefix, prefix_backup)
    self.assertEqual(project._project_name, name_backup)