Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def test_Object(self):
# Test conditions for valid arguments.
object_schema = SCHEMA.Object(a=SCHEMA.AnyString(),
bc=SCHEMA.Struct([SCHEMA.Integer(), SCHEMA.Integer()]))
self.assertTrue(object_schema.matches({'a':'ZYYY', 'bc':[5,9]}))
self.assertTrue(object_schema.matches({'a':'ZYYY', 'bc':[5,9], 'xx':5}))
# Test conditions for invalid arguments.
self.assertFalse(object_schema.matches({'a':'ZYYY', 'bc':[5,9,3]}))
self.assertFalse(object_schema.matches({'a':'ZYYY'}))
# Test conditions for invalid arguments in a schema definition.
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.Object, a='a')
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.Object, a=[1])
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.Object, a=SCHEMA.AnyString(), b=1)
NOTE: Step names must be unique within a layout, which is enforced by
they layout's validate method. However, if validate has not been called,
there might be multiple steps with the same name. The method removes
all steps with the passed name.
step_name:
A step name.
securesystemslib.exceptions.FormatError
If the passed step name is not a string.
"""
securesystemslib.schema.AnyString().check_match(step_name)
for step in self.steps:
if step.name == step_name:
self.steps.remove(step)
there may be multiple steps with the same name. In that case only
the first step with the passed name is returned.
step_name:
A step name.
securesystemslib.exceptions.FormatError
If the passed step name is not a string.
A step object.
"""
securesystemslib.schema.AnyString().check_match(step_name)
for step in self.steps: # pragma: no branch
if step.name == step_name:
return step
ISO8601_DATETIME_SCHEMA = SCHEMA.RegularExpression(r'\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z')
# An integer representing the numbered version of a metadata file.
# Must be 1, or greater.
METADATAVERSION_SCHEMA = SCHEMA.Integer(lo=0)
# A relative file path (e.g., 'metadata/root/').
RELPATH_SCHEMA = SCHEMA.AnyString()
RELPATHS_SCHEMA = SCHEMA.ListOf(RELPATH_SCHEMA)
VERSIONINFO_SCHEMA = SCHEMA.Object(
object_name = 'VERSIONINFO_SCHEMA',
version = METADATAVERSION_SCHEMA)
# A string representing a role's name.
ROLENAME_SCHEMA = SCHEMA.AnyString()
# A role's threshold value (i.e., the minimum number
# of signatures required to sign a metadata file).
# Must be 1 and greater.
THRESHOLD_SCHEMA = SCHEMA.Integer(lo=1)
# A hexadecimal value in '23432df87ab..' format.
HEX_SCHEMA = SCHEMA.RegularExpression(r'[a-fA-F0-9]+')
# A path hash prefix is a hexadecimal string.
PATH_HASH_PREFIX_SCHEMA = HEX_SCHEMA
# A list of path hash prefixes.
PATH_HASH_PREFIXES_SCHEMA = SCHEMA.ListOf(PATH_HASH_PREFIX_SCHEMA)
# Role object in {'keyids': [keydids..], 'name': 'ABC', 'threshold': 1,
in_toto.formats..check_match()
in_toto.formats..matches()
`check_match` raises a securesystemslib.exceptions.FormatError and `matches`
returns False if the verified object does not match the schema (True
otherwise).
"""
import securesystemslib.schema as ssl_schema
# pylint: disable=bad-whitespace
PARAMETER_DICTIONARY_KEY = ssl_schema.RegularExpression(r'[a-zA-Z0-9_-]+')
PARAMETER_DICTIONARY_SCHEMA = ssl_schema.DictOf(
key_schema = PARAMETER_DICTIONARY_KEY,
value_schema = ssl_schema.AnyString())
# The minimum number of bits for an RSA key. Must be 2048 bits, or greater
# (recommended by TUF). Recommended RSA key sizes:
# http://www.emc.com/emc-plus/rsa-labs/historical/twirl-and-rsa-key-size.htm#table1
RSAKEYBITS_SCHEMA = SCHEMA.Integer(lo=2048)
# The supported ECDSA signature schemes
ECDSA_SCHEME_SCHEMA = SCHEMA.RegularExpression(r'ecdsa-sha2-nistp(256|384)')
# A pyca-cryptography signature.
PYCACRYPTOSIGNATURE_SCHEMA = SCHEMA.AnyBytes()
# An RSA key in PEM format.
PEMRSA_SCHEMA = SCHEMA.AnyString()
# An ECDSA key in PEM format.
PEMECDSA_SCHEMA = SCHEMA.AnyString()
# A string representing a password.
PASSWORD_SCHEMA = SCHEMA.AnyString()
# A list of passwords.
PASSWORDS_SCHEMA = SCHEMA.ListOf(PASSWORD_SCHEMA)
# The actual values of a key, as opposed to meta data such as a key type and
# key identifier ('rsa', 233df889cb). For RSA keys, the key value is a pair of
# public and private keys in PEM Format stored as strings.
KEYVAL_SCHEMA = SCHEMA.Object(
object_name = 'KEYVAL_SCHEMA',
public = SCHEMA.AnyString(),
private = SCHEMA.Optional(SCHEMA.AnyString()))
# Public keys CAN have a private portion (for backwards compatibility) which
meta = FILEINFODICT_SCHEMA)
# Timestamp role: indicates the latest version of the snapshot file.
TIMESTAMP_SCHEMA = SCHEMA.Object(
object_name = 'TIMESTAMP_SCHEMA',
_type = SCHEMA.String('timestamp'),
spec_version = SPECIFICATION_VERSION_SCHEMA,
version = METADATAVERSION_SCHEMA,
expires = securesystemslib.formats.ISO8601_DATETIME_SCHEMA,
meta = FILEDICT_SCHEMA)
# project.cfg file: stores information about the project in a json dictionary
PROJECT_CFG_SCHEMA = SCHEMA.Object(
object_name = 'PROJECT_CFG_SCHEMA',
project_name = SCHEMA.AnyString(),
layout_type = SCHEMA.OneOf([SCHEMA.String('repo-like'), SCHEMA.String('flat')]),
targets_location = securesystemslib.formats.PATH_SCHEMA,
metadata_location = securesystemslib.formats.PATH_SCHEMA,
prefix = securesystemslib.formats.PATH_SCHEMA,
public_keys = securesystemslib.formats.KEYDICT_SCHEMA,
threshold = SCHEMA.Integer(lo = 0, hi = 2)
)
# A schema containing information a repository mirror may require,
# such as a url, the path of the directory metadata files, etc.
MIRROR_SCHEMA = SCHEMA.Object(
object_name = 'MIRROR_SCHEMA',
url_prefix = securesystemslib.formats.URL_SCHEMA,
metadata_path = RELPATH_SCHEMA,
targets_path = RELPATH_SCHEMA,
confined_target_dirs = RELPATHS_SCHEMA,
# valid? This SCHEMA holds this information. See 'sig.py' for
# more information.
SIGNATURESTATUS_SCHEMA = SCHEMA.Object(
object_name = 'SIGNATURESTATUS_SCHEMA',
threshold = SCHEMA.Integer(),
good_sigs = KEYIDS_SCHEMA,
bad_sigs = KEYIDS_SCHEMA,
unknown_sigs = KEYIDS_SCHEMA,
untrusted_sigs = KEYIDS_SCHEMA)
# An integer representing length. Must be 0, or greater.
LENGTH_SCHEMA = SCHEMA.Integer(lo=0)
# A dict in {'sha256': '23432df87ab..', 'sha512': '34324abc34df..', ...} format.
HASHDICT_SCHEMA = SCHEMA.DictOf(
key_schema = SCHEMA.AnyString(),
value_schema = HASH_SCHEMA)
# Information about target files, like file length and file hash(es). This
# schema allows the storage of multiple hashes for the same file (e.g., sha256
# and sha512 may be computed for the same file and stored).
FILEINFO_SCHEMA = SCHEMA.Object(
object_name = 'FILEINFO_SCHEMA',
length = LENGTH_SCHEMA,
hashes = HASHDICT_SCHEMA,
version = SCHEMA.Optional(METADATAVERSION_SCHEMA),
custom = SCHEMA.Optional(SCHEMA.Object()))
# A dict holding the version or file information for a particular metadata
# role. The dict keys hold the relative file paths, and the dict values the
# corresponding version numbers and/or file information.
FILEINFODICT_SCHEMA = SCHEMA.DictOf(