Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
python-tuf/tuf/api/serialization/json.py

89 lines
2.8 KiB
Python
Raw Normal View History

Add SPDX style license and copyright boilerplate Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-04 15:25:36 +00:00
# Copyright New York University and the TUF contributors
# SPDX-License-Identifier: MIT OR Apache-2.0
Metadata API: Improve serialization docs Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2021-09-23 14:19:05 +00:00
"""``tuf.api.serialization.json`` module provides concrete implementations to
serialize and deserialize TUF role metadata to and from the JSON wireline
format for transportation, and to serialize the 'signed' part of TUF role
metadata to the OLPC Canonical JSON format for signature generation and
verification.
Add concrete de/serializer implementations Add serializer.json module with implementations to serialize and deserialize TUF role metadata to and from the JSON wireline format for transportation, and to serialize the 'signed' part of TUF role metadata to the OLPC Canonical JSON format for signature generation and verification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-08 16:32:06 +00:00
"""
Metadata API: Improve serialization docs Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2021-09-23 14:19:05 +00:00
Add concrete de/serializer implementations Add serializer.json module with implementations to serialize and deserialize TUF role metadata to and from the JSON wireline format for transportation, and to serialize the 'signed' part of TUF role metadata to the OLPC Canonical JSON format for signature generation and verification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-08 16:32:06 +00:00
import json
from securesystemslib.formats import encode_canonical
Adopt serialization sub-package in metadata API - Rename Metadata methods: - to_json_file -> to_file - from_json_file -> from_file - Remove Metadata.from_json/to_json - Remove Signed.to_canonical_bytes - Accept optional de/serializer arguments: - from_file (default: JSONDeserializer) - to_file (default: JSONSerializer) - sign, verify (default: CanonicalJSONSerializer) - inline disable pylint cyclic-import checks Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-04 09:51:45 +00:00
# pylint: disable=cyclic-import
Re-word serialization cyclic import code comments - Try to clarify purpose and remove unimportant TODO note - Use pylint block-level control for shorter lines, see http://pylint.pycqa.org/en/latest/user_guide/message-control.html#block-disables Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-04 15:31:36 +00:00
# ... to allow de/serializing Metadata and Signed objects here, while also
# creating default de/serializers there (see metadata local scope imports).
# NOTE: A less desirable alternative would be to add more abstraction layers.
Add concrete de/serializer implementations Add serializer.json module with implementations to serialize and deserialize TUF role metadata to and from the JSON wireline format for transportation, and to serialize the 'signed' part of TUF role metadata to the OLPC Canonical JSON format for signature generation and verification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-08 16:32:06 +00:00
from tuf.api.metadata import Metadata, Signed
Re-format tuf/api/* using black and isort Use black and isort to reformat new code in tuf/api/*, like so: ``` black --line-length 80 api isort --line-length 80 --profile black api ``` Besides downsizing the default line length to fit our Code Style Guide no extra configuration is required. Unified format according to black and isort will be enforced by CI/CD in a future commit. **Changes include:** - Use double quotes instead of single quotes where feasible - Re-wrap and re-indent long lines such as dict literals, function signatures and function calls, using hanging indent This will require an update in our Code Style Guide, which the benefits of using black seem worth. https://github.com/secure-systems-lab/code-style-guidelines/blob/master/python.md#indentation-and-line-continuation - Update vertical and horizontal spacing - Sort and wrap imports See black and isort docs for details: https://black.readthedocs.io/en/stable/the_black_code_style.html https://pycqa.github.io/isort/docs/configuration/black_compatibility/ NOTE: If desired I can split commits by change and/or configure git for this repo to ignore the corresponding revision(s) in git-blame. https://github.com/psf/black#migrating-your-code-style-without-ruining-git-blame Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-11 17:00:19 +00:00
from tuf.api.serialization import (
DeserializationError,
MetadataDeserializer,
MetadataSerializer,
SerializationError,
SignedSerializer,
)
Add concrete de/serializer implementations Add serializer.json module with implementations to serialize and deserialize TUF role metadata to and from the JSON wireline format for transportation, and to serialize the 'signed' part of TUF role metadata to the OLPC Canonical JSON format for signature generation and verification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-08 16:32:06 +00:00
class JSONDeserializer(MetadataDeserializer):
Fix black docstring indentation errors Black was updated from 20.8b1 to 21.4b0 requiring that one-line docstring don't add additional space before the closing quotes. Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2021-04-27 11:08:24 +00:00
"""Provides JSON to Metadata deserialize method."""
Add concrete de/serializer implementations Add serializer.json module with implementations to serialize and deserialize TUF role metadata to and from the JSON wireline format for transportation, and to serialize the 'signed' part of TUF role metadata to the OLPC Canonical JSON format for signature generation and verification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-08 16:32:06 +00:00
def deserialize(self, raw_data: bytes) -> Metadata:
Fix black docstring indentation errors Black was updated from 20.8b1 to 21.4b0 requiring that one-line docstring don't add additional space before the closing quotes. Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2021-04-27 11:08:24 +00:00
"""Deserialize utf-8 encoded JSON bytes into Metadata object."""
Use custom errors in serializer.json sub-package Re-raise all errors that happen during de/serialization as custom De/SerializationError. Whilelist 'e', which is idiomatic for error, in api/pylintrc, and inline exempt broad-except, which are okay if re-raised. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-09 14:36:49 +00:00
try:
Rename a few variables in tuf.api - Rename _dict to json_dict to avoid wrong semantics of leading underscore. (leading underscore was initially chosen to avoid name shadowing) - Rename 'serializer' argument of type 'SignedSerializer' to 'signed_serializer', to distinguish from 'serializer' argument of type 'MetadataSerializer'. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-05 10:46:00 +00:00
json_dict = json.loads(raw_data.decode("utf-8"))
Fix inconsistent returns in json serializers Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-05 11:54:31 +00:00
metadata_obj = Metadata.from_dict(json_dict)
Use custom errors in serializer.json sub-package Re-raise all errors that happen during de/serialization as custom De/SerializationError. Whilelist 'e', which is idiomatic for error, in api/pylintrc, and inline exempt broad-except, which are okay if re-raised. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-09 14:36:49 +00:00
Remove disable=broad-except The pylint warning W0703:broad-except was raised only when six was used and python 2 was still supported. The warning is no longer raised, the exceptions are handled/raised correctly and the disabling can be removed. Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
2021-09-01 14:37:03 +00:00
except Exception as e:
Remove py2 compat from api.serialization package tuf.api is not designed for Python 2 compatibility. This commit removes the following stray compatibility constructs in its serialization subpackage: - '__metaclass__ = abc.ABCMeta' - six.raise_from Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-09 16:27:39 +00:00
raise DeserializationError from e
Add concrete de/serializer implementations Add serializer.json module with implementations to serialize and deserialize TUF role metadata to and from the JSON wireline format for transportation, and to serialize the 'signed' part of TUF role metadata to the OLPC Canonical JSON format for signature generation and verification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-08 16:32:06 +00:00
Fix inconsistent returns in json serializers Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-05 11:54:31 +00:00
return metadata_obj
Add concrete de/serializer implementations Add serializer.json module with implementations to serialize and deserialize TUF role metadata to and from the JSON wireline format for transportation, and to serialize the 'signed' part of TUF role metadata to the OLPC Canonical JSON format for signature generation and verification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-08 16:32:06 +00:00
class JSONSerializer(MetadataSerializer):
Re-word api.serializer.json docstrings - Make class docstrings wording consistent. - Emphasize that we use the OLPC Canonical JSON specification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-09 16:35:08 +00:00
"""Provides Metadata to JSON serialize method.
Add concrete de/serializer implementations Add serializer.json module with implementations to serialize and deserialize TUF role metadata to and from the JSON wireline format for transportation, and to serialize the 'signed' part of TUF role metadata to the OLPC Canonical JSON format for signature generation and verification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-08 16:32:06 +00:00
Attributes:
compact: A boolean indicating if the JSON bytes generated in
'serialize' should be compact by excluding whitespace.
"""
Re-format tuf/api/* using black and isort Use black and isort to reformat new code in tuf/api/*, like so: ``` black --line-length 80 api isort --line-length 80 --profile black api ``` Besides downsizing the default line length to fit our Code Style Guide no extra configuration is required. Unified format according to black and isort will be enforced by CI/CD in a future commit. **Changes include:** - Use double quotes instead of single quotes where feasible - Re-wrap and re-indent long lines such as dict literals, function signatures and function calls, using hanging indent This will require an update in our Code Style Guide, which the benefits of using black seem worth. https://github.com/secure-systems-lab/code-style-guidelines/blob/master/python.md#indentation-and-line-continuation - Update vertical and horizontal spacing - Sort and wrap imports See black and isort docs for details: https://black.readthedocs.io/en/stable/the_black_code_style.html https://pycqa.github.io/isort/docs/configuration/black_compatibility/ NOTE: If desired I can split commits by change and/or configure git for this repo to ignore the corresponding revision(s) in git-blame. https://github.com/psf/black#migrating-your-code-style-without-ruining-git-blame Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-11 17:00:19 +00:00
Metadata API: Stop annotating __init__() return value This may have been required by a linter at some point, but isn't anymore: Not annotating makes the documentation look better. Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2021-09-23 14:57:19 +00:00
def __init__(self, compact: bool = False):
Add concrete de/serializer implementations Add serializer.json module with implementations to serialize and deserialize TUF role metadata to and from the JSON wireline format for transportation, and to serialize the 'signed' part of TUF role metadata to the OLPC Canonical JSON format for signature generation and verification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-08 16:32:06 +00:00
self.compact = compact
def serialize(self, metadata_obj: Metadata) -> bytes:
Fix black docstring indentation errors Black was updated from 20.8b1 to 21.4b0 requiring that one-line docstring don't add additional space before the closing quotes. Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2021-04-27 11:08:24 +00:00
"""Serialize Metadata object into utf-8 encoded JSON bytes."""
Use custom errors in serializer.json sub-package Re-raise all errors that happen during de/serialization as custom De/SerializationError. Whilelist 'e', which is idiomatic for error, in api/pylintrc, and inline exempt broad-except, which are okay if re-raised. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-09 14:36:49 +00:00
try:
Re-format tuf/api/* using black and isort Use black and isort to reformat new code in tuf/api/*, like so: ``` black --line-length 80 api isort --line-length 80 --profile black api ``` Besides downsizing the default line length to fit our Code Style Guide no extra configuration is required. Unified format according to black and isort will be enforced by CI/CD in a future commit. **Changes include:** - Use double quotes instead of single quotes where feasible - Re-wrap and re-indent long lines such as dict literals, function signatures and function calls, using hanging indent This will require an update in our Code Style Guide, which the benefits of using black seem worth. https://github.com/secure-systems-lab/code-style-guidelines/blob/master/python.md#indentation-and-line-continuation - Update vertical and horizontal spacing - Sort and wrap imports See black and isort docs for details: https://black.readthedocs.io/en/stable/the_black_code_style.html https://pycqa.github.io/isort/docs/configuration/black_compatibility/ NOTE: If desired I can split commits by change and/or configure git for this repo to ignore the corresponding revision(s) in git-blame. https://github.com/psf/black#migrating-your-code-style-without-ruining-git-blame Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-11 17:00:19 +00:00
indent = None if self.compact else 1
separators = (",", ":") if self.compact else (",", ": ")
json_bytes = json.dumps(
metadata_obj.to_dict(),
indent=indent,
separators=separators,
sort_keys=True,
).encode("utf-8")
Remove disable=broad-except The pylint warning W0703:broad-except was raised only when six was used and python 2 was still supported. The warning is no longer raised, the exceptions are handled/raised correctly and the disabling can be removed. Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
2021-09-01 14:37:03 +00:00
except Exception as e:
Remove py2 compat from api.serialization package tuf.api is not designed for Python 2 compatibility. This commit removes the following stray compatibility constructs in its serialization subpackage: - '__metaclass__ = abc.ABCMeta' - six.raise_from Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-09 16:27:39 +00:00
raise SerializationError from e
Add concrete de/serializer implementations Add serializer.json module with implementations to serialize and deserialize TUF role metadata to and from the JSON wireline format for transportation, and to serialize the 'signed' part of TUF role metadata to the OLPC Canonical JSON format for signature generation and verification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-08 16:32:06 +00:00
Fix inconsistent returns in json serializers Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-05 11:54:31 +00:00
return json_bytes
Add concrete de/serializer implementations Add serializer.json module with implementations to serialize and deserialize TUF role metadata to and from the JSON wireline format for transportation, and to serialize the 'signed' part of TUF role metadata to the OLPC Canonical JSON format for signature generation and verification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-08 16:32:06 +00:00
class CanonicalJSONSerializer(SignedSerializer):
Fix black docstring indentation errors Black was updated from 20.8b1 to 21.4b0 requiring that one-line docstring don't add additional space before the closing quotes. Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2021-04-27 11:08:24 +00:00
"""Provides Signed to OLPC Canonical JSON serialize method."""
Add concrete de/serializer implementations Add serializer.json module with implementations to serialize and deserialize TUF role metadata to and from the JSON wireline format for transportation, and to serialize the 'signed' part of TUF role metadata to the OLPC Canonical JSON format for signature generation and verification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-08 16:32:06 +00:00
def serialize(self, signed_obj: Signed) -> bytes:
Re-word api.serializer.json docstrings - Make class docstrings wording consistent. - Emphasize that we use the OLPC Canonical JSON specification. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-09 16:35:08 +00:00
"""Serialize Signed object into utf-8 encoded OLPC Canonical JSON
bytes.
"""
Use custom errors in serializer.json sub-package Re-raise all errors that happen during de/serialization as custom De/SerializationError. Whilelist 'e', which is idiomatic for error, in api/pylintrc, and inline exempt broad-except, which are okay if re-raised. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-09 14:36:49 +00:00
try:
Revert "Move to/from_dict metadata API methods..." Revert an earlier commit that moved to/from_dict metadata class model methods to a util module of the serialization sub-package. We keep to/from_dict methods on the metadata classes because: - It seems **idiomatic** (see e.g. 3rd-party libaries such as attrs, pydantic, marshmallow, or built-ins that provide default or customizable dict representation for higher-level objects). The idiomatic choice should make usage more intuitive. - It feels better **structured** when each method is encapsulated within the corresponding class, which in turn should make maintaining/modifying/extending the class model easier. - It allows us to remove function-scope imports (see subsequent commit). Caveat: Now that "the meat" of the sub-packaged JSON serializer is implemented on the class, it might make it harder to create a non-dict based serializer by copy-paste-amending the JSON serializer. However, the benefits from above seem to outweigh the disadvantage. See option 5 of ADR0006 for further details (#1270). Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-04 11:46:16 +00:00
signed_dict = signed_obj.to_dict()
Fix inconsistent returns in json serializers Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-05 11:54:31 +00:00
canonical_bytes = encode_canonical(signed_dict).encode("utf-8")
Use custom errors in serializer.json sub-package Re-raise all errors that happen during de/serialization as custom De/SerializationError. Whilelist 'e', which is idiomatic for error, in api/pylintrc, and inline exempt broad-except, which are okay if re-raised. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-02-09 14:36:49 +00:00
Remove disable=broad-except The pylint warning W0703:broad-except was raised only when six was used and python 2 was still supported. The warning is no longer raised, the exceptions are handled/raised correctly and the disabling can be removed. Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
2021-09-01 14:37:03 +00:00
except Exception as e:
Remove py2 compat from api.serialization package tuf.api is not designed for Python 2 compatibility. This commit removes the following stray compatibility constructs in its serialization subpackage: - '__metaclass__ = abc.ABCMeta' - six.raise_from Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-09 16:27:39 +00:00
raise SerializationError from e
Fix inconsistent returns in json serializers Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-03-05 11:54:31 +00:00
return canonical_bytes
Reference in a new issue Copy permalink