Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Support delegated targets roles in repo writer #175

Merged
merged 48 commits into from
Apr 19, 2022
+1,327 −188
Merged

feat: Support delegated targets roles in repo writer #175

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
48 commits
Select commit Hold shift + click to select a range
302d2fc
Support delegated targets roles in repo writer
ethan-lowman-dd Mar 9, 2022
ab3d2f3
Add back return err in writeTopLevelTargetWithExpires
ethan-lowman-dd Mar 9, 2022
b3ea3ab
Remove space
ethan-lowman-dd Mar 9, 2022
a235746
Move hash bin impl to pkg/targets
ethan-lowman-dd Mar 25, 2022
0facfb0
Fix build after rebase
ethan-lowman-dd Mar 27, 2022
08b738b
Make AddTargetsWithDigest support delegated targets
ethan-lowman-dd Mar 27, 2022
9991710
Remove unused GetPublicKeys
ethan-lowman-dd Mar 27, 2022
619e3b2
Revert "Remove unused GetPublicKeys"
ethan-lowman-dd Mar 27, 2022
087db51
Fix typo
ethan-lowman-dd Mar 27, 2022
c6cabeb
Easier hash bin usage when setting up delegations
ethan-lowman-dd Mar 27, 2022
50f2540
Remove comment that ChangePassphrase doesn't support delegated roles
ethan-lowman-dd Mar 27, 2022
0854893
Update comments
ethan-lowman-dd Mar 27, 2022
759410f
Add API to reset delegations
ethan-lowman-dd Mar 27, 2022
57656df
clean up verifySignatures
ethan-lowman-dd Mar 27, 2022
5a0932d
Fix tests for ChangePassphrase
ethan-lowman-dd Mar 27, 2022
9e694fc
Fix comments
ethan-lowman-dd Mar 27, 2022
4c94b6f
Deduplicate key IDs when setting up hash bins
ethan-lowman-dd Mar 28, 2022
f5f045d
Revert "Revert "Remove unused GetPublicKeys""
ethan-lowman-dd Mar 28, 2022
da82948
Add warning about GetSigners. TODO: fix usage
ethan-lowman-dd Mar 28, 2022
2b81fbe
Clean up some usage of setMetawithSigners
ethan-lowman-dd Mar 28, 2022
601a815
Remove setMetaWithSigners since it's easy to misuse
ethan-lowman-dd Mar 28, 2022
36b49f9
cleanup
ethan-lowman-dd Mar 28, 2022
a44b8e9
cleanup
ethan-lowman-dd Mar 28, 2022
b403fc0
Cleanup usage of delegatorDBs
ethan-lowman-dd Mar 28, 2022
167f279
Simplify AddTargetsWithExpiresToPreferredRole
ethan-lowman-dd Mar 28, 2022
19cb8a4
Remove debugging
ethan-lowman-dd Mar 28, 2022
b95b1e5
Remove targetsMetaWithSigners
ethan-lowman-dd Mar 28, 2022
414a9c3
Fix comment
ethan-lowman-dd Mar 28, 2022
2c35b27
Turn FIXME into an issue
ethan-lowman-dd Mar 29, 2022
1b228ef
Fix comment position
ethan-lowman-dd Mar 29, 2022
eebf224
Remove out-of-place comment
ethan-lowman-dd Mar 29, 2022
c2f8cc6
Add missing hyphen
ethan-lowman-dd Mar 29, 2022
21f9d6c
Test delegations construction more rigorously
ethan-lowman-dd Mar 29, 2022
54b4224
Support removing delegated targets files
ethan-lowman-dd Mar 29, 2022
b28aafe
Fix tests
ethan-lowman-dd Mar 29, 2022
b512eec
Add more tests for delegation
ethan-lowman-dd Mar 29, 2022
bd0f486
Fix unchecked error
ethan-lowman-dd Mar 29, 2022
733c142
Clarify comment
ethan-lowman-dd Mar 29, 2022
56093d4
Better naming
ethan-lowman-dd Mar 29, 2022
b63ab01
Support delegated targets in Sign and AddOrUpdateSignature
ethan-lowman-dd Apr 5, 2022
e14e3e7
Add test for ResetTargetsDelegationsWithExpires
ethan-lowman-dd Apr 5, 2022
ecd63d1
Improve naming of delegation methods
ethan-lowman-dd Apr 8, 2022
17c7318
Update tests for int64 version numbers
ethan-lowman-dd Apr 13, 2022
501b1f5
Add tests for Sign and AddOrUpdateSignature with delegations
ethan-lowman-dd Apr 13, 2022
805310c
Remove unused functions in errors.go
ethan-lowman-dd Apr 13, 2022
6ebf1e8
Remove commented out test code
ethan-lowman-dd Apr 14, 2022
722aa3e
Add test to verify that adding a delegation to an existing role doesn…
ethan-lowman-dd Apr 14, 2022
e481cd3
Fix SignMessage usage in test with new canonicalization pattern
ethan-lowman-dd Apr 14, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 0 additions & 16 deletions client/errors.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,6 @@ package client
import (
"errors"
"fmt"

"github.com/theupdateframework/go-tuf/verify"
)

var (
Expand Down Expand Up @@ -49,20 +47,6 @@ func (e ErrMaxDelegations) Error() string {
return fmt.Sprintf("tuf: max delegation of %d reached searching for %s with snapshot version %d", e.MaxDelegations, e.Target, e.SnapshotVersion)
}

//lint:ignore U1000 unused
func isDecodeFailedWithErrRoleThreshold(err error) bool {
e, ok := err.(ErrDecodeFailed)
if !ok {
return false
}
return isErrRoleThreshold(e.Err)
}

func isErrRoleThreshold(err error) bool {
_, ok := err.(verify.ErrRoleThreshold)
return ok
}

type ErrNotFound struct {
File string
}
Expand Down
8 changes: 8 additions & 0 deletions errors.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,3 +88,11 @@ type ErrPassphraseRequired struct {
func (e ErrPassphraseRequired) Error() string {
return fmt.Sprintf("tuf: a passphrase is required to access the encrypted %s keys file", e.Role)
}

type ErrNoDelegatedTarget struct {
Path string
}

func (e ErrNoDelegatedTarget) Error() string {
return fmt.Sprintf("tuf: no delegated target for path %s", e.Path)
}
6 changes: 3 additions & 3 deletions local_store.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@ import (

"github.com/theupdateframework/go-tuf/data"
"github.com/theupdateframework/go-tuf/encrypted"
"github.com/theupdateframework/go-tuf/internal/roles"
"github.com/theupdateframework/go-tuf/internal/sets"
"github.com/theupdateframework/go-tuf/pkg/keys"
"github.com/theupdateframework/go-tuf/util"
Expand Down Expand Up @@ -43,6 +42,8 @@ type LocalStore interface {
Commit(bool, map[string]int64, map[string]data.Hashes) error

// GetSigners return a list of signers for a role.
// This may include revoked keys, so the signers should not
ethan-lowman-dd marked this conversation as resolved.
Show resolved Hide resolved
// be used without filtering.
ethan-lowman-dd marked this conversation as resolved.
Show resolved Hide resolved
GetSigners(role string) ([]keys.Signer, error)

// SaveSigner adds a signer to a role.
Expand Down Expand Up @@ -222,8 +223,7 @@ func (f *fileSystemStore) stagedDir() string {
}

func isMetaFile(e os.DirEntry) (bool, error) {
hosseinsia marked this conversation as resolved.
Show resolved Hide resolved
name := e.Name()
if e.IsDir() || !(filepath.Ext(name) == ".json" && roles.IsTopLevelManifest(name)) {
if e.IsDir() || filepath.Ext(e.Name()) != ".json" {
return false, nil
}

Expand Down
Loading