diff --git a/tests/test_api.py b/tests/test_api.py index bc4b0e8698..391b799e20 100755 --- a/tests/test_api.py +++ b/tests/test_api.py @@ -463,52 +463,6 @@ def test_metadata_targets(self): ) - def setup_dict_with_unrecognized_field(self, file_path, field, value): - json_dict = {} - with open(file_path) as f: - json_dict = json.loads(f.read()) - # We are changing the json dict without changing the signature. - # This could be a problem if we want to do verification on this dict. - json_dict["signed"][field] = value - return json_dict - - def test_support_for_unrecognized_fields(self): - for metadata in ["root", "timestamp", "snapshot", "targets"]: - path = os.path.join(self.repo_dir, "metadata", metadata + ".json") - dict1 = self.setup_dict_with_unrecognized_field(path, "f", "b") - # Test that the metadata classes store unrecognized fields when - # initializing and passes them when casting the instance to a dict. - - # Add unrecognized fields to all metadata sub (helper) classes. - if metadata == "root": - for keyid in dict1["signed"]["keys"].keys(): - dict1["signed"]["keys"][keyid]["d"] = "c" - for role_str in dict1["signed"]["roles"].keys(): - dict1["signed"]["roles"][role_str]["e"] = "g" - elif metadata == "targets" and dict1["signed"].get("delegations"): - for keyid in dict1["signed"]["delegations"]["keys"].keys(): - dict1["signed"]["delegations"]["keys"][keyid]["d"] = "c" - new_roles = [] - for role in dict1["signed"]["delegations"]["roles"]: - role["e"] = "g" - new_roles.append(role) - dict1["signed"]["delegations"]["roles"] = new_roles - dict1["signed"]["delegations"]["foo"] = "bar" - - temp_copy = copy.deepcopy(dict1) - metadata_obj = Metadata.from_dict(temp_copy) - - self.assertEqual(dict1["signed"], metadata_obj.signed.to_dict()) - - # Test that two instances of the same class could have different - # unrecognized fields. - dict2 = self.setup_dict_with_unrecognized_field(path, "f2", "b2") - temp_copy2 = copy.deepcopy(dict2) - metadata_obj2 = Metadata.from_dict(temp_copy2) - self.assertNotEqual( - metadata_obj.signed.to_dict(), metadata_obj2.signed.to_dict() - ) - def test_length_and_hash_validation(self): # Test metadata files' hash and length verification. diff --git a/tests/test_metadata_serialization.py b/tests/test_metadata_serialization.py index 920899599b..feb8a7c77e 100644 --- a/tests/test_metadata_serialization.py +++ b/tests/test_metadata_serialization.py @@ -51,8 +51,11 @@ def wrapper(test_cls: "TestSerialization"): class TestSerialization(unittest.TestCase): valid_keys: DataSet = { + # Do we want to add unrecognized fields in the Key class? "all": '{"keytype": "rsa", "scheme": "rsassa-pss-sha256", \ "keyval": {"public": "foo"}}', + "unrecognized field": '{"keytype": "rsa", "scheme": "rsassa-pss-sha256", \ + "keyval": {"public": "foo"}, "foo": "bar"}', } @run_sub_tests_with_dataset(valid_keys) @@ -63,7 +66,8 @@ def test_key_serialization(self, test_case_data: str): valid_roles: DataSet = { - "all": '{"keyids": ["keyid"], "threshold": 3}' + "all": '{"keyids": ["keyid"], "threshold": 3}', + "unrecognized field": '{"keyids": ["keyid"], "threshold": 3, "foo": "bar"}' } @run_sub_tests_with_dataset(valid_roles) @@ -84,6 +88,11 @@ def test_role_serialization(self, test_case_data: str): "keys": {"keyid" : {"keytype": "rsa", "scheme": "rsassa-pss-sha256", "keyval": {"public": "foo"} }}, \ "roles": { "targets": {"keyids": ["keyid"], "threshold": 3} } \ }', + "unrecognized field": '{"_type": "root", "spec_version": "1.0.0", "version": 1, \ + "expires": "2030-01-01T00:00:00Z", "consistent_snapshot": false, \ + "keys": {"keyid" : {"keytype": "rsa", "scheme": "rsassa-pss-sha256", "keyval": {"public": "foo"}}}, \ + "roles": { "targets": {"keyids": ["keyid"], "threshold": 3}}, \ + "foo": "bar"}' } @run_sub_tests_with_dataset(valid_roots) @@ -95,7 +104,9 @@ def test_root_serialization(self, test_case_data: str): valid_metafiles: DataSet = { "all": '{"hashes": {"sha256" : "abc"}, "length": 12, "version": 1}', "no length": '{"hashes": {"sha256" : "abc"}, "version": 1 }', - "no hashes": '{"length": 12, "version": 1}' + "no hashes": '{"length": 12, "version": 1}', + "unrecognized field": '{"hashes": {"sha256" : "abc"}, "length": 12, "version": 1, \ + "foo": "bar"}' } @run_sub_tests_with_dataset(valid_metafiles) @@ -107,7 +118,9 @@ def test_metafile_serialization(self, test_case_data: str): valid_timestamps: DataSet = { "all": '{ "_type": "timestamp", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \ - "meta": {"snapshot.json": {"hashes": {"sha256" : "abc"}, "version": 1}}}' + "meta": {"snapshot.json": {"hashes": {"sha256" : "abc"}, "version": 1}}}', + "unrecognized field": '{ "_type": "timestamp", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \ + "meta": {"snapshot.json": {"hashes": {"sha256" : "abc"}, "version": 1}}, "foo": "bar"}' } @run_sub_tests_with_dataset(valid_timestamps) @@ -119,7 +132,9 @@ def test_timestamp_serialization(self, test_case_data: str): valid_snapshots: DataSet = { "all": '{ "_type": "snapshot", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \ - "meta": { "file.txt": { "hashes": {"sha256" : "abc"}, "version": 1 }}}' + "meta": { "file.txt": { "hashes": {"sha256" : "abc"}, "version": 1 }}}', + "unrecognized field": '{ "_type": "snapshot", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \ + "meta": { "file.txt": { "hashes": {"sha256" : "abc"}, "version": 1 }}, "foo": "bar"}' } @run_sub_tests_with_dataset(valid_snapshots) @@ -138,6 +153,8 @@ def test_snapshot_serialization(self, test_case_data: str): "path_hash_prefixes": ["h1", "h2"], "threshold": 99}', "no hash or path prefix": '{"keyids": ["keyid"], "name": "a", "terminating": true, "threshold": 3}', + "unrecognized field": + '{"keyids": ["keyid"], "name": "a", "terminating": true, "threshold": 3, "foo": "bar"}', } @run_sub_tests_with_dataset(valid_delegated_roles) @@ -149,7 +166,11 @@ def test_delegated_role_serialization(self, test_case_data: str): valid_delegations: DataSet = { "all": '{"keys": {"keyid" : {"keytype": "rsa", "scheme": "rsassa-pss-sha256", "keyval": {"public": "foo"}}}, \ - "roles": [ {"keyids": ["keyid"], "name": "a", "terminating": true, "threshold": 3} ]}' + "roles": [ {"keyids": ["keyid"], "name": "a", "terminating": true, "threshold": 3} ]}', + "unrecognized field": + '{"keys": {"keyid" : {"keytype": "rsa", "scheme": "rsassa-pss-sha256", "keyval": {"public": "foo"}}}, \ + "roles": [ {"keyids": ["keyid"], "name": "a", "terminating": true, "threshold": 3} ], \ + "foo": "bar"}' } @run_sub_tests_with_dataset(valid_delegations) @@ -162,7 +183,9 @@ def test_delegation_serialization(self, test_case_data: str): valid_targetfiles: DataSet = { "all": '{"length": 12, "hashes": {"sha256" : "abc"}, \ "custom" : {"foo": "bar"} }', - "no custom": '{"length": 12, "hashes": {"sha256" : "abc"}}' + "no custom": '{"length": 12, "hashes": {"sha256" : "abc"}}', + "unrecognized field": '{"length": 12, "hashes": {"sha256" : "abc"}, \ + "custom" : {"foo": "bar"}, "foo": "bar"}', } @run_sub_tests_with_dataset(valid_targetfiles) @@ -187,7 +210,9 @@ def test_targetfile_serialization(self, test_case_data: str): }', "no delegations": '{"_type": "targets", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \ "targets": { "file.txt": {"length": 12, "hashes": {"sha256" : "abc"} } } \ - }' + }', + "unrecognized_field": '{"_type": "targets", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \ + "targets": {}, "foo": "bar"}' } @run_sub_tests_with_dataset(valid_targets)