def _sign_and_write(meta, fuzzy_keys, filename, options):
"""Sign metadata and write it to a file. Overwrites the original file.
If any of the keyids have already signed the file, the old signatures
of those keyids will be replaced.
"""
keystore = _get_keystore(options)
meta = signerlib.sign_meta(meta, fuzzy_keys, keystore)
signerlib.write_metadata_file(meta, filename)
def _sign_and_write(meta, fuzzy_keys, filename, options):
"""Sign metadata and write it to a file. Overwrites the original file.
If any of the keyids have already signed the file, the old signatures
of those keyids will be replaced.
"""
keystore = _get_keystore(options)
meta = signerlib.sign_meta(meta, fuzzy_keys, keystore)
signerlib.write_metadata_file(meta, filename)
def _remake_timestamp(metadata_dir, keyids):
"""Create timestamp metadata object. Modify expiration date. Sign and
write the metadata.
"""
global version
version = version + 1
expiration_date = tuf.formats.format_time(time.time() + EXPIRATION)
release_filepath = os.path.join(metadata_dir, 'release.txt')
timestamp_filepath = os.path.join(metadata_dir, 'timestamp.txt')
timestamp_metadata = signerlib.generate_timestamp_metadata(
release_filepath, version, expiration_date)
signable = \
signerlib.sign_metadata(timestamp_metadata, keyids, timestamp_filepath)
signerlib.write_metadata_file(signable, timestamp_filepath)
def _remake_timestamp(metadata_dir, keyids):
"""Create timestamp metadata object. Modify expiration date. Sign and
write the metadata.
"""
global version
version = version+1
expiration_date = tuf.formats.format_time(time.time()+EXPIRATION)
release_filepath = os.path.join(metadata_dir, 'release.txt')
timestamp_filepath = os.path.join(metadata_dir, 'timestamp.txt')
timestamp_metadata = signerlib.generate_timestamp_metadata(release_filepath,
version,
expiration_date)
signable = \
signerlib.sign_metadata(timestamp_metadata, keyids, timestamp_filepath)
signerlib.write_metadata_file(signable, timestamp_filepath)
def build_targets_txt(target_root, fuzzy_keys, key_db, server_root): server_root = os.path.abspath(server_root) target_root = os.path.abspath(target_root) logger.info(target_root) metadata_root = os.path.join(server_root, "meta") cwd = os.getcwd() os.chdir(server_root) server_root_length = len(server_root) # get the list of targets targets = [] for root, dirs, files in walk(target_root): for target_file in files: targets.append(os.path.join(root, target_file)[server_root_length+1:]) # feed it to signerlib targets_meta = signerlib.generate_targets_meta(targets) # sign it signed = signerlib.sign_meta(targets_meta, fuzzy_keys, key_db) # write it signerlib.write_metadata_file(signed, metadata_root + pathsep + "targets.txt") os.chdir(cwd)
def test_1_write_metadata_file(self):
# SETUP
# Create temp directory to be prevent any relative path discrepancies.
meta_dir = self.make_temp_directory()
# Create a temp file to store 'metadata' info in.
meta_file = self.make_temp_file(directory=meta_dir)
# Use valid input for json obj.
signable_dict = {'signatures':[], 'signed':{'role':'info'}}
# TESTS
# Test: normal case.
try:
signerlib.write_metadata_file(signable_dict, meta_file)
except Exception, e:
raise
def test_1_write_metadata_file(self):
# SETUP
# Create temp directory to be prevent any relative path discrepancies.
meta_dir = self.make_temp_directory()
# Create a temp file to store 'metadata' info in.
meta_file = self.make_temp_file(directory=meta_dir)
# Use valid input for json obj.
signable_dict = {'signatures':[], 'signed':{'role':'info'}}
# TESTS
# Test: normal case.
signerlib.write_metadata_file(signable_dict, meta_file)
# Extract the content of the temp file.
stored_signable_dict = tuf.util.load_json_file(meta_file)
# Check if object stored in the file corresponds to SIGNABLE_SCHEMA.
self.assertTrue(formats.SIGNABLE_SCHEMA.matches(stored_signable_dict))
# Does original dictionary 'signable_dict' matches dictionary retrieved
# from the file - 'stored_signable_dict'?
self.assertEqual(signable_dict, stored_signable_dict)
# Test: Incorrect arguments.
self.assertRaises(tuf.FormatError, signerlib.write_metadata_file,'','')
self.assertRaises(tuf.FormatError, signerlib.write_metadata_file,
[self.random_string()], meta_file)
self.assertRaises(tuf.FormatError, signerlib.write_metadata_file,
signable_dict, [self.random_string()])
self.assertRaises(tuf.Error, signerlib.write_metadata_file, signable_dict,
self.random_path())
self.assertRaises(tuf.FormatError, signerlib.write_metadata_file,
{self.random_string(): self.random_string()},
self.random_path())
def test_1_write_metadata_file(self):
# SETUP
# Create temp directory to be prevent any relative path discrepancies.
meta_dir = self.make_temp_directory()
# Create a temp file to store 'metadata' info in.
meta_file = self.make_temp_file(directory=meta_dir)
# Use valid input for json obj.
signable_dict = {'signatures':[], 'signed':{'role':'info'}}
# TESTS
# Test: normal case.
signerlib.write_metadata_file(signable_dict, meta_file)
# Extract the content of the temp file.
stored_signable_dict = tuf.util.load_json_file(meta_file)
# Check if object stored in the file corresponds to SIGNABLE_SCHEMA.
self.assertTrue(formats.SIGNABLE_SCHEMA.matches(stored_signable_dict))
# Does original dictionary 'signable_dict' matches dictionary retrieved
# from the file - 'stored_signable_dict'?
self.assertEqual(signable_dict, stored_signable_dict)
# Test: Incorrect arguments.
self.assertRaises(tuf.FormatError, signerlib.write_metadata_file,'','')
self.assertRaises(tuf.FormatError, signerlib.write_metadata_file,
[self.random_string()], meta_file)
self.assertRaises(tuf.FormatError, signerlib.write_metadata_file,
signable_dict, [self.random_string()])
self.assertRaises(tuf.Error, signerlib.write_metadata_file, signable_dict,
self.random_path())
self.assertRaises(tuf.FormatError, signerlib.write_metadata_file,
{self.random_string(): self.random_string()},
self.random_path())
def build_timestamp_txt(fuzzy_keys, key_db, metadata_root): release_path = metadata_root + pathsep + "release.txt" timestamp_meta = signerlib.generate_timestamp_meta(release_path) signed = signerlib.sign_meta(timestamp_meta, fuzzy_keys, key_db) signerlib.write_metadata_file(signed, metadata_root + pathsep + "timestamp.txt")
def build_release_txt(fuzzy_keys, key_db, metadata_root): release_meta = signerlib.generate_release_meta(metadata_root) signed = signerlib.sign_meta(release_meta, fuzzy_keys, key_db) signerlib.write_metadata_file(signed, metadata_root + pathsep + "release.txt")
def build_root_txt(location, fuzzy_keys, key_db, metadata_root): root_meta = signerlib.generate_root_meta(location, key_db) signed = signerlib.sign_meta(root_meta, fuzzy_keys, key_db) signerlib.write_metadata_file(signed, metadata_root + pathsep + "root.txt")
