notary: Index | Files | Directories

package tuf

import ""

Package tuf defines the core TUF logic around manipulating a repo.


Package Files

builder.go tuf.go


var ErrBuildDone = fmt.Errorf(
    "the builder has finished building and cannot accept any more input or produce any more output")

ErrBuildDone is returned when any functions are called on RepoBuilder, and it is already finished building

type ConsistentInfo Uses

type ConsistentInfo struct {
    RoleName data.RoleName
    // contains filtered or unexported fields

ConsistentInfo is the consistent name and size of a role, or just the name of the role and a -1 if no file metadata for the role is known

func (ConsistentInfo) ChecksumKnown Uses

func (c ConsistentInfo) ChecksumKnown() bool

ChecksumKnown determines whether or not we know enough to provide a size and consistent name

func (ConsistentInfo) ConsistentName Uses

func (c ConsistentInfo) ConsistentName() string

ConsistentName returns the consistent name (rolename.sha256) for the role given this consistent information

func (ConsistentInfo) Length Uses

func (c ConsistentInfo) Length() int64

Length returns the expected length of the role as per this consistent information - if no checksum information is known, the size is -1.

type ErrInvalidBuilderInput Uses

type ErrInvalidBuilderInput struct {
    // contains filtered or unexported fields

ErrInvalidBuilderInput is returned when RepoBuilder.Load is called with the wrong type of metadata for the state that it's in

func (ErrInvalidBuilderInput) Error Uses

func (e ErrInvalidBuilderInput) Error() string

type ErrLocalRootExpired Uses

type ErrLocalRootExpired struct{}

ErrLocalRootExpired - the local root file is out of date

func (ErrLocalRootExpired) Error Uses

func (e ErrLocalRootExpired) Error() string

type ErrMetaExpired Uses

type ErrMetaExpired struct{}

ErrMetaExpired - metadata file has expired

func (ErrMetaExpired) Error Uses

func (e ErrMetaExpired) Error() string

type ErrNotLoaded Uses

type ErrNotLoaded struct {
    Role data.RoleName

ErrNotLoaded - attempted to access data that has not been loaded into the repo. This means specifically that the relevant JSON file has not been loaded.

func (ErrNotLoaded) Error Uses

func (err ErrNotLoaded) Error() string

type ErrSigVerifyFail Uses

type ErrSigVerifyFail struct{}

ErrSigVerifyFail - signature verification failed

func (ErrSigVerifyFail) Error Uses

func (e ErrSigVerifyFail) Error() string

type Repo Uses

type Repo struct {
    Root      *data.SignedRoot
    Targets   map[data.RoleName]*data.SignedTargets
    Snapshot  *data.SignedSnapshot
    Timestamp *data.SignedTimestamp
    // contains filtered or unexported fields

Repo is an in memory representation of the TUF Repo. It operates at the data.Signed level, accepting and producing data.Signed objects. Users of a Repo are responsible for fetching raw JSON and using the Set* functions to populate the Repo instance.

func NewRepo Uses

func NewRepo(cryptoService signed.CryptoService) *Repo

NewRepo initializes a Repo instance with a CryptoService. If the Repo will only be used for reading, the CryptoService can be nil.

func (*Repo) AddBaseKeys Uses

func (tr *Repo) AddBaseKeys(role data.RoleName, keys error

AddBaseKeys is used to add keys to the role in root.json

func (*Repo) AddTargets Uses

func (tr *Repo) AddTargets(role data.RoleName, targets data.Files) (data.Files, error)

AddTargets will attempt to add the given targets specifically to the directed role. If the metadata for the role doesn't exist yet, AddTargets will create one.

func (*Repo) DeleteDelegation Uses

func (tr *Repo) DeleteDelegation(roleName data.RoleName) error

DeleteDelegation removes a delegated targets role from its parent targets object. It also deletes the delegation from the snapshot. DeleteDelegation will only make use of the role Name field.

func (*Repo) GetAllLoadedRoles Uses

func (tr *Repo) GetAllLoadedRoles() []*data.Role

GetAllLoadedRoles returns a list of all role entries loaded in this TUF repo, could be empty

func (*Repo) GetBaseRole Uses

func (tr *Repo) GetBaseRole(name data.RoleName) (data.BaseRole, error)

GetBaseRole gets a base role from this repo's metadata

func (*Repo) GetDelegationRole Uses

func (tr *Repo) GetDelegationRole(name data.RoleName) (data.DelegationRole, error)

GetDelegationRole gets a delegation role from this repo's metadata, walking from the targets role down to the delegation itself

func (*Repo) InitRoot Uses

func (tr *Repo) InitRoot(root, timestamp, snapshot, targets data.BaseRole, consistent bool) error

InitRoot initializes an empty root file with the 4 core roles passed to the method, and the consistent flag.

func (*Repo) InitSnapshot Uses

func (tr *Repo) InitSnapshot() error

InitSnapshot initializes a snapshot based on the current root and targets

func (*Repo) InitTargets Uses

func (tr *Repo) InitTargets(role data.RoleName) (*data.SignedTargets, error)

InitTargets initializes an empty targets, and returns the new empty target

func (*Repo) InitTimestamp Uses

func (tr *Repo) InitTimestamp() error

InitTimestamp initializes a timestamp based on the current snapshot

func (*Repo) PurgeDelegationKeys Uses

func (tr *Repo) PurgeDelegationKeys(role data.RoleName, removeKeys []string) error

PurgeDelegationKeys removes the provided canonical key IDs from all delegations present in the subtree rooted at role. The role argument must be provided in a wildcard format, i.e. targets/* would remove the key from all delegations in the repo

func (*Repo) RemoveBaseKeys Uses

func (tr *Repo) RemoveBaseKeys(role data.RoleName, keyIDs ...string) error

RemoveBaseKeys is used to remove keys from the roles in root.json

func (*Repo) RemoveTargets Uses

func (tr *Repo) RemoveTargets(role data.RoleName, targets ...string) error

RemoveTargets removes the given target (paths) from the given target role (delegation)

func (*Repo) ReplaceBaseKeys Uses

func (tr *Repo) ReplaceBaseKeys(role data.RoleName, keys error

ReplaceBaseKeys is used to replace all keys for the given role with the new keys

func (*Repo) SignRoot Uses

func (tr *Repo) SignRoot(expires time.Time, extraSigningKeys data.KeyList) (*data.Signed, error)

SignRoot signs the root, using all keys from the "root" role (i.e. currently trusted) as well as available keys used to sign the previous version, if the public part is carried in tr.Root.Keys and the private key is available (i.e. probably previously trusted keys, to allow rollover). If there are any errors, attempt to put root back to the way it was (so version won't be incremented, for instance). Extra signing keys can be added to support older clients

func (*Repo) SignSnapshot Uses

func (tr *Repo) SignSnapshot(expires time.Time) (*data.Signed, error)

SignSnapshot updates the snapshot based on the current targets and root then signs it

func (*Repo) SignTargets Uses

func (tr *Repo) SignTargets(role data.RoleName, expires time.Time) (*data.Signed, error)

SignTargets signs the targets file for the given top level or delegated targets role

func (*Repo) SignTimestamp Uses

func (tr *Repo) SignTimestamp(expires time.Time) (*data.Signed, error)

SignTimestamp updates the timestamp based on the current snapshot then signs it

func (Repo) TargetDelegations Uses

func (tr Repo) TargetDelegations(role data.RoleName, path string) []*data.Role

TargetDelegations returns a slice of Roles that are valid publishers for the target path provided.

func (Repo) TargetMeta Uses

func (tr Repo) TargetMeta(role data.RoleName, path string) *data.FileMeta

TargetMeta returns the FileMeta entry for the given path in the targets file associated with the given role. This may be nil if the target isn't found in the targets file.

func (*Repo) UpdateDelegationKeys Uses

func (tr *Repo) UpdateDelegationKeys(roleName data.RoleName, addKeys data.KeyList, removeKeys []string, newThreshold int) error

UpdateDelegationKeys updates the appropriate delegations, either adding a new delegation or updating an existing one. If keys are provided, the IDs will be added to the role (if they do not exist there already), and the keys will be added to the targets file.

func (*Repo) UpdateDelegationPaths Uses

func (tr *Repo) UpdateDelegationPaths(roleName data.RoleName, addPaths, removePaths []string, clearPaths bool) error

UpdateDelegationPaths updates the appropriate delegation's paths. It is not allowed to create a new delegation.

func (*Repo) UpdateSnapshot Uses

func (tr *Repo) UpdateSnapshot(role data.RoleName, s *data.Signed) error

UpdateSnapshot updates the FileMeta for the given role based on the Signed object

func (*Repo) UpdateTimestamp Uses

func (tr *Repo) UpdateTimestamp(s *data.Signed) error

UpdateTimestamp updates the snapshot meta in the timestamp based on the Signed object

func (*Repo) VerifyCanSign Uses

func (tr *Repo) VerifyCanSign(roleName data.RoleName) error

VerifyCanSign returns nil if the role exists and we have at least one signing key for the role, false otherwise. This does not check that we have enough signing keys to meet the threshold, since we want to support the use case of multiple signers for a role. It returns an error if the role doesn't exist or if there are no signing keys.

func (*Repo) WalkTargets Uses

func (tr *Repo) WalkTargets(targetPath string, rolePath data.RoleName, visitTargets walkVisitorFunc, skipRoles error

WalkTargets will apply the specified visitor function to iteratively walk the targets/delegation metadata tree, until receiving a StopWalk. The walk starts from the base "targets" role, and searches for the correct targetPath and/or rolePath to call the visitor function on. Any roles passed into skipRoles will be excluded from the walk, as well as roles in those subtrees

type RepoBuilder Uses

type RepoBuilder interface {
    Load(roleName data.RoleName, content []byte, minVersion int, allowExpired bool) error
    LoadRootForUpdate(content []byte, minVersion int, isFinal bool) error
    GenerateSnapshot(prev *data.SignedSnapshot) ([]byte, int, error)
    GenerateTimestamp(prev *data.SignedTimestamp) ([]byte, int, error)
    Finish() (*Repo, *Repo, error)
    BootstrapNewBuilder() RepoBuilder
    BootstrapNewBuilderWithNewTrustpin(trustpin trustpinning.TrustPinConfig) RepoBuilder

    // informative functions
    IsLoaded(roleName data.RoleName) bool
    GetLoadedVersion(roleName data.RoleName) int
    GetConsistentInfo(roleName data.RoleName) ConsistentInfo

RepoBuilder is an interface for an object which builds a tuf.Repo

func NewBuilderFromRepo Uses

func NewBuilderFromRepo(gun data.GUN, repo *Repo, trustpin trustpinning.TrustPinConfig) RepoBuilder

NewBuilderFromRepo allows us to bootstrap a builder given existing repo data. YOU PROBABLY SHOULDN'T BE USING THIS OUTSIDE OF TESTING CODE!!!

func NewRepoBuilder Uses

func NewRepoBuilder(gun data.GUN, cs signed.CryptoService, trustpin trustpinning.TrustPinConfig) RepoBuilder

NewRepoBuilder is the only way to get a pre-built RepoBuilder

type StopWalk Uses

type StopWalk struct{}

StopWalk - used by visitor functions to signal WalkTargets to stop walking


utilsPackage utils contains tuf related utility functions however this file is hard forked from package.

Package tuf imports 12 packages (graph) and is imported by 44 packages. Updated 2020-01-19. Refresh now. Tools for package owners.