// ExpireMetadata expires the metadata, which would make it invalid - don't do anything if // we don't have the timestamp key func (m *MetadataSwizzler) ExpireMetadata(role string) error { signedThing, err := signedFromStore(m.MetadataCache, role) if err != nil { return err } var unmarshalled map[string]interface{} if err := json.Unmarshal(signedThing.Signed, &unmarshalled); err != nil { return err } unmarshalled["expires"] = time.Now().AddDate(-1, -1, -1) metaBytes, err := json.MarshalCanonical(unmarshalled) if err != nil { return err } signedThing.Signed = json.RawMessage(metaBytes) pubKeys, err := getPubKeys(m.CryptoService, signedThing, role) if err == nil { metaBytes, err = serializeMetadata(m.CryptoService, signedThing, role, pubKeys...) } if err != nil { return err } return m.MetadataCache.SetMeta(role, metaBytes) }
// SetInvalidMetadataType unmarshallable, but has the wrong metadata type (not // actually a metadata type) func (m *MetadataSwizzler) SetInvalidMetadataType(role string) error { signedThing, err := signedFromStore(m.MetadataCache, role) if err != nil { return err } var unmarshalled map[string]interface{} if err := json.Unmarshal(signedThing.Signed, &unmarshalled); err != nil { return err } unmarshalled["_type"] = "not_real" metaBytes, err := json.MarshalCanonical(unmarshalled) if err != nil { return err } signedThing.Signed = json.RawMessage(metaBytes) pubKeys, err := getPubKeys(m.CryptoService, signedThing, role) if err == nil { metaBytes, err = serializeMetadata(m.CryptoService, signedThing, role, pubKeys...) } if err != nil { return err } return m.MetadataCache.SetMeta(role, metaBytes) }
// OffsetMetadataVersion updates the metadata version func (m *MetadataSwizzler) OffsetMetadataVersion(role string, offset int) error { signedThing, err := signedFromStore(m.MetadataCache, role) if err != nil { return err } var unmarshalled map[string]interface{} if err := json.Unmarshal(signedThing.Signed, &unmarshalled); err != nil { return err } oldVersion, ok := unmarshalled["version"].(float64) if !ok { oldVersion = float64(0) // just ignore the error and set it to 0 } unmarshalled["version"] = int(oldVersion) + offset metaBytes, err := json.MarshalCanonical(unmarshalled) if err != nil { return err } signedThing.Signed = json.RawMessage(metaBytes) pubKeys, err := getPubKeys(m.CryptoService, signedThing, role) if err == nil { metaBytes, err = serializeMetadata(m.CryptoService, signedThing, role, pubKeys...) } if err != nil { return err } return m.MetadataCache.SetMeta(role, metaBytes) }
// SetInvalidSignedMeta corrupts the metadata into something that is unmarshallable // as a Signed object, but not unmarshallable into a SignedMeta object func (m *MetadataSwizzler) SetInvalidSignedMeta(role string) error { signedThing, err := signedFromStore(m.MetadataCache, role) if err != nil { return err } pubKeys, err := getPubKeys(m.CryptoService, signedThing, role) if err != nil { return err } var unmarshalled map[string]interface{} if err := json.Unmarshal(signedThing.Signed, &unmarshalled); err != nil { return err } unmarshalled["_type"] = []string{"not a string"} unmarshalled["version"] = "string not int" unmarshalled["expires"] = "cannot be parsed as time" metaBytes, err := json.MarshalCanonical(unmarshalled) if err != nil { return err } signedThing.Signed = json.RawMessage(metaBytes) metaBytes, err = serializeMetadata(m.CryptoService, signedThing, role, pubKeys...) if err != nil { return err } return m.MetadataCache.SetMeta(role, metaBytes) }