How to use the securesystemslib.formats.NAME_SCHEMA.check_match function in securesystemslib
To help you get started, we’ve selected a few securesystemslib examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
theupdateframework / tuf / tuf / client / updater.py View on Github 
Th metadata files (e.g., 'root.json', 'targets.json') for the top- level
roles are read from disk and stored in dictionaries. In addition, the
key and roledb modules are populated with 'repository_name' entries.
None.
"""
# Do the arguments have the correct format?
# These checks ensure the arguments have the appropriate
# number of objects and object types and that all dict
# keys are properly named.
# Raise 'securesystemslib.exceptions.FormatError' if there is a mistmatch.
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
tuf.formats.MIRRORDICT_SCHEMA.check_match(repository_mirrors)
# Save the validated arguments.
self.repository_name = repository_name
self.mirrors = repository_mirrors
# Store the trusted metadata read from disk.
self.metadata = {}
# Store the currently trusted/verified metadata.
self.metadata['current'] = {}
# Store the previously trusted/verified metadata.
self.metadata['previous'] = {}
# Store the version numbers of roles available on the repository. The dictsecuresystemslib.exceptions.FormatError, if 'repository_name' is improperly
formatted.
securesystemslib.exceptions.InvalidNameError, if 'repository_name' does not
exist in the role database.
None.
A list of rolenames.
"""
# Does 'repository_name' have the correct format? Raise
# 'securesystemslib.exceptions.FormatError' if it is improperly formatted.
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
global _roledb_dict
global _dirty_roles
if repository_name not in _roledb_dict or repository_name not in _dirty_roles:
raise securesystemslib.exceptions.InvalidNameError('Repository name does'
' not' ' exist: ' + repository_name)
return list(_roledb_dict[repository_name].keys())
None.
A timestamp metadata object, conformant to 'tuf.formats.TIMESTAMP_SCHEMA'.
"""
# Do the arguments have the correct format?
# This check ensures arguments have the appropriate number of objects and
# object types, and that all dict keys are properly named.
# Raise 'securesystemslib.exceptions.FormatError' if the check fails.
securesystemslib.formats.PATH_SCHEMA.check_match(snapshot_filename)
tuf.formats.METADATAVERSION_SCHEMA.check_match(version)
securesystemslib.formats.ISO8601_DATETIME_SCHEMA.check_match(expiration_date)
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
# Retrieve the versioninfo of the Snapshot metadata file.
snapshot_fileinfo = {}
length, hashes = securesystemslib.util.get_file_details(snapshot_filename)
snapshot_version = get_metadata_versioninfo('snapshot', repository_name)
snapshot_fileinfo[SNAPSHOT_FILENAME] = \
tuf.formats.make_fileinfo(length, hashes, version=snapshot_version['version'])
# We previously saved the versioninfo of the compressed versions of
# 'snapshot.json' in 'versioninfo'. Since version numbers are now stored,
# the version numbers of compressed roles do not change and can thus be
# excluded.
# Generate the timestamp metadata object.
timestamp_metadata = tuf.formats.TimestampFile.make_metadata(version,
expiration_date, snapshot_fileinfo)securesystemslib.exceptions.FormatError, if 'repository_name' does not have
the correct format.
securesystemslib.exceptions.InvalidNameError, if 'repository_name' does not
exist in the role database.
None.
None.
"""
# Do the arguments have the correct format? If not, raise
# 'securesystemslib.exceptions.FormatError'
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
securesystemslib.formats.BOOLEAN_SCHEMA.check_match(clear_all)
global _roledb_dict
global _dirty_roles
if repository_name not in _roledb_dict or repository_name not in _dirty_roles:
raise securesystemslib.exceptions.InvalidNameError('Repository name does not'
' exist: ' + repository_name)
if clear_all:
_roledb_dict = {}
_roledb_dict['default'] = {}
_dirty_roles = {}
_dirty_roles['default'] = set()
return
tuf.exceptions.UnknownRoleError, if 'rolename' cannot be found
in the role database.
securesystemslib.exceptions.InvalidNameError, if 'rolename' is incorrectly
formatted, or 'repository_name' does not exist in the role database.
None.
A threshold integer value.
"""
# Raise 'securesystemslib.exceptions.FormatError' if 'repository_name' is
# improperly formatted.
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
# Raises securesystemslib.exceptions.FormatError,
# tuf.exceptions.UnknownRoleError, or
# securesystemslib.exceptions.InvalidNameError.
_check_rolename(rolename, repository_name)
global _roledb_dict
global _dirty_roles
roleinfo = _roledb_dict[repository_name][rolename]
return roleinfo['threshold']
securesystemslib.exceptions.FormatError, if 'repository_name' is improperly formatted.
securesystemslib.exceptions.InvalidNameError, if 'repository_name' does not exist in the key
database.
The keydb key database is reset.
None.
"""
# Do the arguments have the correct format? Raise 'securesystemslib.exceptions.FormatError' if
# 'repository_name' is improperly formatted.
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
securesystemslib.formats.BOOLEAN_SCHEMA.check_match(clear_all)
global _keydb_dict
if clear_all:
_keydb_dict = {}
_keydb_dict['default'] = {}
if repository_name not in _keydb_dict:
raise securesystemslib.exceptions.InvalidNameError('Repository name does not exist:'
' ' + repr(repository_name))
_keydb_dict[repository_name] = {}
The 'metadata_directory' and 'targets_directory' directories are created
if they do not exist.
A 'tuf.developer_tool.Project' object.
"""
# Does 'metadata_directory' have the correct format?
# Ensure the arguments have the appropriate number of objects and object
# types, and that all dict keys are properly named.
# Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
securesystemslib.formats.PATH_SCHEMA.check_match(metadata_directory)
# Do the same for the location in the repo and the project name, we must
# ensure they are valid pathnames.
securesystemslib.formats.NAME_SCHEMA.check_match(project_name)
securesystemslib.formats.PATH_SCHEMA.check_match(location_in_repository)
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
# for the targets directory we do the same, but first, let's find out what
# layout the user needs, layout_type is a variable that is usually set to
# 1, which means "flat" (i.e. the cfg file is where the metadata folder is
# located), with a two, the cfg file goes to the "metadata" folder, and a
# new metadata folder is created inside the tree, to separate targets and
# metadata.
layout_type = 'flat'
if targets_directory is None:
targets_directory = os.path.join(metadata_directory, TARGETS_DIRECTORY_NAME)
metadata_directory = \
os.path.join(metadata_directory, METADATA_DIRECTORY_NAME)
layout_type = 'repo-like'
None.
A signable object conformant to 'tuf.formats.SIGNABLE_SCHEMA'.
"""
# Do the arguments have the correct format?
# This check ensures arguments have the appropriate number of objects and
# object types, and that all dict keys are properly named.
# Raise 'securesystemslib.exceptions.FormatError' if the check fails.
tuf.formats.ANYROLE_SCHEMA.check_match(metadata_object)
securesystemslib.formats.KEYIDS_SCHEMA.check_match(keyids)
securesystemslib.formats.PATH_SCHEMA.check_match(filename)
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
# Make sure the metadata is in 'signable' format. That is,
# it contains a 'signatures' field containing the result
# of signing the 'signed' field of 'metadata' with each
# keyid of 'keyids'.
signable = tuf.formats.make_signable(metadata_object)
# Sign the metadata with each keyid in 'keyids'. 'signable' should have
# zero signatures (metadata_object contained none).
for keyid in keyids:
# Load the signing key.
key = tuf.keydb.get_key(keyid, repository_name=repository_name)
# Generate the signature using the appropriate signing method.
if key['keytype'] in SUPPORTED_KEY_TYPES:
if 'private' in key['keyval']:not be removed, so 'repository_name' cannot be 'default'.
securesystemslib.exceptions.FormatError, if 'repository_name' is improperly formatted.
securesystemslib.exceptions.InvalidNameError, if 'repository_name' is 'default'.
None.
None.
"""
# Is 'repository_name' properly formatted? Raise 'securesystemslib.exceptions.FormatError' if not.
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
if repository_name not in _keydb_dict:
logger.warn('Repository name does not exist: ' + repr(repository_name))
return
if repository_name == 'default':
raise securesystemslib.exceptions.InvalidNameError('Cannot remove the default repository:'
' ' + repr(repository_name))
del _keydb_dict[repository_name]
securesystemslib
A library that provides cryptographic and general-purpose routines for Secure Systems Lab projects at NYU
Package Health Score
78 / 100Popular securesystemslib functions
- securesystemslib.exceptions
- securesystemslib.exceptions.CryptoError
- securesystemslib.exceptions.Error
- securesystemslib.exceptions.FormatError
- securesystemslib.exceptions.InvalidNameError
- securesystemslib.formats
- securesystemslib.formats.BOOLEAN_SCHEMA.check_match
- securesystemslib.formats.NAME_SCHEMA.check_match
- securesystemslib.formats.PASSWORD_SCHEMA.check_match
- securesystemslib.formats.PATH_SCHEMA.check_match
- securesystemslib.keys
- securesystemslib.schema
- securesystemslib.schema.AnyString
- securesystemslib.schema.Object
- securesystemslib.schema.Optional
- securesystemslib.schema.String
- securesystemslib.util
- securesystemslib.util.ensure_parent_dir
- securesystemslib.util.get_file_details
- securesystemslib.util.load_json_file