mirror of
https://github.com/theupdateframework/python-tuf
synced 2026-05-24 10:08:28 +00:00
imports: Make 'formats' imports vendoring-compatible
Use "from tuf import <module>" instead of "import tuf.<module>": this makes it possible for vendoring tool to vendor tuf. Fix all references to <module> in the code. Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
This commit is contained in:
Jussi Kukkonen
parent
4b078b0975
commit
4575637efd
11 changed files with 124 additions and 124 deletions
|
|
@ -25,7 +25,7 @@
|
|||
from securesystemslib.util import persist_temp_file
|
||||
|
||||
from tuf import exceptions
|
||||
import tuf.formats
|
||||
from tuf import formats
|
||||
from tuf.api.serialization import (
|
||||
MetadataDeserializer,
|
||||
MetadataSerializer,
|
||||
|
|
@ -337,7 +337,7 @@ def _common_fields_from_dict(signed_dict: Mapping[str, Any]) -> list:
|
|||
# Convert 'expires' TUF metadata string to a datetime object, which is
|
||||
# what the constructor expects and what we store. The inverse operation
|
||||
# is implemented in '_common_fields_to_dict'.
|
||||
expires = tuf.formats.expiry_string_to_datetime(expires_str)
|
||||
expires = formats.expiry_string_to_datetime(expires_str)
|
||||
return [_type, version, spec_version, expires]
|
||||
|
||||
def _common_fields_to_dict(self) -> Dict[str, Any]:
|
||||
|
|
|
|||
|
|
@ -133,8 +133,8 @@
|
|||
import tuf
|
||||
from tuf import download
|
||||
from tuf import exceptions
|
||||
from tuf import formats
|
||||
import tuf.requests_fetcher
|
||||
import tuf.formats
|
||||
import tuf.settings
|
||||
import tuf.keydb
|
||||
import tuf.log
|
||||
|
|
@ -212,7 +212,7 @@ def __init__(self, map_file):
|
|||
|
||||
# Raise securesystemslib.exceptions.FormatError if the map file is
|
||||
# improperly formatted.
|
||||
tuf.formats.MAPFILE_SCHEMA.check_match(self.map_file)
|
||||
formats.MAPFILE_SCHEMA.check_match(self.map_file)
|
||||
|
||||
# Save the "repositories" entry of the map file, with the following
|
||||
# example format:
|
||||
|
|
@ -263,11 +263,11 @@ def get_valid_targetinfo(self, target_filename, match_custom_field=True):
|
|||
|
||||
# Is the argument properly formatted? If not, raise
|
||||
# 'tuf.exceptions.FormatError'.
|
||||
tuf.formats.RELPATH_SCHEMA.check_match(target_filename)
|
||||
formats.RELPATH_SCHEMA.check_match(target_filename)
|
||||
|
||||
# TAP 4 requires that the following attributes be present in mappings:
|
||||
# "paths", "repositories", "terminating", and "threshold".
|
||||
tuf.formats.MAPPING_SCHEMA.check_match(self.map_file['mapping'])
|
||||
formats.MAPPING_SCHEMA.check_match(self.map_file['mapping'])
|
||||
|
||||
# Set the top-level directory containing the metadata for each repository.
|
||||
repositories_directory = tuf.settings.repositories_directory
|
||||
|
|
@ -486,7 +486,7 @@ def get_updater(self, repository_name):
|
|||
|
||||
# Are the arguments properly formatted? If not, raise
|
||||
# 'tuf.exceptions.FormatError'.
|
||||
tuf.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
formats.NAME_SCHEMA.check_match(repository_name)
|
||||
|
||||
updater = self.repository_names_to_updaters.get(repository_name)
|
||||
|
||||
|
|
@ -688,7 +688,7 @@ def __init__(self, repository_name, repository_mirrors, fetcher=None):
|
|||
# keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mistmatch.
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
tuf.formats.MIRRORDICT_SCHEMA.check_match(repository_mirrors)
|
||||
formats.MIRRORDICT_SCHEMA.check_match(repository_mirrors)
|
||||
|
||||
# Save the validated arguments.
|
||||
self.repository_name = repository_name
|
||||
|
|
@ -852,7 +852,7 @@ def _load_metadata_from_file(self, metadata_set, metadata_role):
|
|||
except securesystemslib.exceptions.Error:
|
||||
return
|
||||
|
||||
tuf.formats.check_signable_object_format(metadata_signable)
|
||||
formats.check_signable_object_format(metadata_signable)
|
||||
|
||||
# Extract the 'signed' role object from 'metadata_signable'.
|
||||
metadata_object = metadata_signable['signed']
|
||||
|
|
@ -1439,7 +1439,7 @@ def _verify_metadata_file(self, metadata_file_object,
|
|||
else:
|
||||
# Ensure the loaded 'metadata_signable' is properly formatted. Raise
|
||||
# 'securesystemslib.exceptions.FormatError' if not.
|
||||
tuf.formats.check_signable_object_format(metadata_signable)
|
||||
formats.check_signable_object_format(metadata_signable)
|
||||
|
||||
# Is 'metadata_signable' expired?
|
||||
self._ensure_not_expired(metadata_signable['signed'], metadata_role)
|
||||
|
|
@ -2009,7 +2009,7 @@ def _update_versioninfo(self, metadata_filename):
|
|||
# client's copy of snapshot.json.
|
||||
try:
|
||||
timestamp_version_number = self.metadata['current']['snapshot']['version']
|
||||
trusted_versioninfo = tuf.formats.make_versioninfo(
|
||||
trusted_versioninfo = formats.make_versioninfo(
|
||||
timestamp_version_number)
|
||||
|
||||
except KeyError:
|
||||
|
|
@ -2025,7 +2025,7 @@ def _update_versioninfo(self, metadata_filename):
|
|||
targets_version_number = \
|
||||
self.metadata['current'][metadata_filename[:-len('.json')]]['version']
|
||||
trusted_versioninfo = \
|
||||
tuf.formats.make_versioninfo(targets_version_number)
|
||||
formats.make_versioninfo(targets_version_number)
|
||||
|
||||
except KeyError:
|
||||
trusted_versioninfo = \
|
||||
|
|
@ -2152,7 +2152,7 @@ def _update_fileinfo(self, metadata_filename):
|
|||
# to the fileinfo store.
|
||||
file_length, hashes = securesystemslib.util.get_file_details(
|
||||
current_filepath)
|
||||
metadata_fileinfo = tuf.formats.make_targets_fileinfo(file_length, hashes)
|
||||
metadata_fileinfo = formats.make_targets_fileinfo(file_length, hashes)
|
||||
self.fileinfo[metadata_filename] = metadata_fileinfo
|
||||
|
||||
|
||||
|
|
@ -2273,9 +2273,9 @@ def _ensure_not_expired(self, metadata_object, metadata_rolename):
|
|||
# Extract the expiration time. Convert it to a unix timestamp and compare it
|
||||
# against the current time.time() (also in Unix/POSIX time format, although
|
||||
# with microseconds attached.)
|
||||
expires_datetime = tuf.formats.expiry_string_to_datetime(
|
||||
expires_datetime = formats.expiry_string_to_datetime(
|
||||
metadata_object['expires'])
|
||||
expires_timestamp = tuf.formats.datetime_to_unix_timestamp(expires_datetime)
|
||||
expires_timestamp = formats.datetime_to_unix_timestamp(expires_datetime)
|
||||
|
||||
current_time = int(time.time())
|
||||
if expires_timestamp <= current_time:
|
||||
|
|
@ -2557,7 +2557,7 @@ def targets_of_role(self, rolename='targets'):
|
|||
|
||||
# Does 'rolename' have the correct format?
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
tuf.formats.RELPATH_SCHEMA.check_match(rolename)
|
||||
formats.RELPATH_SCHEMA.check_match(rolename)
|
||||
|
||||
# If we've been given a delegated targets role, we don't know how to
|
||||
# validate it without knowing what the delegating role is -- there could
|
||||
|
|
@ -2623,7 +2623,7 @@ def get_one_valid_targetinfo(self, target_filepath):
|
|||
|
||||
# Does 'target_filepath' have the correct format?
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
tuf.formats.RELPATH_SCHEMA.check_match(target_filepath)
|
||||
formats.RELPATH_SCHEMA.check_match(target_filepath)
|
||||
|
||||
target_filepath = target_filepath.replace('\\', '/')
|
||||
|
||||
|
|
@ -3058,7 +3058,7 @@ def updated_targets(self, targets, destination_directory):
|
|||
|
||||
# Do the arguments have the correct format?
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
tuf.formats.TARGETINFOS_SCHEMA.check_match(targets)
|
||||
formats.TARGETINFOS_SCHEMA.check_match(targets)
|
||||
securesystemslib.formats.PATH_SCHEMA.check_match(destination_directory)
|
||||
|
||||
# Keep track of the target objects and filepaths of updated targets.
|
||||
|
|
@ -3156,7 +3156,7 @@ def download_target(self, target, destination_directory,
|
|||
# number of objects and object types, and that all dict
|
||||
# keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if the check fail.
|
||||
tuf.formats.TARGETINFO_SCHEMA.check_match(target)
|
||||
formats.TARGETINFO_SCHEMA.check_match(target)
|
||||
securesystemslib.formats.PATH_SCHEMA.check_match(destination_directory)
|
||||
|
||||
# Extract the target file information.
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@
|
|||
|
||||
import tuf
|
||||
from tuf import exceptions
|
||||
import tuf.formats
|
||||
from tuf import formats
|
||||
import tuf.keydb
|
||||
import tuf.roledb
|
||||
import tuf.sig
|
||||
|
|
@ -723,7 +723,7 @@ def _save_project_configuration(metadata_directory, targets_directory,
|
|||
securesystemslib.formats.PATH_SCHEMA.check_match(metadata_directory)
|
||||
securesystemslib.formats.PATH_SCHEMA.check_match(prefix)
|
||||
securesystemslib.formats.PATH_SCHEMA.check_match(targets_directory)
|
||||
tuf.formats.RELPATH_SCHEMA.check_match(project_name)
|
||||
formats.RELPATH_SCHEMA.check_match(project_name)
|
||||
|
||||
cfg_file_directory = metadata_directory
|
||||
|
||||
|
|
@ -818,7 +818,7 @@ def load_project(project_directory, prefix='', new_targets_location=None,
|
|||
config_filename = os.path.join(project_directory, PROJECT_FILENAME)
|
||||
|
||||
project_configuration = securesystemslib.util.load_json_file(config_filename)
|
||||
tuf.formats.PROJECT_CFG_SCHEMA.check_match(project_configuration)
|
||||
formats.PROJECT_CFG_SCHEMA.check_match(project_configuration)
|
||||
|
||||
targets_directory = os.path.join(project_directory,
|
||||
project_configuration['targets_location'])
|
||||
|
|
@ -864,7 +864,7 @@ def load_project(project_directory, prefix='', new_targets_location=None,
|
|||
project_filename)
|
||||
signable = securesystemslib.util.load_json_file(targets_metadata_path)
|
||||
try:
|
||||
tuf.formats.check_signable_object_format(signable)
|
||||
formats.check_signable_object_format(signable)
|
||||
except exceptions.UnsignedMetadataError:
|
||||
# Downgrade the error to a warning because a use case exists where
|
||||
# metadata may be generated unsigned on one machine and signed on another.
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@
|
|||
|
||||
import tuf
|
||||
from tuf import exceptions
|
||||
import tuf.formats
|
||||
from tuf import formats
|
||||
|
||||
# See 'log.py' to learn how logging is handled in TUF.
|
||||
logger = logging.getLogger(__name__)
|
||||
|
|
@ -87,7 +87,7 @@ def safe_download(url, required_length, fetcher):
|
|||
# Do all of the arguments have the appropriate format?
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
securesystemslib.formats.URL_SCHEMA.check_match(url)
|
||||
tuf.formats.LENGTH_SCHEMA.check_match(required_length)
|
||||
formats.LENGTH_SCHEMA.check_match(required_length)
|
||||
|
||||
return _download_file(url, required_length, fetcher, STRICT_REQUIRED_LENGTH=True)
|
||||
|
||||
|
|
@ -135,7 +135,7 @@ def unsafe_download(url, required_length, fetcher):
|
|||
# Do all of the arguments have the appropriate format?
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
securesystemslib.formats.URL_SCHEMA.check_match(url)
|
||||
tuf.formats.LENGTH_SCHEMA.check_match(required_length)
|
||||
formats.LENGTH_SCHEMA.check_match(required_length)
|
||||
|
||||
return _download_file(url, required_length, fetcher, STRICT_REQUIRED_LENGTH=False)
|
||||
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@
|
|||
import copy
|
||||
|
||||
from tuf import exceptions
|
||||
import tuf.formats
|
||||
from tuf import formats
|
||||
|
||||
import six
|
||||
import securesystemslib
|
||||
|
|
@ -100,7 +100,7 @@ def create_keydb_from_root_metadata(root_metadata, repository_name='default'):
|
|||
# This check will ensure 'root_metadata' has the appropriate number of objects
|
||||
# and object types, and that all dict keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if the check fails.
|
||||
tuf.formats.ROOT_SCHEMA.check_match(root_metadata)
|
||||
formats.ROOT_SCHEMA.check_match(root_metadata)
|
||||
|
||||
# Does 'repository_name' have the correct format?
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@
|
|||
import os
|
||||
|
||||
import tuf
|
||||
import tuf.formats
|
||||
from tuf import formats
|
||||
|
||||
import securesystemslib
|
||||
import six
|
||||
|
|
@ -84,8 +84,8 @@ def get_list_of_mirrors(file_type, file_path, mirrors_dict):
|
|||
"""
|
||||
|
||||
# Checking if all the arguments have appropriate format.
|
||||
tuf.formats.RELPATH_SCHEMA.check_match(file_path)
|
||||
tuf.formats.MIRRORDICT_SCHEMA.check_match(mirrors_dict)
|
||||
formats.RELPATH_SCHEMA.check_match(file_path)
|
||||
formats.MIRRORDICT_SCHEMA.check_match(mirrors_dict)
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(file_type)
|
||||
|
||||
# Verify 'file_type' is supported.
|
||||
|
|
|
|||
|
|
@ -40,8 +40,8 @@
|
|||
import tempfile
|
||||
|
||||
import tuf
|
||||
import tuf.formats
|
||||
from tuf import exceptions
|
||||
from tuf import formats
|
||||
import tuf.keydb
|
||||
import tuf.roledb
|
||||
import tuf.sig
|
||||
|
|
@ -500,7 +500,7 @@ def _load_top_level_metadata(repository, top_level_filenames, repository_name):
|
|||
# Initialize the key and role metadata of the top-level roles.
|
||||
signable = securesystemslib.util.load_json_file(root_filename)
|
||||
try:
|
||||
tuf.formats.check_signable_object_format(signable)
|
||||
formats.check_signable_object_format(signable)
|
||||
except exceptions.UnsignedMetadataError:
|
||||
# Downgrade the error to a warning because a use case exists where
|
||||
# metadata may be generated unsigned on one machine and signed on another.
|
||||
|
|
@ -587,7 +587,7 @@ def _load_top_level_metadata(repository, top_level_filenames, repository_name):
|
|||
try:
|
||||
signable = securesystemslib.util.load_json_file(snapshot_filename)
|
||||
try:
|
||||
tuf.formats.check_signable_object_format(signable)
|
||||
formats.check_signable_object_format(signable)
|
||||
except exceptions.UnsignedMetadataError:
|
||||
# Downgrade the error to a warning because a use case exists where
|
||||
# metadata may be generated unsigned on one machine and signed on another.
|
||||
|
|
@ -629,7 +629,7 @@ def _load_top_level_metadata(repository, top_level_filenames, repository_name):
|
|||
try:
|
||||
signable = securesystemslib.util.load_json_file(targets_filename)
|
||||
try:
|
||||
tuf.formats.check_signable_object_format(signable)
|
||||
formats.check_signable_object_format(signable)
|
||||
except exceptions.UnsignedMetadataError:
|
||||
# Downgrade the error to a warning because a use case exists where
|
||||
# metadata may be generated unsigned on one machine and signed on another.
|
||||
|
|
@ -698,10 +698,10 @@ def _log_warning_if_expires_soon(rolename, expires_iso8601_timestamp,
|
|||
# unix timestamp, subtract from current time.time() (also in POSIX time)
|
||||
# and compare against 'seconds_remaining_to_warn'. Log a warning message
|
||||
# to console if 'rolename' expires soon.
|
||||
datetime_object = tuf.formats.expiry_string_to_datetime(
|
||||
datetime_object = formats.expiry_string_to_datetime(
|
||||
expires_iso8601_timestamp)
|
||||
expires_unix_timestamp = \
|
||||
tuf.formats.datetime_to_unix_timestamp(datetime_object)
|
||||
formats.datetime_to_unix_timestamp(datetime_object)
|
||||
seconds_until_expires = expires_unix_timestamp - int(time.time())
|
||||
|
||||
if seconds_until_expires <= seconds_remaining_to_warn:
|
||||
|
|
@ -985,7 +985,7 @@ def get_targets_metadata_fileinfo(filename, storage_backend, custom=None):
|
|||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
securesystemslib.formats.PATH_SCHEMA.check_match(filename)
|
||||
if custom is not None:
|
||||
tuf.formats.CUSTOM_SCHEMA.check_match(custom)
|
||||
formats.CUSTOM_SCHEMA.check_match(custom)
|
||||
|
||||
# Note: 'filehashes' is a dictionary of the form
|
||||
# {'sha256': 1233dfba312, ...}. 'custom' is an optional
|
||||
|
|
@ -995,7 +995,7 @@ def get_targets_metadata_fileinfo(filename, storage_backend, custom=None):
|
|||
filesize, filehashes = securesystemslib.util.get_file_details(filename,
|
||||
tuf.settings.FILE_HASH_ALGORITHMS, storage_backend)
|
||||
|
||||
return tuf.formats.make_targets_fileinfo(filesize, filehashes, custom=custom)
|
||||
return formats.make_targets_fileinfo(filesize, filehashes, custom=custom)
|
||||
|
||||
|
||||
|
||||
|
|
@ -1037,7 +1037,7 @@ def get_metadata_versioninfo(rolename, repository_name):
|
|||
# Does 'rolename' have the correct format?
|
||||
# Ensure the arguments have the appropriate number of objects and object
|
||||
# types, and that all dict keys are properly named.
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
|
||||
roleinfo = tuf.roledb.get_roleinfo(rolename, repository_name)
|
||||
versioninfo = {'version': roleinfo['version']}
|
||||
|
|
@ -1182,7 +1182,7 @@ def get_target_hash(target_filepath):
|
|||
The hash of 'target_filepath'.
|
||||
|
||||
"""
|
||||
tuf.formats.RELPATH_SCHEMA.check_match(target_filepath)
|
||||
formats.RELPATH_SCHEMA.check_match(target_filepath)
|
||||
|
||||
digest_object = securesystemslib.hash.digest(algorithm=HASH_FUNCTION)
|
||||
digest_object.update(target_filepath.encode('utf-8'))
|
||||
|
|
@ -1238,7 +1238,7 @@ def generate_root_metadata(version, expiration_date, consistent_snapshot,
|
|||
# types, and that all dict keys are properly named. Raise
|
||||
# 'securesystemslib.exceptions.FormatError' if any of the arguments are
|
||||
# improperly formatted.
|
||||
tuf.formats.METADATAVERSION_SCHEMA.check_match(version)
|
||||
formats.METADATAVERSION_SCHEMA.check_match(version)
|
||||
securesystemslib.formats.ISO8601_DATETIME_SCHEMA.check_match(expiration_date)
|
||||
securesystemslib.formats.BOOLEAN_SCHEMA.check_match(consistent_snapshot)
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
|
|
@ -1268,8 +1268,8 @@ def generate_root_metadata(version, expiration_date, consistent_snapshot,
|
|||
# Generate the authentication information Root establishes for each
|
||||
# top-level role.
|
||||
role_threshold = tuf.roledb.get_role_threshold(rolename, repository_name)
|
||||
role_metadata = tuf.formats.build_dict_conforming_to_schema(
|
||||
tuf.formats.ROLE_SCHEMA,
|
||||
role_metadata = formats.build_dict_conforming_to_schema(
|
||||
formats.ROLE_SCHEMA,
|
||||
keyids=keyids,
|
||||
threshold=role_threshold)
|
||||
roledict[rolename] = role_metadata
|
||||
|
|
@ -1285,8 +1285,8 @@ def generate_root_metadata(version, expiration_date, consistent_snapshot,
|
|||
# generate_root_metadata, etc. with one function that generates
|
||||
# metadata, possibly rolling that upwards into the calling function.
|
||||
# There are very few things that really need to be done differently.
|
||||
return tuf.formats.build_dict_conforming_to_schema(
|
||||
tuf.formats.ROOT_SCHEMA,
|
||||
return formats.build_dict_conforming_to_schema(
|
||||
formats.ROOT_SCHEMA,
|
||||
version=version,
|
||||
expires=expiration_date,
|
||||
keys=keydict,
|
||||
|
|
@ -1389,8 +1389,8 @@ def generate_targets_metadata(targets_directory, target_files, version,
|
|||
# types, and that all dict keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
securesystemslib.formats.PATH_SCHEMA.check_match(targets_directory)
|
||||
tuf.formats.PATH_FILEINFO_SCHEMA.check_match(target_files)
|
||||
tuf.formats.METADATAVERSION_SCHEMA.check_match(version)
|
||||
formats.PATH_FILEINFO_SCHEMA.check_match(target_files)
|
||||
formats.METADATAVERSION_SCHEMA.check_match(version)
|
||||
securesystemslib.formats.ISO8601_DATETIME_SCHEMA.check_match(expiration_date)
|
||||
securesystemslib.formats.BOOLEAN_SCHEMA.check_match(write_consistent_targets)
|
||||
securesystemslib.formats.BOOLEAN_SCHEMA.check_match(use_existing_fileinfo)
|
||||
|
|
@ -1400,7 +1400,7 @@ def generate_targets_metadata(targets_directory, target_files, version,
|
|||
' targets and using existing fileinfo.')
|
||||
|
||||
if delegations is not None:
|
||||
tuf.formats.DELEGATIONS_SCHEMA.check_match(delegations)
|
||||
formats.DELEGATIONS_SCHEMA.check_match(delegations)
|
||||
# If targets role has delegations, collect the up-to-date 'keyids' and
|
||||
# 'threshold' for each role. Update the delegations keys dictionary.
|
||||
delegations_keys = []
|
||||
|
|
@ -1460,15 +1460,15 @@ def generate_targets_metadata(targets_directory, target_files, version,
|
|||
# metadata, possibly rolling that upwards into the calling function.
|
||||
# There are very few things that really need to be done differently.
|
||||
if delegations is not None:
|
||||
return tuf.formats.build_dict_conforming_to_schema(
|
||||
tuf.formats.TARGETS_SCHEMA,
|
||||
return formats.build_dict_conforming_to_schema(
|
||||
formats.TARGETS_SCHEMA,
|
||||
version=version,
|
||||
expires=expiration_date,
|
||||
targets=filedict,
|
||||
delegations=delegations)
|
||||
else:
|
||||
return tuf.formats.build_dict_conforming_to_schema(
|
||||
tuf.formats.TARGETS_SCHEMA,
|
||||
return formats.build_dict_conforming_to_schema(
|
||||
formats.TARGETS_SCHEMA,
|
||||
version=version,
|
||||
expires=expiration_date,
|
||||
targets=filedict)
|
||||
|
|
@ -1621,7 +1621,7 @@ def generate_snapshot_metadata(metadata_directory, version, expiration_date,
|
|||
# object types, and that all dict keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if the check fails.
|
||||
securesystemslib.formats.PATH_SCHEMA.check_match(metadata_directory)
|
||||
tuf.formats.METADATAVERSION_SCHEMA.check_match(version)
|
||||
formats.METADATAVERSION_SCHEMA.check_match(version)
|
||||
securesystemslib.formats.ISO8601_DATETIME_SCHEMA.check_match(expiration_date)
|
||||
securesystemslib.formats.BOOLEAN_SCHEMA.check_match(consistent_snapshot)
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
|
|
@ -1643,7 +1643,7 @@ def generate_snapshot_metadata(metadata_directory, version, expiration_date,
|
|||
# Make file info dictionary with make_metadata_fileinfo because
|
||||
# in the tuf spec length and hashes are optional for all
|
||||
# METAFILES in snapshot.json including the top-level targets file.
|
||||
fileinfodict[TARGETS_FILENAME] = tuf.formats.make_metadata_fileinfo(
|
||||
fileinfodict[TARGETS_FILENAME] = formats.make_metadata_fileinfo(
|
||||
targets_file_version['version'], length, hashes)
|
||||
|
||||
# Search the metadata directory and generate the versioninfo of all the role
|
||||
|
|
@ -1675,7 +1675,7 @@ def generate_snapshot_metadata(metadata_directory, version, expiration_date,
|
|||
file_version = get_metadata_versioninfo(rolename,
|
||||
repository_name)
|
||||
|
||||
fileinfodict[metadata_name] = tuf.formats.make_metadata_fileinfo(
|
||||
fileinfodict[metadata_name] = formats.make_metadata_fileinfo(
|
||||
file_version['version'], length, hashes)
|
||||
|
||||
else:
|
||||
|
|
@ -1691,8 +1691,8 @@ def generate_snapshot_metadata(metadata_directory, version, expiration_date,
|
|||
# generate_root_metadata, etc. with one function that generates
|
||||
# metadata, possibly rolling that upwards into the calling function.
|
||||
# There are very few things that really need to be done differently.
|
||||
return tuf.formats.build_dict_conforming_to_schema(
|
||||
tuf.formats.SNAPSHOT_SCHEMA,
|
||||
return formats.build_dict_conforming_to_schema(
|
||||
formats.SNAPSHOT_SCHEMA,
|
||||
version=version,
|
||||
expires=expiration_date,
|
||||
meta=fileinfodict)
|
||||
|
|
@ -1758,7 +1758,7 @@ def generate_timestamp_metadata(snapshot_file_path, version, expiration_date,
|
|||
# object types, and that all dict keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if the check fails.
|
||||
securesystemslib.formats.PATH_SCHEMA.check_match(snapshot_file_path)
|
||||
tuf.formats.METADATAVERSION_SCHEMA.check_match(version)
|
||||
formats.METADATAVERSION_SCHEMA.check_match(version)
|
||||
securesystemslib.formats.ISO8601_DATETIME_SCHEMA.check_match(expiration_date)
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
securesystemslib.formats.BOOLEAN_SCHEMA.check_match(use_length)
|
||||
|
|
@ -1773,7 +1773,7 @@ def generate_timestamp_metadata(snapshot_file_path, version, expiration_date,
|
|||
# Retrieve the versioninfo of the Snapshot metadata file.
|
||||
snapshot_version = get_metadata_versioninfo('snapshot', repository_name)
|
||||
snapshot_fileinfo[snapshot_filename] = \
|
||||
tuf.formats.make_metadata_fileinfo(snapshot_version['version'],
|
||||
formats.make_metadata_fileinfo(snapshot_version['version'],
|
||||
length, hashes)
|
||||
|
||||
# Generate the timestamp metadata object.
|
||||
|
|
@ -1785,8 +1785,8 @@ def generate_timestamp_metadata(snapshot_file_path, version, expiration_date,
|
|||
# generate_root_metadata, etc. with one function that generates
|
||||
# metadata, possibly rolling that upwards into the calling function.
|
||||
# There are very few things that really need to be done differently.
|
||||
return tuf.formats.build_dict_conforming_to_schema(
|
||||
tuf.formats.TIMESTAMP_SCHEMA,
|
||||
return formats.build_dict_conforming_to_schema(
|
||||
formats.TIMESTAMP_SCHEMA,
|
||||
version=version,
|
||||
expires=expiration_date,
|
||||
meta=snapshot_fileinfo)
|
||||
|
|
@ -1838,7 +1838,7 @@ def sign_metadata(metadata_object, keyids, filename, repository_name):
|
|||
# This check ensures arguments have the appropriate number of objects and
|
||||
# object types, and that all dict keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if the check fails.
|
||||
tuf.formats.ANYROLE_SCHEMA.check_match(metadata_object)
|
||||
formats.ANYROLE_SCHEMA.check_match(metadata_object)
|
||||
securesystemslib.formats.KEYIDS_SCHEMA.check_match(keyids)
|
||||
securesystemslib.formats.PATH_SCHEMA.check_match(filename)
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
|
|
@ -1847,7 +1847,7 @@ def sign_metadata(metadata_object, keyids, filename, repository_name):
|
|||
# it contains a 'signatures' field containing the result
|
||||
# of signing the 'signed' field of 'metadata' with each
|
||||
# keyid of 'keyids'.
|
||||
signable = tuf.formats.make_signable(metadata_object)
|
||||
signable = formats.make_signable(metadata_object)
|
||||
|
||||
# Sign the metadata with each keyid in 'keyids'. 'signable' should have
|
||||
# zero signatures (metadata_object contained none).
|
||||
|
|
@ -1876,7 +1876,7 @@ def sign_metadata(metadata_object, keyids, filename, repository_name):
|
|||
# Raise 'securesystemslib.exceptions.FormatError' if the resulting 'signable'
|
||||
# is not formatted correctly.
|
||||
try:
|
||||
tuf.formats.check_signable_object_format(signable)
|
||||
formats.check_signable_object_format(signable)
|
||||
except exceptions.UnsignedMetadataError:
|
||||
# Downgrade the error to a warning because a use case exists where
|
||||
# metadata may be generated unsigned on one machine and signed on another.
|
||||
|
|
@ -1936,9 +1936,9 @@ def write_metadata_file(metadata, filename, version_number, consistent_snapshot,
|
|||
# This check ensures arguments have the appropriate number of objects and
|
||||
# object types, and that all dict keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if the check fails.
|
||||
tuf.formats.SIGNABLE_SCHEMA.check_match(metadata)
|
||||
formats.SIGNABLE_SCHEMA.check_match(metadata)
|
||||
securesystemslib.formats.PATH_SCHEMA.check_match(filename)
|
||||
tuf.formats.METADATAVERSION_SCHEMA.check_match(version_number)
|
||||
formats.METADATAVERSION_SCHEMA.check_match(version_number)
|
||||
securesystemslib.formats.BOOLEAN_SCHEMA.check_match(consistent_snapshot)
|
||||
|
||||
if storage_backend is None:
|
||||
|
|
|
|||
|
|
@ -43,11 +43,11 @@
|
|||
from collections import deque
|
||||
|
||||
import tuf
|
||||
import tuf.formats
|
||||
from tuf import exceptions
|
||||
from tuf import formats
|
||||
import tuf.roledb
|
||||
import tuf.sig
|
||||
import tuf.log
|
||||
from tuf import exceptions
|
||||
import tuf.repository_lib as repo_lib
|
||||
|
||||
import securesystemslib.keys
|
||||
|
|
@ -740,23 +740,23 @@ def add_verification_key(self, key, expires=None):
|
|||
if expires is None:
|
||||
if self.rolename == 'root':
|
||||
expires = \
|
||||
tuf.formats.unix_timestamp_to_datetime(int(time.time() + ROOT_EXPIRATION))
|
||||
formats.unix_timestamp_to_datetime(int(time.time() + ROOT_EXPIRATION))
|
||||
|
||||
elif self.rolename == 'Targets':
|
||||
expires = \
|
||||
tuf.formats.unix_timestamp_to_datetime(int(time.time() + TARGETS_EXPIRATION))
|
||||
formats.unix_timestamp_to_datetime(int(time.time() + TARGETS_EXPIRATION))
|
||||
|
||||
elif self.rolename == 'Snapshot':
|
||||
expires = \
|
||||
tuf.formats.unix_timestamp_to_datetime(int(time.time() + SNAPSHOT_EXPIRATION))
|
||||
formats.unix_timestamp_to_datetime(int(time.time() + SNAPSHOT_EXPIRATION))
|
||||
|
||||
elif self.rolename == 'Timestamp':
|
||||
expires = \
|
||||
tuf.formats.unix_timestamp_to_datetime(int(time.time() + TIMESTAMP_EXPIRATION))
|
||||
formats.unix_timestamp_to_datetime(int(time.time() + TIMESTAMP_EXPIRATION))
|
||||
|
||||
else:
|
||||
expires = \
|
||||
tuf.formats.unix_timestamp_to_datetime(int(time.time() + TIMESTAMP_EXPIRATION))
|
||||
formats.unix_timestamp_to_datetime(int(time.time() + TIMESTAMP_EXPIRATION))
|
||||
|
||||
# Is 'expires' a datetime.datetime() object?
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if not.
|
||||
|
|
@ -770,7 +770,7 @@ def add_verification_key(self, key, expires=None):
|
|||
|
||||
# Ensure the expiration has not already passed.
|
||||
current_datetime = \
|
||||
tuf.formats.unix_timestamp_to_datetime(int(time.time()))
|
||||
formats.unix_timestamp_to_datetime(int(time.time()))
|
||||
|
||||
if expires < current_datetime:
|
||||
raise securesystemslib.exceptions.Error(repr(key) + ' has already'
|
||||
|
|
@ -1234,7 +1234,7 @@ def version(self, version):
|
|||
# Ensure the arguments have the appropriate number of objects and object
|
||||
# types, and that all dict keys are properly named. Raise
|
||||
# 'securesystemslib.exceptions.FormatError' if any are improperly formatted.
|
||||
tuf.formats.METADATAVERSION_SCHEMA.check_match(version)
|
||||
formats.METADATAVERSION_SCHEMA.check_match(version)
|
||||
|
||||
roleinfo = tuf.roledb.get_roleinfo(self.rolename, self._repository_name)
|
||||
roleinfo['version'] = version
|
||||
|
|
@ -1306,7 +1306,7 @@ def threshold(self, threshold):
|
|||
# Ensure the arguments have the appropriate number of objects and object
|
||||
# types, and that all dict keys are properly named. Raise
|
||||
# 'securesystemslib.exceptions.FormatError' if any are improperly formatted.
|
||||
tuf.formats.THRESHOLD_SCHEMA.check_match(threshold)
|
||||
formats.THRESHOLD_SCHEMA.check_match(threshold)
|
||||
|
||||
roleinfo = tuf.roledb.get_roleinfo(self._rolename, self._repository_name)
|
||||
roleinfo['previous_threshold'] = roleinfo['threshold']
|
||||
|
|
@ -1339,7 +1339,7 @@ def expiration(self):
|
|||
roleinfo = tuf.roledb.get_roleinfo(self.rolename, self._repository_name)
|
||||
expires = roleinfo['expires']
|
||||
|
||||
return tuf.formats.expiry_string_to_datetime(expires)
|
||||
return formats.expiry_string_to_datetime(expires)
|
||||
|
||||
|
||||
|
||||
|
|
@ -1386,7 +1386,7 @@ def expiration(self, datetime_object):
|
|||
|
||||
# Ensure the expiration has not already passed.
|
||||
current_datetime_object = \
|
||||
tuf.formats.unix_timestamp_to_datetime(int(time.time()))
|
||||
formats.unix_timestamp_to_datetime(int(time.time()))
|
||||
|
||||
if datetime_object < current_datetime_object:
|
||||
raise securesystemslib.exceptions.Error(repr(self.rolename) + ' has'
|
||||
|
|
@ -1477,11 +1477,11 @@ def __init__(self, repository_name):
|
|||
|
||||
# Is 'repository_name' properly formatted? Otherwise, raise a
|
||||
# tuf.exceptions.FormatError exception.
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(repository_name)
|
||||
formats.ROLENAME_SCHEMA.check_match(repository_name)
|
||||
|
||||
# By default, 'snapshot' metadata is set to expire 1 week from the current
|
||||
# time. The expiration may be modified.
|
||||
expiration = tuf.formats.unix_timestamp_to_datetime(
|
||||
expiration = formats.unix_timestamp_to_datetime(
|
||||
int(time.time() + ROOT_EXPIRATION))
|
||||
expiration = expiration.isoformat() + 'Z'
|
||||
|
||||
|
|
@ -1549,7 +1549,7 @@ def __init__(self, repository_name):
|
|||
|
||||
# By default, 'root' metadata is set to expire 1 year from the current
|
||||
# time. The expiration may be modified.
|
||||
expiration = tuf.formats.unix_timestamp_to_datetime(
|
||||
expiration = formats.unix_timestamp_to_datetime(
|
||||
int(time.time() + TIMESTAMP_EXPIRATION))
|
||||
expiration = expiration.isoformat() + 'Z'
|
||||
|
||||
|
|
@ -1612,7 +1612,7 @@ def __init__(self, repository_name):
|
|||
|
||||
# By default, 'snapshot' metadata is set to expire 1 week from the current
|
||||
# time. The expiration may be modified.
|
||||
expiration = tuf.formats.unix_timestamp_to_datetime(
|
||||
expiration = formats.unix_timestamp_to_datetime(
|
||||
int(time.time() + SNAPSHOT_EXPIRATION))
|
||||
expiration = expiration.isoformat() + 'Z'
|
||||
|
||||
|
|
@ -1693,11 +1693,11 @@ def __init__(self, targets_directory, rolename='targets', roleinfo=None,
|
|||
# types, and that all dict keys are properly named. Raise
|
||||
# 'securesystemslib.exceptions.FormatError' if any are improperly formatted.
|
||||
securesystemslib.formats.PATH_SCHEMA.check_match(targets_directory)
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
|
||||
if roleinfo is not None:
|
||||
tuf.formats.ROLEDB_SCHEMA.check_match(roleinfo)
|
||||
formats.ROLEDB_SCHEMA.check_match(roleinfo)
|
||||
|
||||
super(Targets, self).__init__()
|
||||
self._targets_directory = targets_directory
|
||||
|
|
@ -1715,7 +1715,7 @@ def __init__(self, targets_directory, rolename='targets', roleinfo=None,
|
|||
|
||||
# By default, Targets objects are set to expire 3 months from the current
|
||||
# time. May be later modified.
|
||||
expiration = tuf.formats.unix_timestamp_to_datetime(
|
||||
expiration = formats.unix_timestamp_to_datetime(
|
||||
int(time.time() + TARGETS_EXPIRATION))
|
||||
expiration = expiration.isoformat() + 'Z'
|
||||
|
||||
|
|
@ -1766,7 +1766,7 @@ def __call__(self, rolename):
|
|||
# Ensure the arguments have the appropriate number of objects and object
|
||||
# types, and that all dict keys are properly named. Raise
|
||||
# 'securesystemslib.exceptions.FormatError' if any are improperly formatted.
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
|
||||
if rolename in self._delegated_roles:
|
||||
return self._delegated_roles[rolename]
|
||||
|
|
@ -1808,7 +1808,7 @@ def add_delegated_role(self, rolename, targets_object):
|
|||
# Ensure the arguments have the appropriate number of objects and object
|
||||
# types, and that all dict keys are properly named. Raise
|
||||
# 'securesystemslib.exceptions.FormatError' if any are improperly formatted.
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
|
||||
if not isinstance(targets_object, Targets):
|
||||
raise securesystemslib.exceptions.FormatError(repr(targets_object) + ' is'
|
||||
|
|
@ -1848,7 +1848,7 @@ def remove_delegated_role(self, rolename):
|
|||
# Ensure the arguments have the appropriate number of objects and object
|
||||
# types, and that all dict keys are properly named. Raise
|
||||
# 'securesystemslib.exceptions.FormatError' if any are improperly formatted.
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
|
||||
if rolename not in self._delegated_roles:
|
||||
logger.debug(repr(rolename) + ' has not been delegated.')
|
||||
|
|
@ -1936,7 +1936,7 @@ def add_paths(self, paths, child_rolename):
|
|||
# types, and that all dict keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
securesystemslib.formats.PATHS_SCHEMA.check_match(paths)
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(child_rolename)
|
||||
formats.ROLENAME_SCHEMA.check_match(child_rolename)
|
||||
|
||||
# Ensure that 'child_rolename' exists, otherwise it will not have an entry
|
||||
# in the parent role's delegations field.
|
||||
|
|
@ -2024,19 +2024,19 @@ def add_target(self, filepath, custom=None, fileinfo=None):
|
|||
# Ensure the arguments have the appropriate number of objects and object
|
||||
# types, and that all dict keys are properly named. Raise
|
||||
# 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
tuf.formats.RELPATH_SCHEMA.check_match(filepath)
|
||||
formats.RELPATH_SCHEMA.check_match(filepath)
|
||||
|
||||
if fileinfo and custom:
|
||||
raise securesystemslib.exceptions.Error("Can only take one of"
|
||||
" custom or fileinfo, not both.")
|
||||
|
||||
if fileinfo:
|
||||
tuf.formats.TARGETS_FILEINFO_SCHEMA.check_match(fileinfo)
|
||||
formats.TARGETS_FILEINFO_SCHEMA.check_match(fileinfo)
|
||||
|
||||
if custom is None:
|
||||
custom = {}
|
||||
else:
|
||||
tuf.formats.CUSTOM_SCHEMA.check_match(custom)
|
||||
formats.CUSTOM_SCHEMA.check_match(custom)
|
||||
|
||||
# Add 'filepath' (i.e., relative to the targets directory) to the role's
|
||||
# list of targets. 'filepath' will not be verified as an allowed path
|
||||
|
|
@ -2104,7 +2104,7 @@ def add_targets(self, list_of_targets):
|
|||
# Ensure the arguments have the appropriate number of objects and object
|
||||
# types, and that all dict keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
tuf.formats.RELPATHS_SCHEMA.check_match(list_of_targets)
|
||||
formats.RELPATHS_SCHEMA.check_match(list_of_targets)
|
||||
|
||||
# Ensure the paths in 'list_of_targets' are relative and use forward slash
|
||||
# as a separator or raise an exception. The paths of 'list_of_targets'
|
||||
|
|
@ -2162,7 +2162,7 @@ def remove_target(self, filepath):
|
|||
# Ensure the arguments have the appropriate number of objects and object
|
||||
# types, and that all dict keys are properly named. Raise
|
||||
# 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
tuf.formats.RELPATH_SCHEMA.check_match(filepath)
|
||||
formats.RELPATH_SCHEMA.check_match(filepath)
|
||||
|
||||
# Remove 'relative_filepath', if found, and update this Targets roleinfo.
|
||||
fileinfo = tuf.roledb.get_roleinfo(self.rolename, self._repository_name)
|
||||
|
|
@ -2241,7 +2241,7 @@ def _create_delegated_target(self, rolename, keyids, threshold, paths):
|
|||
expiration is set (3 months from the current time).
|
||||
"""
|
||||
|
||||
expiration = tuf.formats.unix_timestamp_to_datetime(
|
||||
expiration = formats.unix_timestamp_to_datetime(
|
||||
int(time.time() + TARGETS_EXPIRATION))
|
||||
expiration = expiration.isoformat() + 'Z'
|
||||
|
||||
|
|
@ -2363,17 +2363,17 @@ def delegate(self, rolename, public_keys, paths, threshold=1,
|
|||
# Ensure the arguments have the appropriate number of objects and object
|
||||
# types, and that all dict keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
securesystemslib.formats.ANYKEYLIST_SCHEMA.check_match(public_keys)
|
||||
tuf.formats.RELPATHS_SCHEMA.check_match(paths)
|
||||
tuf.formats.THRESHOLD_SCHEMA.check_match(threshold)
|
||||
formats.RELPATHS_SCHEMA.check_match(paths)
|
||||
formats.THRESHOLD_SCHEMA.check_match(threshold)
|
||||
securesystemslib.formats.BOOLEAN_SCHEMA.check_match(terminating)
|
||||
|
||||
if list_of_targets is not None:
|
||||
tuf.formats.RELPATHS_SCHEMA.check_match(list_of_targets)
|
||||
formats.RELPATHS_SCHEMA.check_match(list_of_targets)
|
||||
|
||||
if path_hash_prefixes is not None:
|
||||
tuf.formats.PATH_HASH_PREFIXES_SCHEMA.check_match(path_hash_prefixes)
|
||||
formats.PATH_HASH_PREFIXES_SCHEMA.check_match(path_hash_prefixes)
|
||||
|
||||
# Keep track of the valid keyids (added to the new Targets object) and
|
||||
# their keydicts (added to this Targets delegations).
|
||||
|
|
@ -2477,7 +2477,7 @@ def revoke(self, rolename):
|
|||
# Ensure the arguments have the appropriate number of objects and object
|
||||
# types, and that all dict keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
|
||||
# Remove 'rolename' from this Target's delegations dict.
|
||||
roleinfo = tuf.roledb.get_roleinfo(self.rolename, self._repository_name)
|
||||
|
|
@ -2569,7 +2569,7 @@ def delegate_hashed_bins(self, list_of_targets, keys_of_hashed_bins,
|
|||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
securesystemslib.formats.PATHS_SCHEMA.check_match(list_of_targets)
|
||||
securesystemslib.formats.ANYKEYLIST_SCHEMA.check_match(keys_of_hashed_bins)
|
||||
tuf.formats.NUMBINS_SCHEMA.check_match(number_of_bins)
|
||||
formats.NUMBINS_SCHEMA.check_match(number_of_bins)
|
||||
|
||||
prefix_length, prefix_count, bin_size = repo_lib.get_bin_numbers(number_of_bins)
|
||||
|
||||
|
|
@ -2712,7 +2712,7 @@ def add_target_to_bin(self, target_filepath, number_of_bins=DEFAULT_NUM_BINS,
|
|||
# types, and that all dict keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
securesystemslib.formats.PATH_SCHEMA.check_match(target_filepath)
|
||||
tuf.formats.NUMBINS_SCHEMA.check_match(number_of_bins)
|
||||
formats.NUMBINS_SCHEMA.check_match(number_of_bins)
|
||||
|
||||
# TODO: check target_filepath is sane
|
||||
|
||||
|
|
@ -2774,7 +2774,7 @@ def remove_target_from_bin(self, target_filepath,
|
|||
# types, and that all dict keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
|
||||
securesystemslib.formats.PATH_SCHEMA.check_match(target_filepath)
|
||||
tuf.formats.NUMBINS_SCHEMA.check_match(number_of_bins)
|
||||
formats.NUMBINS_SCHEMA.check_match(number_of_bins)
|
||||
|
||||
# TODO: check target_filepath is sane?
|
||||
|
||||
|
|
@ -2843,7 +2843,7 @@ def _check_path(self, pathname):
|
|||
None.
|
||||
"""
|
||||
|
||||
tuf.formats.RELPATH_SCHEMA.check_match(pathname)
|
||||
formats.RELPATH_SCHEMA.check_match(pathname)
|
||||
|
||||
if '\\' in pathname:
|
||||
raise exceptions.InvalidNameError('Path ' + repr(pathname)
|
||||
|
|
@ -3222,7 +3222,7 @@ def dump_signable_metadata(metadata_filepath):
|
|||
signable = securesystemslib.util.load_json_file(metadata_filepath)
|
||||
|
||||
# Is 'signable' a valid metadata file?
|
||||
tuf.formats.SIGNABLE_SCHEMA.check_match(signable)
|
||||
formats.SIGNABLE_SCHEMA.check_match(signable)
|
||||
|
||||
return securesystemslib.formats.encode_canonical(signable['signed'])
|
||||
|
||||
|
|
@ -3278,7 +3278,7 @@ def append_signature(signature, metadata_filepath):
|
|||
signable = securesystemslib.util.load_json_file(metadata_filepath)
|
||||
|
||||
# Is 'signable' a valid metadata file?
|
||||
tuf.formats.SIGNABLE_SCHEMA.check_match(signable)
|
||||
formats.SIGNABLE_SCHEMA.check_match(signable)
|
||||
|
||||
signable['signatures'].append(signature)
|
||||
|
||||
|
|
|
|||
|
|
@ -54,8 +54,8 @@
|
|||
|
||||
import tuf
|
||||
from tuf import exceptions
|
||||
from tuf import formats
|
||||
import tuf.log
|
||||
import tuf.formats
|
||||
|
||||
import securesystemslib
|
||||
import six
|
||||
|
|
@ -112,7 +112,7 @@ def create_roledb_from_root_metadata(root_metadata, repository_name='default'):
|
|||
# This check will ensure 'root_metadata' has the appropriate number of objects
|
||||
# and object types, and that all dict keys are properly named.
|
||||
# Raises securesystemslib.exceptions.FormatError.
|
||||
tuf.formats.ROOT_SCHEMA.check_match(root_metadata)
|
||||
formats.ROOT_SCHEMA.check_match(root_metadata)
|
||||
|
||||
# Is 'repository_name' formatted correctly?
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
|
|
@ -295,10 +295,10 @@ def add_role(rolename, roleinfo, repository_name='default'):
|
|||
# Does 'rolename' have the correct object format?
|
||||
# This check will ensure 'rolename' has the appropriate number of objects
|
||||
# and object types, and that all dict keys are properly named.
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
|
||||
# Does 'roleinfo' have the correct object format?
|
||||
tuf.formats.ROLEDB_SCHEMA.check_match(roleinfo)
|
||||
formats.ROLEDB_SCHEMA.check_match(roleinfo)
|
||||
|
||||
# Is 'repository_name' correctly formatted?
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
|
|
@ -379,12 +379,12 @@ def update_roleinfo(rolename, roleinfo, mark_role_as_dirty=True, repository_name
|
|||
# Does the arguments have the correct object format?
|
||||
# This check will ensure arguments have the appropriate number of objects
|
||||
# and object types, and that all dict keys are properly named.
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
securesystemslib.formats.BOOLEAN_SCHEMA.check_match(mark_role_as_dirty)
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
|
||||
# Does 'roleinfo' have the correct object format?
|
||||
tuf.formats.ROLEDB_SCHEMA.check_match(roleinfo)
|
||||
formats.ROLEDB_SCHEMA.check_match(roleinfo)
|
||||
|
||||
# Raises securesystemslib.exceptions.InvalidNameError.
|
||||
_validate_rolename(rolename)
|
||||
|
|
@ -1031,7 +1031,7 @@ def _check_rolename(rolename, repository_name='default'):
|
|||
# Does 'rolename' have the correct object format?
|
||||
# This check will ensure 'rolename' has the appropriate number of objects
|
||||
# and object types, and that all dict keys are properly named.
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
formats.ROLENAME_SCHEMA.check_match(rolename)
|
||||
|
||||
# Does 'repository_name' have the correct format?
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
|
|
|
|||
|
|
@ -149,8 +149,8 @@
|
|||
|
||||
import tuf
|
||||
from tuf import exceptions
|
||||
from tuf import formats
|
||||
import tuf.log
|
||||
import tuf.formats
|
||||
import tuf.repository_tool as repo_tool
|
||||
|
||||
# 'pip install securesystemslib[crypto,pynacl]' is required for the CLI,
|
||||
|
|
@ -624,7 +624,7 @@ def sign_role(parsed_arguments):
|
|||
role_privatekey, repository_name = repository._repository_name)
|
||||
|
||||
# Set the delegated metadata file to expire in 3 months.
|
||||
expiration = tuf.formats.unix_timestamp_to_datetime(
|
||||
expiration = formats.unix_timestamp_to_datetime(
|
||||
int(time.time() + 7889230))
|
||||
expiration = expiration.isoformat() + 'Z'
|
||||
|
||||
|
|
|
|||
14
tuf/sig.py
14
tuf/sig.py
|
|
@ -52,9 +52,9 @@
|
|||
|
||||
import tuf
|
||||
from tuf import exceptions
|
||||
from tuf import formats
|
||||
import tuf.keydb
|
||||
import tuf.roledb
|
||||
import tuf.formats
|
||||
|
||||
import securesystemslib
|
||||
|
||||
|
|
@ -126,14 +126,14 @@ def get_signature_status(signable, role=None, repository_name='default',
|
|||
# arguments have the appropriate number of objects and object types, and that
|
||||
# all dict keys are properly named. Raise
|
||||
# 'securesystemslib.exceptions.FormatError' if the check fails.
|
||||
tuf.formats.SIGNABLE_SCHEMA.check_match(signable)
|
||||
formats.SIGNABLE_SCHEMA.check_match(signable)
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
|
||||
if role is not None:
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(role)
|
||||
formats.ROLENAME_SCHEMA.check_match(role)
|
||||
|
||||
if threshold is not None:
|
||||
tuf.formats.THRESHOLD_SCHEMA.check_match(threshold)
|
||||
formats.THRESHOLD_SCHEMA.check_match(threshold)
|
||||
|
||||
if keyids is not None:
|
||||
securesystemslib.formats.KEYIDS_SCHEMA.check_match(keyids)
|
||||
|
|
@ -280,8 +280,8 @@ def verify(signable, role, repository_name='default', threshold=None,
|
|||
role's threshold, False otherwise.
|
||||
"""
|
||||
|
||||
tuf.formats.SIGNABLE_SCHEMA.check_match(signable)
|
||||
tuf.formats.ROLENAME_SCHEMA.check_match(role)
|
||||
formats.SIGNABLE_SCHEMA.check_match(signable)
|
||||
formats.ROLENAME_SCHEMA.check_match(role)
|
||||
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
|
||||
|
||||
# Retrieve the signature status. tuf.sig.get_signature_status() raises:
|
||||
|
|
@ -338,7 +338,7 @@ def may_need_new_keys(signature_status):
|
|||
# This check will ensure 'signature_status' has the appropriate number
|
||||
# of objects and object types, and that all dict keys are properly named.
|
||||
# Raise 'securesystemslib.exceptions.FormatError' if the check fails.
|
||||
tuf.formats.SIGNATURESTATUS_SCHEMA.check_match(signature_status)
|
||||
formats.SIGNATURESTATUS_SCHEMA.check_match(signature_status)
|
||||
|
||||
unknown = signature_status['unknown_sigs']
|
||||
untrusted = signature_status['untrusted_sigs']
|
||||
|
|
|
|||
Loading…
Reference in a new issue