mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00

History

Jussi Kukkonen cea1745cef Implement root bootstrapping Application may have a "more secure" data store than the metadata cache is: Allow application to bootstrap the Updater with this more secure root. This means the Updater must also cache the subsequent root versions (and not just the last one). * Store versioned root metadata in local cache * maintain a non versioned symlink to last known good root * When loading root metadata, look in local cache too * Add a 'bootstrap' argument to Updater: this allows initializing the Updater with known good root metadata instead of trusting the root.json in cache Additional changes to current functionality: * when using bootstrap argument, the initial root is written to cache. This write happens every time Updater is initialized with bootstrap * The "root.json" symlink is recreated at the end of every refresh() Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2025-02-20 11:09:54 +02:00
..
client	Implement root bootstrapping	2025-02-20 11:09:54 +02:00
README.md	examples: Rename client example directory	2023-02-02 16:25:47 +02:00

Jussi Kukkonen cea1745cef Implement root bootstrapping

Application may have a "more secure" data store than the metadata cache
is: Allow application to bootstrap the Updater with this more secure
root. This means the Updater must also cache the subsequent root versions
(and not just the last one).

* Store versioned root metadata in local cache
* maintain a non versioned symlink to last known good root
* When loading root metadata, look in local cache too
* Add a 'bootstrap' argument to Updater: this allows
  initializing the Updater with known good root metadata
  instead of trusting the root.json in cache

Additional changes to current functionality:
* when using bootstrap argument, the initial root is written to cache.
  This write happens every time Updater is initialized with bootstrap
* The "root.json" symlink is recreated at the end of every refresh()

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>

2025-02-20 11:09:54 +02:00

client

Implement root bootstrapping

2025-02-20 11:09:54 +02:00

README.md

examples: Rename client example directory

2023-02-02 16:25:47 +02:00

README.md

TUF Client Example

TUF Client Example, using python-tuf.

This TUF Client Example implements the following actions:

Client Initialization
Target file download

The client can be used against any TUF repository that serves metadata and targets under the same URL (in /metadata/ and /targets/ directories, respectively). The used TUF repository can be set with --url (default repository is "http://127.0.0.1:8001" which is also the default for the repository example).

Usage with the repository example

In one terminal, run the repository example and leave it running:

examples/repository/repo

In another terminal, run the client:

# initialize the client with Trust-On-First-Use
./client tofu

# Then download example files from the repository:
./client download file1.txt

Note that unlike normal repositories, the example repository only exists in memory and is re-generated from scratch at every startup: This means your client needs to run tofu every time you restart the repository application.

Usage with a repository on the internet

# On first use only, initialize the client with Trust-On-First-Use
./client --url https://jku.github.io/tuf-demo tofu

# Then download example files from the repository:
./client --url https://jku.github.io/tuf-demo download demo/succinctly-delegated-1.txt