How to use the tuf.repository_tool.import_rsa_publickey_from_file function in tuf
To help you get started, we’ve selected a few tuf examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
theupdateframework / tuf / tests / test_key_revocation_integration.py View on Github 
# Store and return the cryptography keys of the top-level roles, including 1
# delegated role.
role_keys = {}
root_key_file = os.path.join(keystore_directory, 'root_key')
targets_key_file = os.path.join(keystore_directory, 'targets_key')
snapshot_key_file = os.path.join(keystore_directory, 'snapshot_key')
timestamp_key_file = os.path.join(keystore_directory, 'timestamp_key')
delegation_key_file = os.path.join(keystore_directory, 'delegation_key')
role_keys = {'root': {}, 'targets': {}, 'snapshot': {}, 'timestamp': {},
'role1': {}}
# Import the top-level and delegated role public keys.
role_keys['root']['public'] = \
repo_tool.import_rsa_publickey_from_file(root_key_file+'.pub')
role_keys['targets']['public'] = \
repo_tool.import_ed25519_publickey_from_file(targets_key_file + '.pub')
role_keys['snapshot']['public'] = \
repo_tool.import_ed25519_publickey_from_file(snapshot_key_file + '.pub')
role_keys['timestamp']['public'] = \
repo_tool.import_ed25519_publickey_from_file(timestamp_key_file + '.pub')
role_keys['role1']['public'] = \
repo_tool.import_ed25519_publickey_from_file(delegation_key_file + '.pub')
# Import the private keys of the top-level and delegated roles.
role_keys['root']['private'] = \
repo_tool.import_rsa_privatekey_from_file(root_key_file,
EXPECTED_KEYFILE_PASSWORD)
role_keys['targets']['private'] = \
repo_tool.import_ed25519_privatekey_from_file(targets_key_file,
EXPECTED_KEYFILE_PASSWORD)# (1) Load the public and private keys of the top-level roles, and one
# delegated role.
keystore_directory = os.path.join('repository_data', 'keystore')
# Load the public keys.
root_pubkey_path = os.path.join(keystore_directory, 'root_key.pub')
targets_pubkey_path = os.path.join(keystore_directory, 'targets_key.pub')
snapshot_pubkey_path = os.path.join(keystore_directory, 'snapshot_key.pub')
timestamp_pubkey_path = os.path.join(keystore_directory, 'timestamp_key.pub')
role1_pubkey_path = os.path.join(keystore_directory, 'delegation_key.pub')
root_pubkey = repo_tool.import_rsa_publickey_from_file(root_pubkey_path)
targets_pubkey = repo_tool.import_ed25519_publickey_from_file(targets_pubkey_path)
snapshot_pubkey = \
repo_tool.import_ed25519_publickey_from_file(snapshot_pubkey_path)
timestamp_pubkey = \
repo_tool.import_ed25519_publickey_from_file(timestamp_pubkey_path)
role1_pubkey = repo_tool.import_ed25519_publickey_from_file(role1_pubkey_path)
# Load the private keys.
root_privkey_path = os.path.join(keystore_directory, 'root_key')
targets_privkey_path = os.path.join(keystore_directory, 'targets_key')
snapshot_privkey_path = os.path.join(keystore_directory, 'snapshot_key')
timestamp_privkey_path = os.path.join(keystore_directory, 'timestamp_key')
role1_privkey_path = os.path.join(keystore_directory, 'delegation_key')
root_privkey = \
repo_tool.import_rsa_privatekey_from_file(root_privkey_path, 'password')def test_get_delegated_rolenames(self):
# Test normal case.
# Perform two delegations so that get_delegated_rolenames() has roles to
# return.
keystore_directory = os.path.join('repository_data', 'keystore')
public_keypath = os.path.join(keystore_directory, 'root_key.pub')
public_key = repo_tool.import_rsa_publickey_from_file(public_keypath)
target1_filepath = os.path.join(self.targets_directory, 'file1.txt')
target2_filepath = os.path.join(self.targets_directory, 'file2.txt')
# Set needed arguments by delegate().
public_keys = [public_key]
threshold = 1
self.targets_object.delegate('tuf', public_keys, [target1_filepath],
threshold, restricted_paths=None,
path_hash_prefixes=None)
self.targets_object.delegate('warehouse', public_keys, [target2_filepath],
threshold, restricted_paths=None,
path_hash_prefixes=None)
# Test that get_delegated_rolenames returns the expected delegations.
expected_delegated_rolenames = ['targets/tuf/', 'targets/warehouse']public_snap_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'snap.pub')
public_targets_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'targets.pub')
private_time_key = repotool.import_rsa_privatekey_from_file(KEYS_DIR +
'time', password='pw')
private_snap_key = repotool.import_rsa_privatekey_from_file(KEYS_DIR +
'snap', password='pw')
if not online_only:
private_root_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'root', password='pw')
private_targets_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'targets', password='pw')
# Import delegated keys.
public_images_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'images.pub')
public_director_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'director.pub')
public_brakes_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'brakes.pub')
public_acme_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'acme.pub')
public_cell_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'cell.pub')
private_director_key = repotool.import_rsa_privatekey_from_file(KEYS_DIR +
'director', password='pw')
if not online_only:
private_images_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'images', password='pw')
private_brakes_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'brakes', password='pw')public_targets_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'targets.pub')
private_time_key = repotool.import_rsa_privatekey_from_file(KEYS_DIR +
'time', password='pw')
private_snap_key = repotool.import_rsa_privatekey_from_file(KEYS_DIR +
'snap', password='pw')
if not online_only:
private_root_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'root', password='pw')
private_targets_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'targets', password='pw')
# Import delegated keys.
public_images_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'images.pub')
public_director_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'director.pub')
public_brakes_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'brakes.pub')
public_acme_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'acme.pub')
public_cell_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'cell.pub')
private_director_key = repotool.import_rsa_privatekey_from_file(KEYS_DIR +
'director', password='pw')
if not online_only:
private_images_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'images', password='pw')
private_brakes_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'brakes', password='pw')
private_acme_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'acme', password='pw')private_snap_key = repotool.import_rsa_privatekey_from_file(KEYS_DIR +
'snap', password='pw')
if not online_only:
private_root_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'root', password='pw')
private_targets_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'targets', password='pw')
# Import delegated keys.
public_images_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'images.pub')
public_director_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'director.pub')
public_brakes_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'brakes.pub')
public_acme_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'acme.pub')
public_cell_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'cell.pub')
private_director_key = repotool.import_rsa_privatekey_from_file(KEYS_DIR +
'director', password='pw')
if not online_only:
private_images_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'images', password='pw')
private_brakes_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'brakes', password='pw')
private_acme_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'acme', password='pw')
private_cell_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'cell', password='pw')global private_root_key
global private_time_key
global private_snap_key
global private_targets_key
global private_images_key
global private_director_key
global private_brakes_key
global private_acme_key
global private_cell_key
# Import public and private keys from the generated files.
public_root_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'root.pub')
public_time_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'time.pub')
public_snap_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'snap.pub')
public_targets_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'targets.pub')
private_time_key = repotool.import_rsa_privatekey_from_file(KEYS_DIR +
'time', password='pw')
private_snap_key = repotool.import_rsa_privatekey_from_file(KEYS_DIR +
'snap', password='pw')
if not online_only:
private_root_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'root', password='pw')
private_targets_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'targets', password='pw')
# Import delegated keys.
public_images_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'images.pub')global public_director_key
global public_brakes_key
global public_acme_key
global public_cell_key
global private_root_key
global private_time_key
global private_snap_key
global private_targets_key
global private_images_key
global private_director_key
global private_brakes_key
global private_acme_key
global private_cell_key
# Import public and private keys from the generated files.
public_root_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'root.pub')
public_time_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'time.pub')
public_snap_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'snap.pub')
public_targets_key = repotool.import_rsa_publickey_from_file(KEYS_DIR +
'targets.pub')
private_time_key = repotool.import_rsa_privatekey_from_file(KEYS_DIR +
'time', password='pw')
private_snap_key = repotool.import_rsa_privatekey_from_file(KEYS_DIR +
'snap', password='pw')
if not online_only:
private_root_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'root', password='pw')
private_targets_key = repotool.import_rsa_privatekey_from_file(
KEYS_OFFLINE_DIR + 'targets', password='pw')
Popular tuf functions
- tuf.client.updater.Updater
- tuf.Error
- tuf.exceptions
- tuf.exceptions.Error
- tuf.FormatError
- tuf.formats
- tuf.formats.check_signable_object_format
- tuf.formats.PATH_SCHEMA.check_match
- tuf.log.set_log_level
- tuf.repository_tool
- tuf.repository_tool.import_ed25519_privatekey_from_file
- tuf.repository_tool.import_rsa_privatekey_from_file
- tuf.repository_tool.import_rsa_publickey_from_file
- tuf.repository_tool.load_repository
- tuf.RepositoryError
- tuf.roledb
- tuf.roledb.add_role
- tuf.roledb.get_roleinfo
- tuf.roledb.update_roleinfo
- tuf.util.load_json_file