Serialization
tuf.api.serialization
module provides abstract base classes and concrete
implementations to serialize and deserialize TUF metadata.
Any custom de/serialization implementations should inherit from the abstract
base classes defined in this module. The implementations can use the
to_dict()
/from_dict()
implementations available in the Metadata
API objects.
Metadata de/serializers are used to convert to and from wireline formats.
Signed serializers are used to canonicalize data for cryptographic signatures generation and verification.
- exception DeserializationError
Error during deserialization.
- class MetadataDeserializer
Abstract base class for deserialization of Metadata objects.
- class MetadataSerializer
Abstract base class for serialization of Metadata objects.
- exception SerializationError
Error during serialization.
- class SignedSerializer
Abstract base class for serialization of Signed objects.
- abstract serialize(signed_obj)
Serialize Signed object to bytes.
- Parameters:
signed_obj (Signed)
- Return type:
bytes
JSON serialization
tuf.api.serialization.json
module provides concrete implementations to
serialize and deserialize TUF role metadata to and from the JSON wireline
format for transportation, and to serialize the ‘signed’ part of TUF role
metadata to the OLPC Canonical JSON format for signature generation and
verification.
- class CanonicalJSONSerializer
Bases:
SignedSerializer
Provides Signed to OLPC Canonical JSON serialize method.
- serialize(signed_obj)
Serialize Signed object into utf-8 encoded OLPC Canonical JSON bytes.
- Parameters:
signed_obj (Signed)
- Return type:
bytes
- class JSONDeserializer
Bases:
MetadataDeserializer
Provides JSON to Metadata deserialize method.
- class JSONSerializer(compact=False, validate=False)
Bases:
MetadataSerializer
Provides Metadata to JSON serialize method.
- Parameters:
compact (bool) – A boolean indicating if the JSON bytes generated in ‘serialize’ should be compact by excluding whitespace.
validate (bool | None) – Check that the metadata object can be deserialized again without change of contents and thus find common mistakes. This validation might slow down serialization significantly.