Documentation ¶
Index ¶
- func CopyKeys(t *testing.T, from signed.CryptoService, roles ...string) signed.CryptoService
- func CopyRepoMetadata(from map[string][]byte) map[string][]byte
- func CreateKey(cs signed.CryptoService, gun, role, keyAlgorithm string) (data.PublicKey, error)
- func EmptyRepo(gun string, delegationRoles ...string) (*tuf.Repo, signed.CryptoService, error)
- func NewRepoMetadata(gun string, delegationRoles ...string) (map[string][]byte, signed.CryptoService, error)
- func Serialize(sRoot, sTargets, sSnapshot, sTimestamp *data.Signed) (root, targets, snapshot, timestamp []byte, err error)
- func Sign(repo *tuf.Repo) (root, targets, snapshot, timestamp *data.Signed, err error)
- func SignAndSerialize(tufRepo *tuf.Repo) (map[string][]byte, error)
- type CorruptingMemoryStore
- type ErrNoKeyForRole
- type LongMemoryStore
- type MetadataSwizzler
- func (m *MetadataSwizzler) AddExtraSpace(role string) error
- func (m *MetadataSwizzler) ChangeRootKey() error
- func (m *MetadataSwizzler) ExpireMetadata(role string) error
- func (m *MetadataSwizzler) InvalidateMetadataSignatures(role string) error
- func (m *MetadataSwizzler) MutateRoot(mutate func(*data.Root)) error
- func (m *MetadataSwizzler) MutateSnapshot(mutate func(*data.Snapshot)) error
- func (m *MetadataSwizzler) MutateTargets(mutate func(*data.Targets)) error
- func (m *MetadataSwizzler) MutateTimestamp(mutate func(*data.Timestamp)) error
- func (m *MetadataSwizzler) OffsetMetadataVersion(role string, offset int) error
- func (m *MetadataSwizzler) RemoveMetadata(role string) error
- func (m *MetadataSwizzler) RotateKey(role string, key data.PublicKey) error
- func (m *MetadataSwizzler) SetInvalidJSON(role string) error
- func (m *MetadataSwizzler) SetInvalidMetadataType(role string) error
- func (m *MetadataSwizzler) SetInvalidSigned(role string) error
- func (m *MetadataSwizzler) SetInvalidSignedMeta(role string) error
- func (m *MetadataSwizzler) SetThreshold(role string, newThreshold int) error
- func (m *MetadataSwizzler) SignMetadataWithInvalidKey(role string) error
- func (m *MetadataSwizzler) UpdateSnapshotHashes(roles ...string) error
- func (m *MetadataSwizzler) UpdateTimestampHash() error
- type ShortMemoryStore
- type TestBootstrapper
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CopyKeys ¶ added in v0.3.0
func CopyKeys(t *testing.T, from signed.CryptoService, roles ...string) signed.CryptoService
CopyKeys copies keys of a particular role to a new cryptoservice, and returns that cryptoservice
func CopyRepoMetadata ¶
CopyRepoMetadata makes a copy of a metadata->bytes mapping
func CreateKey ¶ added in v0.3.0
CreateKey creates a new key inside the cryptoservice for the given role and gun, returning the public key. If the role is a root role, create an x509 key.
func EmptyRepo ¶
EmptyRepo creates an in memory crypto service and initializes a repo with no targets. Delegations are only created if delegation roles are passed in.
func NewRepoMetadata ¶
func NewRepoMetadata(gun string, delegationRoles ...string) (map[string][]byte, signed.CryptoService, error)
NewRepoMetadata creates a TUF repo and returns the metadata
func Serialize ¶
func Serialize(sRoot, sTargets, sSnapshot, sTimestamp *data.Signed) (root, targets, snapshot, timestamp []byte, err error)
Serialize takes the Signed objects for the 4 top level roles and serializes them all to JSON
Types ¶
type CorruptingMemoryStore ¶
type CorruptingMemoryStore struct {
store.MemoryStore
}
CorruptingMemoryStore corrupts all data returned by GetMeta
func NewCorruptingMemoryStore ¶
func NewCorruptingMemoryStore(meta map[string][]byte) *CorruptingMemoryStore
NewCorruptingMemoryStore returns a new instance of memory store that corrupts all data requested from it.
type ErrNoKeyForRole ¶
type ErrNoKeyForRole struct {
Role string
}
ErrNoKeyForRole returns an error when the cryptoservice provided to MetadataSwizzler has no key for a particular role
func (ErrNoKeyForRole) Error ¶
func (e ErrNoKeyForRole) Error() string
type LongMemoryStore ¶
type LongMemoryStore struct {
store.MemoryStore
}
LongMemoryStore corrupts all data returned by GetMeta
func NewLongMemoryStore ¶
func NewLongMemoryStore(meta map[string][]byte) *LongMemoryStore
NewLongMemoryStore returns a new instance of memory store that returns one byte too much data on any request to GetMeta
type MetadataSwizzler ¶
type MetadataSwizzler struct { Gun string MetadataCache store.MetadataStore CryptoService signed.CryptoService Roles []string // list of Roles in the metadataStore }
MetadataSwizzler fuzzes the metadata in a MetadataStore
func NewMetadataSwizzler ¶
func NewMetadataSwizzler(gun string, initialMetadata map[string][]byte, cryptoService signed.CryptoService) *MetadataSwizzler
NewMetadataSwizzler returns a new swizzler when given a gun, mapping of roles to initial metadata bytes, and a cryptoservice
func (*MetadataSwizzler) AddExtraSpace ¶
func (m *MetadataSwizzler) AddExtraSpace(role string) error
AddExtraSpace adds an extra space to the beginning and end of the serialized JSON bytes, which should not affect serialization, but will change the checksum of the file.
func (*MetadataSwizzler) ChangeRootKey ¶
func (m *MetadataSwizzler) ChangeRootKey() error
ChangeRootKey swaps out the root key with a new key, and re-signs the metadata with the new key
func (*MetadataSwizzler) ExpireMetadata ¶
func (m *MetadataSwizzler) ExpireMetadata(role string) error
ExpireMetadata expires the metadata, which would make it invalid - don't do anything if we don't have the timestamp key
func (*MetadataSwizzler) InvalidateMetadataSignatures ¶
func (m *MetadataSwizzler) InvalidateMetadataSignatures(role string) error
InvalidateMetadataSignatures signs with the right key(s) but wrong hash
func (*MetadataSwizzler) MutateRoot ¶
func (m *MetadataSwizzler) MutateRoot(mutate func(*data.Root)) error
MutateRoot takes a function that mutates the root metadata - once done, it serializes the root again
func (*MetadataSwizzler) MutateSnapshot ¶
func (m *MetadataSwizzler) MutateSnapshot(mutate func(*data.Snapshot)) error
MutateSnapshot takes a function that mutates the snapshot metadata - once done, it serializes the snapshot again
func (*MetadataSwizzler) MutateTargets ¶
func (m *MetadataSwizzler) MutateTargets(mutate func(*data.Targets)) error
MutateTargets takes a function that mutates the targets metadata - once done, it serializes the targets again
func (*MetadataSwizzler) MutateTimestamp ¶
func (m *MetadataSwizzler) MutateTimestamp(mutate func(*data.Timestamp)) error
MutateTimestamp takes a function that mutates the timestamp metadata - once done, it serializes the timestamp again
func (*MetadataSwizzler) OffsetMetadataVersion ¶
func (m *MetadataSwizzler) OffsetMetadataVersion(role string, offset int) error
OffsetMetadataVersion updates the metadata version
func (*MetadataSwizzler) RemoveMetadata ¶
func (m *MetadataSwizzler) RemoveMetadata(role string) error
RemoveMetadata deletes the metadata entirely
func (*MetadataSwizzler) RotateKey ¶ added in v0.3.0
func (m *MetadataSwizzler) RotateKey(role string, key data.PublicKey) error
RotateKey rotates the key for a role - this can invalidate that role's metadata if it is not signed by that key. Particularly if the key being rotated is the root key, because it is not signed by the new key, only the old key.
func (*MetadataSwizzler) SetInvalidJSON ¶
func (m *MetadataSwizzler) SetInvalidJSON(role string) error
SetInvalidJSON corrupts metadata into something that is no longer valid JSON
func (*MetadataSwizzler) SetInvalidMetadataType ¶
func (m *MetadataSwizzler) SetInvalidMetadataType(role string) error
SetInvalidMetadataType unmarshallable, but has the wrong metadata type (not actually a metadata type)
func (*MetadataSwizzler) SetInvalidSigned ¶
func (m *MetadataSwizzler) SetInvalidSigned(role string) error
SetInvalidSigned corrupts the metadata into something that is valid JSON, but not unmarshallable into signed JSON
func (*MetadataSwizzler) SetInvalidSignedMeta ¶
func (m *MetadataSwizzler) SetInvalidSignedMeta(role string) error
SetInvalidSignedMeta corrupts the metadata into something that is unmarshallable as a Signed object, but not unmarshallable into a SignedMeta object
func (*MetadataSwizzler) SetThreshold ¶
func (m *MetadataSwizzler) SetThreshold(role string, newThreshold int) error
SetThreshold sets a threshold for a metadata role - can invalidate metadata for which the threshold is increased, if there aren't enough signatures or can be invalid because the threshold is 0
func (*MetadataSwizzler) SignMetadataWithInvalidKey ¶
func (m *MetadataSwizzler) SignMetadataWithInvalidKey(role string) error
SignMetadataWithInvalidKey signs the metadata with the wrong key
func (*MetadataSwizzler) UpdateSnapshotHashes ¶
func (m *MetadataSwizzler) UpdateSnapshotHashes(roles ...string) error
UpdateSnapshotHashes updates the snapshot to reflect the latest hash changes, to ensure that failure isn't because the snapshot has the wrong hash.
func (*MetadataSwizzler) UpdateTimestampHash ¶
func (m *MetadataSwizzler) UpdateTimestampHash() error
UpdateTimestampHash updates the timestamp to reflect the latest snapshot changes, to ensure that failure isn't because the timestamp has the wrong hash.
type ShortMemoryStore ¶
type ShortMemoryStore struct {
store.MemoryStore
}
ShortMemoryStore corrupts all data returned by GetMeta
func NewShortMemoryStore ¶
func NewShortMemoryStore(meta map[string][]byte) *ShortMemoryStore
NewShortMemoryStore returns a new instance of memory store that returns one byte too little data on any request to GetMeta
type TestBootstrapper ¶ added in v0.3.0
type TestBootstrapper struct {
Booted bool
}
TestBootstrapper is a simple implemented of the Bootstrapper interface to be used for tests
func (*TestBootstrapper) Bootstrap ¶ added in v0.3.0
func (tb *TestBootstrapper) Bootstrap() error
Bootstrap sets Booted to true so tests can confirm it was called