// InitTargets initializes an empty targets, and returns the new empty target func (tr *Repo) InitTargets(role string) (*data.SignedTargets, error) { if !data.IsDelegation(role) && role != data.CanonicalTargetsRole { return nil, data.ErrInvalidRole{ Role: role, Reason: fmt.Sprintf("role is not a valid targets role name: %s", role), } } targets := data.NewTargets() tr.Targets[role] = targets return targets, nil }
func TestChecksumMatch(t *testing.T) { repo := tuf.NewRepo(nil, nil) localStorage := store.NewMemoryStore(nil, nil) remoteStorage := store.NewMemoryStore(nil, nil) client := NewClient(repo, remoteStorage, nil, localStorage) sampleTargets := data.NewTargets() orig, err := json.Marshal(sampleTargets) origSha256 := sha256.Sum256(orig) assert.NoError(t, err) remoteStorage.SetMeta("targets", orig) _, _, err = client.downloadSigned("targets", int64(len(orig)), origSha256[:]) assert.NoError(t, err) }
func TestRemoveUnusedKeys(t *testing.T) { targets := data.NewTargets() role, err := data.NewRole("targets/test", 1, []string{"123"}, []string{""}) require.NoError(t, err) targets.Signed.Delegations.Keys["123"] = nil RemoveUnusedKeys(targets) require.Len(t, targets.Signed.Delegations.Keys, 0) // when role is present that uses key, it shouldn't get removed targets.Signed.Delegations.Roles = []*data.Role{role} targets.Signed.Delegations.Keys["123"] = nil RemoveUnusedKeys(targets) require.Len(t, targets.Signed.Delegations.Keys, 1) }
func TestSizeMismatchShort(t *testing.T) { repo := tuf.NewRepo(nil) localStorage := store.NewMemoryStore(nil) remoteStorage := testutils.NewShortMemoryStore(nil) client := NewClient(repo, remoteStorage, localStorage) sampleTargets := data.NewTargets() orig, err := json.Marshal(sampleTargets) origSha256 := sha256.Sum256(orig) assert.NoError(t, err) l := int64(len(orig)) remoteStorage.SetMeta("targets", orig) _, _, err = client.downloadSigned("targets", l, origSha256[:]) // size just limits the data received, the error is caught // either during checksum verification or during json deserialization assert.IsType(t, ErrChecksumMismatch{}, err) }
func TestUnusedDelegationKeys(t *testing.T) { targets := data.NewTargets() role, err := data.NewRole("targets/test", 1, []string{}, []string{""}) require.NoError(t, err) discard := UnusedDelegationKeys(*targets) require.Len(t, discard, 0) targets.Signed.Delegations.Roles = []*data.Role{role} targets.Signed.Delegations.Keys["123"] = nil discard = UnusedDelegationKeys(*targets) require.Len(t, discard, 1) role.KeyIDs = []string{"123"} discard = UnusedDelegationKeys(*targets) require.Len(t, discard, 0) }
// UpdateDelegations updates the appropriate delegations, either adding // a new delegation or updating an existing one. If keys are // provided, the IDs will be added to the role (if they do not exist // there already), and the keys will be added to the targets file. // The "before" argument specifies another role which this new role // will be added in front of (i.e. higher priority) in the delegation list. // An empty before string indicates to add the role to the end of the // delegation list. // A new, empty, targets file will be created for the new role. func (tr *Repo) UpdateDelegations(role *data.Role, keys []data.PublicKey, before string) error { if !role.IsDelegation() || !role.IsValid() { return data.ErrInvalidRole{Role: role.Name} } parent := filepath.Dir(role.Name) p, ok := tr.Targets[parent] if !ok { return data.ErrInvalidRole{Role: role.Name} } for _, k := range keys { if !utils.StrSliceContains(role.KeyIDs, k.ID()) { role.KeyIDs = append(role.KeyIDs, k.ID()) } p.Signed.Delegations.Keys[k.ID()] = k tr.keysDB.AddKey(k) } i := -1 var r *data.Role for i, r = range p.Signed.Delegations.Roles { if r.Name == role.Name { break } } if i >= 0 { p.Signed.Delegations.Roles[i] = role } else { p.Signed.Delegations.Roles = append(p.Signed.Delegations.Roles, role) } p.Dirty = true roleTargets := data.NewTargets() // NewTargets always marked Dirty tr.Targets[role.Name] = roleTargets tr.keysDB.AddRole(role) return nil }
// InitTargets initializes an empty targets func (tr *Repo) InitTargets() error { targets := data.NewTargets() tr.Targets[data.ValidRoles["targets"]] = targets return nil }