Supporting classes

The Metadata API includes multiple classes that are used by the top-level ones (Root, Timestamp, Snapshot, Targets):

tuf.api.metadata.DelegatedRole

A container with information about a delegated role.

tuf.api.metadata.Delegations

A container object storing information about all delegations.

tuf.api.metadata.Key

A container class representing the public portion of a Key.

tuf.api.metadata.MetaFile

A container with information about a particular metadata file.

tuf.api.metadata.Role

Container that defines which keys are required to sign roles metadata.

tuf.api.metadata.TargetFile

A container with information about a particular target file.

tuf.api.metadata.SuccinctRoles

Succinctly defines a hash bin delegation graph.
class DelegatedRole(name, keyids, threshold, terminating, paths=None, path_hash_prefixes=None, unrecognized_fields=None)

A container with information about a delegated role.

A delegation can happen in two ways:

  • paths is set: delegates targets matching any path pattern in paths

  • path_hash_prefixes is set: delegates targets whose target path hash starts with any of the prefixes in path_hash_prefixes

paths and path_hash_prefixes are mutually exclusive: both cannot be set, at least one of them must be set.

All parameters named below are not just constructor arguments but also instance attributes.

Parameters

  • name (str) – Delegated role name.

  • keyids (List[str]) – Delegated role signing key identifiers.

  • threshold (int) – Number of keys required to sign this role’s metadata.

  • terminating (bool) – True if this delegation terminates a target lookup.

  • paths (Optional[List[str]]) – Path patterns. See note above.

  • path_hash_prefixes (Optional[List[str]]) – Hash prefixes. See note above.

  • unrecognized_fields (Optional[Dict[str, Any]]) – Dictionary of all attributes that are not managed by TUF Metadata API.

Raises

ValueError – Invalid arguments.

is_delegated_path(target_filepath)

Determines whether the given target_filepath is in one of the paths that DelegatedRole is trusted to provide.

The target_filepath and the DelegatedRole paths are expected to be in their canonical forms, so e.g. “a/b” instead of “a//b” . Only “/” is supported as target path separator. Leading separators are not handled as special cases (see TUF specification on targetpath).

Parameters

target_filepath (str) – URL path to a target file, relative to a base targets URL.

Return type

bool

class Delegations(keys, roles=None, succinct_roles=None, unrecognized_fields=None)

A container object storing information about all delegations.

All parameters named below are not just constructor arguments but also instance attributes.

Parameters

  • keys (Dict[str, Key]) – Dictionary of keyids to Keys. Defines the keys used in roles.

  • roles (Optional[Dict[str, DelegatedRole]]) – Ordered dictionary of role names to DelegatedRoles instances. It defines which keys are required to sign the metadata for a specific role. The roles order also defines the order that role delegations are considered during target searches.

  • succinct_roles (Optional[SuccinctRoles]) – Contains succinct information about hash bin delegations. Note that succinct roles is not a TUF specification feature yet and setting succinct_roles to a value makes the resulting metadata non-compliant. The metadata will not be accepted as valid by specification compliant clients such as those built with python-tuf <= 1.1.0. For more information see: https://github.com/theupdateframework/taps/blob/master/tap15.md

  • unrecognized_fields (Optional[Dict[str, Any]]) – Dictionary of all attributes that are not managed by TUF Metadata API

Exactly one of roles and succinct_roles must be set.

Raises

ValueError – Invalid arguments.

Parameters

  • keys (Dict[str, Key]) –

  • roles (Optional[Dict[str, DelegatedRole]]) –

  • succinct_roles (Optional[SuccinctRoles]) –

  • unrecognized_fields (Optional[Dict[str, Any]]) –

get_roles_for_target(target_filepath)

Given target_filepath get names and terminating status of all delegated roles who are responsible for it.

Parameters

target_filepath (str) – URL path to a target file, relative to a base targets URL.

Return type

Iterator[Tuple[str, bool]]

class Key(keyid, keytype, scheme, keyval, unrecognized_fields=None)

A container class representing the public portion of a Key.

Supported key content (type, scheme and keyval) is defined in `` Securesystemslib``.

All parameters named below are not just constructor arguments but also instance attributes.

Parameters

  • keyid (str) – Key identifier that is unique within the metadata it is used in. Keyid is not verified to be the hash of a specific representation of the key.

  • keytype (str) – Key type, e.g. “rsa”, “ed25519” or “ecdsa-sha2-nistp256”.

  • scheme (str) – Signature scheme. For example: “rsassa-pss-sha256”, “ed25519”, and “ecdsa-sha2-nistp256”.

  • keyval (Dict[str, str]) – Opaque key content

  • unrecognized_fields (Optional[Dict[str, Any]]) – Dictionary of all attributes that are not managed by TUF Metadata API

Raises

TypeError – Invalid type for an argument.

classmethod from_securesystemslib_key(key_dict)

Creates a Key object from a securesystemlib key json/dict representation removing the private key from keyval.

Parameters

key_dict (Dict[str, Any]) – Key in securesystemlib dict representation.

Raises

ValueErrorkey_dict value is not following the securesystemslib format.

Return type

Key

to_securesystemslib_key()

Returns a Securesystemslib compatible representation of self.

Return type

Dict[str, Any]

verify_signature(metadata, signed_serializer=None)

Verifies that the metadata.signatures contains a signature made with this key, correctly signing metadata.signed.

Parameters

  • metadata (Metadata) – Metadata to verify

  • signed_serializer (Optional[SignedSerializer]) – SignedSerializer to serialize metadata.signed with. Default is CanonicalJSONSerializer.

Raises

UnsignedMetadataError – The signature could not be verified for a variety of possible reasons: see error message.

Return type

None

class MetaFile(version, length=None, hashes=None, unrecognized_fields=None)

A container with information about a particular metadata file.

All parameters named below are not just constructor arguments but also instance attributes.

Parameters

  • version (int) – Version of the metadata file.

  • length (Optional[int]) – Length of the metadata file in bytes.

  • hashes (Optional[Dict[str, str]]) – Dictionary of hash algorithm names to hashes of the metadata file content.

  • unrecognized_fields (Optional[Dict[str, Any]]) – Dictionary of all attributes that are not managed by TUF Metadata API

Raises

ValueError, TypeError – Invalid arguments.

verify_length_and_hashes(data)

Verifies that the length and hashes of data match expected values.

Parameters

data (Union[bytes, IO[bytes]]) – File object or its content in bytes.

Raises

LengthOrHashMismatchError – Calculated length or hashes do not match expected values or hash algorithm is not supported.

Return type

None

class Role(keyids, threshold, unrecognized_fields=None)

Container that defines which keys are required to sign roles metadata.

Role defines how many keys are required to successfully sign the roles metadata, and which keys are accepted.

All parameters named below are not just constructor arguments but also instance attributes.

Parameters

  • keyids (List[str]) – Roles signing key identifiers.

  • threshold (int) – Number of keys required to sign this role’s metadata.

  • unrecognized_fields (Optional[Dict[str, Any]]) – Dictionary of all attributes that are not managed by TUF Metadata API

Raises

ValueError – Invalid arguments.

class TargetFile(length, hashes, path, unrecognized_fields=None)

A container with information about a particular target file.

All parameters named below are not just constructor arguments but also instance attributes.

Parameters

  • length (int) – Length of the target file in bytes.

  • hashes (Dict[str, str]) – Dictionary of hash algorithm names to hashes of the target file content.

  • path (str) – URL path to a target file, relative to a base targets URL.

  • unrecognized_fields (Optional[Dict[str, Any]]) – Dictionary of all attributes that are not managed by TUF Metadata API

Raises

ValueError, TypeError – Invalid arguments.

property custom: Any

Can be used to provide implementation specific data related to the target. python-tuf does not use or validate this data.

classmethod from_data(target_file_path, data, hash_algorithms=None)

Creates TargetFile object from bytes.

Parameters

  • target_file_path (str) – URL path to a target file, relative to a base targets URL.

  • data (Union[bytes, IO[bytes]]) – Target file content.

  • hash_algorithms (Optional[List[str]]) – Hash algorithms to create the hashes with. If not specified the securesystemslib default hash algorithm is used.

Raises

ValueError – The hash algorithms list contains an unsupported algorithm.

Return type

TargetFile

classmethod from_file(target_file_path, local_path, hash_algorithms=None)

Creates TargetFile object from a file.

Parameters

  • target_file_path (str) – URL path to a target file, relative to a base targets URL.

  • local_path (str) – Local path to target file content.

  • hash_algorithms (Optional[List[str]]) – Hash algorithms to calculate hashes with. If not specified the securesystemslib default hash algorithm is used.

Raises

  • FileNotFoundError – The file doesn’t exist.

  • ValueError – The hash algorithms list contains an unsupported algorithm.

Return type

TargetFile

verify_length_and_hashes(data)

Verifies that length and hashes of data match expected values.

Parameters

data (Union[bytes, IO[bytes]]) – Target file object or its content in bytes.

Raises

LengthOrHashMismatchError – Calculated length or hashes do not match expected values or hash algorithm is not supported.

Return type

None

class SuccinctRoles(keyids, threshold, bit_length, name_prefix, unrecognized_fields=None)

Succinctly defines a hash bin delegation graph.

A SuccinctRoles object describes a delegation graph that covers all targets, distributing them uniformly over the delegated roles (i.e. bins) in the graph.

The total number of bins is 2 to the power of the passed bit_length.

Bin names are the concatenation of the passed name_prefix and a zero-padded hex representation of the bin index separated by a hyphen.

The passed keyids and threshold is used for each bin, and each bin is ‘terminating’.

For details: https://github.com/theupdateframework/taps/blob/master/tap15.md

Parameters

  • keyids (List[str]) – Signing key identifiers for any bin metadata.

  • threshold (int) – Number of keys required to sign any bin metadata.

  • bit_length (int) – Number of bits between 1 and 32.

  • name_prefix (str) – Prefix of all bin names.

  • unrecognized_fields (Optional[Dict[str, Any]]) – Dictionary of all attributes that are not managed by TUF Metadata API.

Raises

ValueError, TypeError, AttributeError – Invalid arguments.

get_role_for_target(target_filepath)

Calculates the name of the delegated role responsible for target_filepath.

The target at path target_filepath is assigned to a bin by casting the left-most bit_length of bits of the file path hash digest to int, using it as bin index between 0 and 2**bit_length - 1.

Parameters

target_filepath (str) – URL path to a target file, relative to a base targets URL.

Return type

str

get_roles()

Yield the names of all different delegated roles one by one.

Return type

Iterator[str]

is_delegated_role(role_name)

Determines whether the given role_name is in one of the delegated roles that SuccinctRoles represents.

Parameters

role_name (str) – The name of the role to check against.

Return type

bool