Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support DSSE in Metadata API #2246

Closed
wants to merge 11 commits into from
Closed

Support DSSE in Metadata API #2246

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
26cbe9d
tox: Use --force-reinstall with sslib master
jku Nov 3, 2022
640b199
metadata API: Refactor exception imports
jku Dec 1, 2022
9c5b566
Metadata API: Remove Key, import it from Seuresystemslib
jku Dec 1, 2022
987d454
tests, examples: Stop using Key constructors
jku Dec 1, 2022
5b4ec75
tests: Fix tests for Key.verify_signature()
jku Dec 1, 2022
09b1af2
Metadata API: Fix verify_delegate for new Key API
jku Dec 1, 2022
b2d28ff
tests: Remove unnecessary ignores
jku Dec 1, 2022
b818a15
tests: Remove unnecessary type ignores
lukpueh Dec 22, 2022
7319f29
Metadata API: use securesystemslib serialization
lukpueh Dec 22, 2022
9beb8a3
Metadata API: add dsse support
lukpueh Dec 22, 2022
2bc97c4
tests: add dsse smoke test
lukpueh Dec 22, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 5 additions & 6 deletions examples/repo_example/basic_repo.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,13 +27,12 @@
from typing import Any, Dict

from securesystemslib.keys import generate_ed25519_key
from securesystemslib.signer import SSlibSigner
from securesystemslib.signer import SSlibKey, SSlibSigner

from tuf.api.metadata import (
SPECIFICATION_VERSION,
DelegatedRole,
Delegations,
Key,
Metadata,
MetaFile,
Root,
Expand Down Expand Up @@ -157,7 +156,7 @@ def _in(days: float) -> datetime:
for name in ["targets", "snapshot", "timestamp", "root"]:
keys[name] = generate_ed25519_key()
roles["root"].signed.add_key(
Key.from_securesystemslib_key(keys[name]), name
SSlibKey.from_securesystemslib_key(keys[name]), name
)

# NOTE: We only need the public part to populate root, so it is possible to use
Expand All @@ -173,7 +172,7 @@ def _in(days: float) -> datetime:
# required signature threshold.
another_root_key = generate_ed25519_key()
roles["root"].signed.add_key(
Key.from_securesystemslib_key(another_root_key), "root"
SSlibKey.from_securesystemslib_key(another_root_key), "root"
)
roles["root"].signed.roles["root"].threshold = 2

Expand Down Expand Up @@ -271,7 +270,7 @@ def _in(days: float) -> datetime:
# https://theupdateframework.github.io/specification/latest/#delegations
roles["targets"].signed.delegations = Delegations(
keys={
keys[delegatee_name]["keyid"]: Key.from_securesystemslib_key(
keys[delegatee_name]["keyid"]: SSlibKey.from_securesystemslib_key(
keys[delegatee_name]
)
},
Expand Down Expand Up @@ -345,7 +344,7 @@ def _in(days: float) -> datetime:

roles["root"].signed.revoke_key(keys["root"]["keyid"], "root")
roles["root"].signed.add_key(
Key.from_securesystemslib_key(new_root_key), "root"
SSlibKey.from_securesystemslib_key(new_root_key), "root"
)
roles["root"].signed.version += 1

Expand Down
5 changes: 2 additions & 3 deletions examples/repo_example/hashed_bin_delegation.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,11 @@
from typing import Any, Dict, Iterator, List, Tuple

from securesystemslib.keys import generate_ed25519_key
from securesystemslib.signer import SSlibSigner
from securesystemslib.signer import SSlibKey, SSlibSigner

from tuf.api.metadata import (
DelegatedRole,
Delegations,
Key,
Metadata,
TargetFile,
Targets,
Expand Down Expand Up @@ -146,7 +145,7 @@ def find_hash_bin(path: str) -> str:
# Create preliminary delegating targets role (bins) and add public key for
# delegated targets (bin_n) to key store. Delegation details are update below.
roles["bins"] = Metadata(Targets(expires=_in(365)))
bin_n_key = Key.from_securesystemslib_key(keys["bin-n"])
bin_n_key = SSlibKey.from_securesystemslib_key(keys["bin-n"])
roles["bins"].signed.delegations = Delegations(
keys={bin_n_key.keyid: bin_n_key},
roles={},
Expand Down
4 changes: 2 additions & 2 deletions examples/repo_example/succinct_hash_bin_delegations.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
from typing import Dict, Tuple

from securesystemslib.keys import generate_ed25519_key
from securesystemslib.signer import SSlibSigner
from securesystemslib.signer import SSlibKey, SSlibSigner

from tuf.api.metadata import (
Delegations,
Expand Down Expand Up @@ -82,7 +82,7 @@
def create_key() -> Tuple[Key, SSlibSigner]:
"""Generates a new Key and Signer."""
sslib_key = generate_ed25519_key()
return Key.from_securesystemslib_key(sslib_key), SSlibSigner(sslib_key)
return SSlibKey.from_securesystemslib_key(sslib_key), SSlibSigner(sslib_key)


# Create one signing key for all bins, and one for the delegating targets role.
Expand Down
4 changes: 2 additions & 2 deletions tests/generated_data/generate_md.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
from datetime import datetime
from typing import Dict, List, Optional

from securesystemslib.signer import SSlibSigner
from securesystemslib.signer import SSlibKey, SSlibSigner

from tests import utils
from tuf.api.metadata import Key, Metadata, Root, Snapshot, Targets, Timestamp
Expand Down Expand Up @@ -36,7 +36,7 @@

keys: Dict[str, Key] = {}
for index in range(4):
keys[f"ed25519_{index}"] = Key.from_securesystemslib_key(
keys[f"ed25519_{index}"] = SSlibKey.from_securesystemslib_key(
{
"keytype": "ed25519",
"scheme": "ed25519",
Expand Down
6 changes: 3 additions & 3 deletions tests/repository_simulator.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@

import securesystemslib.hash as sslib_hash
from securesystemslib.keys import generate_ed25519_key
from securesystemslib.signer import SSlibSigner
from securesystemslib.signer import SSlibKey, SSlibSigner

from tuf.api.exceptions import DownloadHTTPError
from tuf.api.metadata import (
Expand Down Expand Up @@ -156,8 +156,8 @@ def all_targets(self) -> Iterator[Tuple[str, Targets]]:

@staticmethod
def create_key() -> Tuple[Key, SSlibSigner]:
sslib_key = generate_ed25519_key()
return Key.from_securesystemslib_key(sslib_key), SSlibSigner(sslib_key)
key = generate_ed25519_key()
return SSlibKey.from_securesystemslib_key(key), SSlibSigner(key)

def add_signer(self, role: str, signer: SSlibSigner) -> None:
if role not in self.signers:
Expand Down
Loading