Root class

class Root(version, spec_version, expires, keys, roles, consistent_snapshot=None, unrecognized_fields=None)

A container for the signed part of root metadata.

Parameters listed below are also instance attributes.

Parameters

• version (int) – The metadata version number.

• spec_version (str) – The supported TUF specification version number.

• expires (datetime.datetime) – The metadata expiry date.

• keys (Dict[str, Key]) – Dictionary of keyids to Keys. Defines the keys used in ‘roles’.

• roles (Mapping[str, Role]) – Dictionary of role names to Roles. Defines which keys are required to sign the metadata for a specific role.

• consistent_snapshot (Optional[bool]) – Does repository support consistent snapshots.

• unrecognized_fields (Optional[Mapping[str, Any]]) – Dictionary of all unrecognized fields.

add_key(role, key)

Adds new signing key for delegated role ‘role’.

Parameters

• role (str) – The name of the role, for which ‘key’ is added.

• key (Key) – The signing key to be added for ‘role’.

Raises

ValueError – If ‘role’ doesn’t exist.

Return type

None

remove_key(role, keyid)

Removes key from ‘role’ and updates the key store.

Parameters

• role (str) – The name of the role, for which a signing key is removed.

• key – The identifier of the key to be removed for ‘role’.

• keyid (str) –

Raises

ValueError – If ‘role’ doesn’t exist or if ‘role’ doesn’t include the key.

Return type

None