How to use the securesystemslib.schema.Object function in securesystemslib
To help you get started, we’ve selected a few securesystemslib examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
secure-systems-lab / securesystemslib / tests / test_schema.py View on Github 
def test_Optional(self):
# Test conditions for valid arguments.
optional_schema = SCHEMA.Object(k1=SCHEMA.String('X'),
k2=SCHEMA.Optional(SCHEMA.String('Y')))
self.assertTrue(optional_schema.matches({'k1': 'X', 'k2': 'Y'}))
self.assertTrue(optional_schema.matches({'k1': 'X'}))
# Test conditions for invalid arguments.
self.assertFalse(optional_schema.matches({'k1': 'X', 'k2': 'Z'}))
# Test conditions for invalid arguments in a schema definition.
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.Optional, 1)
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.Optional, [1])
self.assertRaises(securesystemslib.exceptions.FormatError,
SCHEMA.Optional, {'a': 1})private = SCHEMA.String("")
)
)
GPG_RSA_PUBKEY_SCHEMA = _create_gpg_pubkey_with_subkey_schema(
_GPG_RSA_PUBKEY_SCHEMA)
GPG_DSA_PUBKEYVAL_SCHEMA = SCHEMA.Object(
object_name = "GPG_DSA_PUBKEYVAL_SCHEMA",
y = HEX_SCHEMA,
p = HEX_SCHEMA,
q = HEX_SCHEMA,
g = HEX_SCHEMA
)
# C.f. comment above _GPG_RSA_PUBKEY_SCHEMA definition
_GPG_DSA_PUBKEY_SCHEMA = SCHEMA.Object(
object_name = "GPG_DSA_PUBKEY_SCHEMA",
type = SCHEMA.String("dsa"),
method = SCHEMA.String(GPG_DSA_PUBKEY_METHOD_STRING),
hashes = SCHEMA.ListOf(SCHEMA.String(GPG_HASH_ALGORITHM_STRING)),
creation_time = SCHEMA.Optional(UNIX_TIMESTAMP_SCHEMA),
validity_period = SCHEMA.Optional(SCHEMA.Integer(lo=0)),
keyid = KEYID_SCHEMA,
keyval = SCHEMA.Object(
public = GPG_DSA_PUBKEYVAL_SCHEMA,
private = SCHEMA.String("")
)
)
GPG_DSA_PUBKEY_SCHEMA = _create_gpg_pubkey_with_subkey_schema(
_GPG_DSA_PUBKEY_SCHEMA)p = ssl_formats.HEX_SCHEMA,
q = ssl_formats.HEX_SCHEMA,
g = ssl_formats.HEX_SCHEMA
)
# We have to define DSA_PUBKEY_SCHEMA in two steps, because it is
# self-referential. Here we define a shallow _DSA_PUBKEY_SCHEMA, which we use
# below to create the self-referential DSA_PUBKEY_SCHEMA.
_DSA_PUBKEY_SCHEMA = ssl_schema.Object(
object_name = "DSA_PUBKEY_SCHEMA",
type = ssl_schema.String("dsa"),
method = ssl_schema.String(PGP_DSA_PUBKEY_METHOD_STRING),
hashes = ssl_schema.ListOf(ssl_schema.String(GPG_HASH_ALGORITHM_STRING)),
keyid = ssl_formats.KEYID_SCHEMA,
keyval = ssl_schema.Object(
public = DSA_PUBKEYVAL_SCHEMA,
private = ssl_schema.String("")
)
)
DSA_PUBKEY_SCHEMA = _create_pubkey_with_subkey_schema(
_DSA_PUBKEY_SCHEMA)
PUBKEY_SCHEMA = ssl_schema.OneOf([RSA_PUBKEY_SCHEMA,
DSA_PUBKEY_SCHEMA])
SIGNATURE_SCHEMA = ssl_schema.Object(
object_name = "SIGNATURE_SCHEMA",
keyid = ssl_formats.KEYID_SCHEMA,
short_keyid = ssl_schema.Optional(ssl_formats.KEYID_SCHEMA),bad_sigs = KEYIDS_SCHEMA,
unknown_sigs = KEYIDS_SCHEMA,
untrusted_sigs = KEYIDS_SCHEMA)
# An integer representing length. Must be 0, or greater.
LENGTH_SCHEMA = SCHEMA.Integer(lo=0)
# A dict in {'sha256': '23432df87ab..', 'sha512': '34324abc34df..', ...} format.
HASHDICT_SCHEMA = SCHEMA.DictOf(
key_schema = SCHEMA.AnyString(),
value_schema = HASH_SCHEMA)
# Information about target files, like file length and file hash(es). This
# schema allows the storage of multiple hashes for the same file (e.g., sha256
# and sha512 may be computed for the same file and stored).
FILEINFO_SCHEMA = SCHEMA.Object(
object_name = 'FILEINFO_SCHEMA',
length = LENGTH_SCHEMA,
hashes = HASHDICT_SCHEMA,
version = SCHEMA.Optional(METADATAVERSION_SCHEMA),
custom = SCHEMA.Optional(SCHEMA.Object()))
# A dict holding the version or file information for a particular metadata
# role. The dict keys hold the relative file paths, and the dict values the
# corresponding version numbers and/or file information.
FILEINFODICT_SCHEMA = SCHEMA.DictOf(
key_schema = RELPATH_SCHEMA,
value_schema = SCHEMA.OneOf([VERSIONINFO_SCHEMA,
FILEINFO_SCHEMA]))
# A dict holding the information for a particular target / file. The dict keys
# hold the relative file paths, and the dict values the corresponding fileobject_name = "GPG_RSA_PUBKEY_SCHEMA",
type = SCHEMA.String("rsa"),
method = SCHEMA.String(GPG_RSA_PUBKEY_METHOD_STRING),
hashes = SCHEMA.ListOf(SCHEMA.String(GPG_HASH_ALGORITHM_STRING)),
creation_time = SCHEMA.Optional(UNIX_TIMESTAMP_SCHEMA),
validity_period = SCHEMA.Optional(SCHEMA.Integer(lo=0)),
keyid = KEYID_SCHEMA,
keyval = SCHEMA.Object(
public = GPG_RSA_PUBKEYVAL_SCHEMA,
private = SCHEMA.String("")
)
)
GPG_RSA_PUBKEY_SCHEMA = _create_gpg_pubkey_with_subkey_schema(
_GPG_RSA_PUBKEY_SCHEMA)
GPG_DSA_PUBKEYVAL_SCHEMA = SCHEMA.Object(
object_name = "GPG_DSA_PUBKEYVAL_SCHEMA",
y = HEX_SCHEMA,
p = HEX_SCHEMA,
q = HEX_SCHEMA,
g = HEX_SCHEMA
)
# C.f. comment above _GPG_RSA_PUBKEY_SCHEMA definition
_GPG_DSA_PUBKEY_SCHEMA = SCHEMA.Object(
object_name = "GPG_DSA_PUBKEY_SCHEMA",
type = SCHEMA.String("dsa"),
method = SCHEMA.String(GPG_DSA_PUBKEY_METHOD_STRING),
hashes = SCHEMA.ListOf(SCHEMA.String(GPG_HASH_ALGORITHM_STRING)),
creation_time = SCHEMA.Optional(UNIX_TIMESTAMP_SCHEMA),
validity_period = SCHEMA.Optional(SCHEMA.Integer(lo=0)),
keyid = KEYID_SCHEMA,metadata_path = RELPATH_SCHEMA,
targets_path = RELPATH_SCHEMA,
confined_target_dirs = RELPATHS_SCHEMA,
custom = SCHEMA.Optional(SCHEMA.Object()))
# A dictionary of mirrors where the dict keys hold the mirror's name and
# and the dict values the mirror's data (i.e., 'MIRROR_SCHEMA').
# The repository class of 'updater.py' accepts dictionaries
# of this type provided by the TUF client.
MIRRORDICT_SCHEMA = SCHEMA.DictOf(
key_schema = SCHEMA.AnyString(),
value_schema = MIRROR_SCHEMA)
# A Mirrorlist: indicates all the live mirrors, and what documents they
# serve.
MIRRORLIST_SCHEMA = SCHEMA.Object(
object_name = 'MIRRORLIST_SCHEMA',
_type = SCHEMA.String('mirrors'),
version = METADATAVERSION_SCHEMA,
expires = securesystemslib.formats.ISO8601_DATETIME_SCHEMA,
mirrors = SCHEMA.ListOf(MIRROR_SCHEMA))
# Any of the role schemas (e.g., TIMESTAMP_SCHEMA, SNAPSHOT_SCHEMA, etc.)
ANYROLE_SCHEMA = SCHEMA.OneOf([ROOT_SCHEMA, TARGETS_SCHEMA, SNAPSHOT_SCHEMA,
TIMESTAMP_SCHEMA, MIRROR_SCHEMA])
# The format of the resulting "scp config dict" after extraction from the
# push configuration file (i.e., push.cfg). In the case of a config file
# utilizing the scp transfer module, it must contain the 'general' and 'scp'
# sections, where 'general' must contain a 'transfer_module' and
# 'metadata_path' entry, and 'scp' the 'host', 'user', 'identity_file', and
# 'remote_directory' entries.repositories = SCHEMA.ListOf(NAME_SCHEMA),
terminating = BOOLEAN_SCHEMA,
threshold = THRESHOLD_SCHEMA))
# A dict containing the map file (named 'map.json', by default). The format of
# the map file is covered in TAP 4: Multiple repository consensus on entrusted
# targets.
MAPFILE_SCHEMA = SCHEMA.Object(
repositories = REPO_NAMES_TO_MIRRORS_SCHEMA,
mapping = MAPPING_SCHEMA)
# Like ROLEDICT_SCHEMA, except that ROLE_SCHEMA instances are stored in order.
ROLELIST_SCHEMA = SCHEMA.ListOf(ROLE_SCHEMA)
# The delegated roles of a Targets role (a parent).
DELEGATIONS_SCHEMA = SCHEMA.Object(
keys = KEYDICT_SCHEMA,
roles = ROLELIST_SCHEMA)
# The number of hashed bins, or the number of delegated roles. See
# delegate_hashed_bins() in 'repository_tool.py' for an example. Note:
# Tools may require further restrictions on the number of bins, such
# as requiring them to be a power of 2.
NUMBINS_SCHEMA = SCHEMA.Integer(lo=1)
# The fileinfo format of targets specified in the repository and
# developer tools. The second element of this list holds custom data about the
# target, such as file permissions, author(s), last modified, etc.
CUSTOM_SCHEMA = SCHEMA.Object()
PATH_FILEINFO_SCHEMA = SCHEMA.DictOf(
key_schema = RELPATH_SCHEMA,PASSWORD_SCHEMA = SCHEMA.AnyString()
# A list of passwords.
PASSWORDS_SCHEMA = SCHEMA.ListOf(PASSWORD_SCHEMA)
# The actual values of a key, as opposed to meta data such as a key type and
# key identifier ('rsa', 233df889cb). For RSA keys, the key value is a pair of
# public and private keys in PEM Format stored as strings.
KEYVAL_SCHEMA = SCHEMA.Object(
object_name = 'KEYVAL_SCHEMA',
public = SCHEMA.AnyString(),
private = SCHEMA.Optional(SCHEMA.AnyString()))
# Public keys CAN have a private portion (for backwards compatibility) which
# MUST be an empty string
PUBLIC_KEYVAL_SCHEMA = SCHEMA.Object(
object_name = 'KEYVAL_SCHEMA',
public = SCHEMA.AnyString(),
private = SCHEMA.Optional(SCHEMA.String("")))
# Supported securesystemslib key types.
KEYTYPE_SCHEMA = SCHEMA.OneOf(
[SCHEMA.String('rsa'), SCHEMA.String('ed25519'),
SCHEMA.RegularExpression(r'ecdsa-sha2-nistp(256|384)')])
# A generic securesystemslib key. All securesystemslib keys should be saved to
# metadata files in this format.
KEY_SCHEMA = SCHEMA.Object(
object_name = 'KEY_SCHEMA',
keytype = SCHEMA.AnyString(),
scheme = SCHEME_SCHEMA,
keyval = KEYVAL_SCHEMA,_RSA_PUBKEY_SCHEMA)
DSA_PUBKEYVAL_SCHEMA = ssl_schema.Object(
object_name = "DSA_PUBKEYVAL_SCHEMA",
y = ssl_formats.HEX_SCHEMA,
p = ssl_formats.HEX_SCHEMA,
q = ssl_formats.HEX_SCHEMA,
g = ssl_formats.HEX_SCHEMA
)
# We have to define DSA_PUBKEY_SCHEMA in two steps, because it is
# self-referential. Here we define a shallow _DSA_PUBKEY_SCHEMA, which we use
# below to create the self-referential DSA_PUBKEY_SCHEMA.
_DSA_PUBKEY_SCHEMA = ssl_schema.Object(
object_name = "DSA_PUBKEY_SCHEMA",
type = ssl_schema.String("dsa"),
method = ssl_schema.String(PGP_DSA_PUBKEY_METHOD_STRING),
hashes = ssl_schema.ListOf(ssl_schema.String(GPG_HASH_ALGORITHM_STRING)),
creation_time = ssl_schema.Optional(ssl_formats.UNIX_TIMESTAMP_SCHEMA),
validity_period = ssl_schema.Optional(ssl_schema.Integer(lo=0)),
keyid = ssl_formats.KEYID_SCHEMA,
keyval = ssl_schema.Object(
public = DSA_PUBKEYVAL_SCHEMA,
private = ssl_schema.String("")
)
)
DSA_PUBKEY_SCHEMA = _create_pubkey_with_subkey_schema(
_DSA_PUBKEY_SCHEMA)# A dictionary of ROLEDICT, where dictionary keys can be repository names, and
# dictionary values containing information for each role available on the
# repository (corresponding to the repository belonging to named repository in
# the dictionary key)
ROLEDICTDB_SCHEMA = SCHEMA.DictOf(
key_schema = securesystemslib.formats.NAME_SCHEMA,
value_schema = ROLEDICT_SCHEMA)
# Command argument list, as used by the CLI tool.
# Example: {'keytype': ed25519, 'expires': 365,}
COMMAND_SCHEMA = SCHEMA.DictOf(
key_schema = securesystemslib.formats.NAME_SCHEMA,
value_schema = SCHEMA.Any())
# A dictionary holding version information.
VERSION_SCHEMA = SCHEMA.Object(
object_name = 'VERSION_SCHEMA',
major = SCHEMA.Integer(lo=0),
minor = SCHEMA.Integer(lo=0),
fix = SCHEMA.Integer(lo=0))
# A value that is either True or False, on or off, etc.
BOOLEAN_SCHEMA = SCHEMA.Boolean()
# A hexadecimal value in '23432df87ab..' format.
HASH_SCHEMA = SCHEMA.RegularExpression(r'[a-fA-F0-9]+')
# A key identifier (e.g., a hexadecimal value identifying an RSA key).
KEYID_SCHEMA = HASH_SCHEMA
# A list of KEYID_SCHEMA.
KEYIDS_SCHEMA = SCHEMA.ListOf(KEYID_SCHEMA)securesystemslib
A library that provides cryptographic and general-purpose routines for Secure Systems Lab projects at NYU
Package Health Score
78 / 100Popular securesystemslib functions
- securesystemslib.exceptions
- securesystemslib.exceptions.CryptoError
- securesystemslib.exceptions.Error
- securesystemslib.exceptions.FormatError
- securesystemslib.exceptions.InvalidNameError
- securesystemslib.formats
- securesystemslib.formats.BOOLEAN_SCHEMA.check_match
- securesystemslib.formats.NAME_SCHEMA.check_match
- securesystemslib.formats.PASSWORD_SCHEMA.check_match
- securesystemslib.formats.PATH_SCHEMA.check_match
- securesystemslib.keys
- securesystemslib.schema
- securesystemslib.schema.AnyString
- securesystemslib.schema.Object
- securesystemslib.schema.Optional
- securesystemslib.schema.String
- securesystemslib.util
- securesystemslib.util.ensure_parent_dir
- securesystemslib.util.get_file_details
- securesystemslib.util.load_json_file