def _sign_and_write(meta, fuzzy_keys, filename, options): """Sign metadata and write it to a file. Overwrites the original file. If any of the keyids have already signed the file, the old signatures of those keyids will be replaced. """ keystore = _get_keystore(options) meta = signerlib.sign_meta(meta, fuzzy_keys, keystore) signerlib.write_metadata_file(meta, filename)
def _remake_timestamp(metadata_dir, keyids): """Create timestamp metadata object. Modify expiration date. Sign and write the metadata. """ global version version = version + 1 expiration_date = tuf.formats.format_time(time.time() + EXPIRATION) release_filepath = os.path.join(metadata_dir, 'release.txt') timestamp_filepath = os.path.join(metadata_dir, 'timestamp.txt') timestamp_metadata = signerlib.generate_timestamp_metadata( release_filepath, version, expiration_date) signable = \ signerlib.sign_metadata(timestamp_metadata, keyids, timestamp_filepath) signerlib.write_metadata_file(signable, timestamp_filepath)
def _remake_timestamp(metadata_dir, keyids): """Create timestamp metadata object. Modify expiration date. Sign and write the metadata. """ global version version = version+1 expiration_date = tuf.formats.format_time(time.time()+EXPIRATION) release_filepath = os.path.join(metadata_dir, 'release.txt') timestamp_filepath = os.path.join(metadata_dir, 'timestamp.txt') timestamp_metadata = signerlib.generate_timestamp_metadata(release_filepath, version, expiration_date) signable = \ signerlib.sign_metadata(timestamp_metadata, keyids, timestamp_filepath) signerlib.write_metadata_file(signable, timestamp_filepath)
def build_targets_txt(target_root, fuzzy_keys, key_db, server_root): server_root = os.path.abspath(server_root) target_root = os.path.abspath(target_root) logger.info(target_root) metadata_root = os.path.join(server_root, "meta") cwd = os.getcwd() os.chdir(server_root) server_root_length = len(server_root) # get the list of targets targets = [] for root, dirs, files in walk(target_root): for target_file in files: targets.append(os.path.join(root, target_file)[server_root_length+1:]) # feed it to signerlib targets_meta = signerlib.generate_targets_meta(targets) # sign it signed = signerlib.sign_meta(targets_meta, fuzzy_keys, key_db) # write it signerlib.write_metadata_file(signed, metadata_root + pathsep + "targets.txt") os.chdir(cwd)
def test_1_write_metadata_file(self): # SETUP # Create temp directory to be prevent any relative path discrepancies. meta_dir = self.make_temp_directory() # Create a temp file to store 'metadata' info in. meta_file = self.make_temp_file(directory=meta_dir) # Use valid input for json obj. signable_dict = {'signatures':[], 'signed':{'role':'info'}} # TESTS # Test: normal case. try: signerlib.write_metadata_file(signable_dict, meta_file) except Exception, e: raise
def test_1_write_metadata_file(self): # SETUP # Create temp directory to be prevent any relative path discrepancies. meta_dir = self.make_temp_directory() # Create a temp file to store 'metadata' info in. meta_file = self.make_temp_file(directory=meta_dir) # Use valid input for json obj. signable_dict = {'signatures':[], 'signed':{'role':'info'}} # TESTS # Test: normal case. signerlib.write_metadata_file(signable_dict, meta_file) # Extract the content of the temp file. stored_signable_dict = tuf.util.load_json_file(meta_file) # Check if object stored in the file corresponds to SIGNABLE_SCHEMA. self.assertTrue(formats.SIGNABLE_SCHEMA.matches(stored_signable_dict)) # Does original dictionary 'signable_dict' matches dictionary retrieved # from the file - 'stored_signable_dict'? self.assertEqual(signable_dict, stored_signable_dict) # Test: Incorrect arguments. self.assertRaises(tuf.FormatError, signerlib.write_metadata_file,'','') self.assertRaises(tuf.FormatError, signerlib.write_metadata_file, [self.random_string()], meta_file) self.assertRaises(tuf.FormatError, signerlib.write_metadata_file, signable_dict, [self.random_string()]) self.assertRaises(tuf.Error, signerlib.write_metadata_file, signable_dict, self.random_path()) self.assertRaises(tuf.FormatError, signerlib.write_metadata_file, {self.random_string(): self.random_string()}, self.random_path())
def build_timestamp_txt(fuzzy_keys, key_db, metadata_root): release_path = metadata_root + pathsep + "release.txt" timestamp_meta = signerlib.generate_timestamp_meta(release_path) signed = signerlib.sign_meta(timestamp_meta, fuzzy_keys, key_db) signerlib.write_metadata_file(signed, metadata_root + pathsep + "timestamp.txt")
def build_release_txt(fuzzy_keys, key_db, metadata_root): release_meta = signerlib.generate_release_meta(metadata_root) signed = signerlib.sign_meta(release_meta, fuzzy_keys, key_db) signerlib.write_metadata_file(signed, metadata_root + pathsep + "release.txt")
def build_root_txt(location, fuzzy_keys, key_db, metadata_root): root_meta = signerlib.generate_root_meta(location, key_db) signed = signerlib.sign_meta(root_meta, fuzzy_keys, key_db) signerlib.write_metadata_file(signed, metadata_root + pathsep + "root.txt")