Targets class

class Targets(version=None, spec_version=None, expires=None, targets=None, delegations=None, unrecognized_fields=None)

A container for the signed part of targets metadata.

Targets contains verifying information about target files and also delegates responsibility to other Targets roles.

All parameters named below are not just constructor arguments but also instance attributes.

Parameters

  • version (Optional[int]) – Metadata version number. Default is 1.

  • spec_version (Optional[str]) – Supported TUF specification version. Default is the version currently supported by the library.

  • expires (Optional[datetime.datetime]) – Metadata expiry date. Default is current date and time.

  • targets (Optional[Dict[str, TargetFile]]) – Dictionary of target filenames to TargetFiles. Default is an empty dictionary.

  • delegations (Optional[Delegations]) – Defines how this Targets delegates responsibility to other Targets Metadata files. Default is None.

  • unrecognized_fields (Optional[Dict[str, Any]]) – Dictionary of all attributes that are not managed by TUF Metadata API

Raises

ValueError – Invalid arguments.

Return type

None

add_key(role, key)

Adds new signing key for delegated role role.

Parameters

  • role (str) – Name of the role, for which key is added.

  • key (Key) – Signing key to be added for role.

Raises

ValueError – If there are no delegated roles or if role is not delegated by this Target.

Return type

None

property expires: datetime.datetime

The metadata expiry date:

# Use 'datetime' module to e.g. expire in seven days from now
obj.expires = utcnow() + timedelta(days=7)
is_expired(reference_time=None)

Checks metadata expiration against a reference time.

Parameters

reference_time (Optional[datetime.datetime]) – Time to check expiration date against. A naive datetime in UTC expected. Default is current UTC date and time.

Returns

True if expiration time is less than the reference time.

Return type

bool

remove_key(role, keyid)

Removes key from delegated role role and updates the delegations key store.

Parameters

  • role (str) – Name of the role, for which a signing key is removed.

  • keyid (str) – Identifier of the key to be removed for role.

Raises

ValueError – If there are no delegated roles or if role is not delegated by this Target or if key is not used by role.

Return type

None