// ExpireMetadata expires the metadata, which would make it invalid - don't do anything if
// we don't have the timestamp key
func (m *MetadataSwizzler) ExpireMetadata(role string) error {
signedThing, err := signedFromStore(m.MetadataCache, role)
if err != nil {
return err
}
var unmarshalled map[string]interface{}
if err := json.Unmarshal(signedThing.Signed, &unmarshalled); err != nil {
return err
}
unmarshalled["expires"] = time.Now().AddDate(-1, -1, -1)
metaBytes, err := json.MarshalCanonical(unmarshalled)
if err != nil {
return err
}
signedThing.Signed = json.RawMessage(metaBytes)
pubKeys, err := getPubKeys(m.CryptoService, signedThing, role)
if err == nil {
metaBytes, err = serializeMetadata(m.CryptoService, signedThing, role, pubKeys...)
}
if err != nil {
return err
}
return m.MetadataCache.SetMeta(role, metaBytes)
}
// SetInvalidMetadataType unmarshallable, but has the wrong metadata type (not
// actually a metadata type)
func (m *MetadataSwizzler) SetInvalidMetadataType(role string) error {
signedThing, err := signedFromStore(m.MetadataCache, role)
if err != nil {
return err
}
var unmarshalled map[string]interface{}
if err := json.Unmarshal(signedThing.Signed, &unmarshalled); err != nil {
return err
}
unmarshalled["_type"] = "not_real"
metaBytes, err := json.MarshalCanonical(unmarshalled)
if err != nil {
return err
}
signedThing.Signed = json.RawMessage(metaBytes)
pubKeys, err := getPubKeys(m.CryptoService, signedThing, role)
if err == nil {
metaBytes, err = serializeMetadata(m.CryptoService, signedThing, role, pubKeys...)
}
if err != nil {
return err
}
return m.MetadataCache.SetMeta(role, metaBytes)
}
// OffsetMetadataVersion updates the metadata version
func (m *MetadataSwizzler) OffsetMetadataVersion(role string, offset int) error {
signedThing, err := signedFromStore(m.MetadataCache, role)
if err != nil {
return err
}
var unmarshalled map[string]interface{}
if err := json.Unmarshal(signedThing.Signed, &unmarshalled); err != nil {
return err
}
oldVersion, ok := unmarshalled["version"].(float64)
if !ok {
oldVersion = float64(0) // just ignore the error and set it to 0
}
unmarshalled["version"] = int(oldVersion) + offset
metaBytes, err := json.MarshalCanonical(unmarshalled)
if err != nil {
return err
}
signedThing.Signed = json.RawMessage(metaBytes)
pubKeys, err := getPubKeys(m.CryptoService, signedThing, role)
if err == nil {
metaBytes, err = serializeMetadata(m.CryptoService, signedThing, role, pubKeys...)
}
if err != nil {
return err
}
return m.MetadataCache.SetMeta(role, metaBytes)
}
// SetInvalidSignedMeta corrupts the metadata into something that is unmarshallable
// as a Signed object, but not unmarshallable into a SignedMeta object
func (m *MetadataSwizzler) SetInvalidSignedMeta(role string) error {
signedThing, err := signedFromStore(m.MetadataCache, role)
if err != nil {
return err
}
pubKeys, err := getPubKeys(m.CryptoService, signedThing, role)
if err != nil {
return err
}
var unmarshalled map[string]interface{}
if err := json.Unmarshal(signedThing.Signed, &unmarshalled); err != nil {
return err
}
unmarshalled["_type"] = []string{"not a string"}
unmarshalled["version"] = "string not int"
unmarshalled["expires"] = "cannot be parsed as time"
metaBytes, err := json.MarshalCanonical(unmarshalled)
if err != nil {
return err
}
signedThing.Signed = json.RawMessage(metaBytes)
metaBytes, err = serializeMetadata(m.CryptoService, signedThing, role, pubKeys...)
if err != nil {
return err
}
return m.MetadataCache.SetMeta(role, metaBytes)
}
