Crate tough

Tough is a client library for TUF repositories.

This client adheres to TUF version 1.0.0, with the following exceptions:

• Delegated roles (and TAP 3) are not yet supported.
• TAP 4 (multiple repository consensus) is not yet supported.

Testing

Unit tests are run in the usual manner: cargo test. Integration tests require noxious-server and are disabled by default behind a feature named integ. To run all tests, including integration tests: cargo test --all-features or cargo test --features 'http,integ'.

Modules

• editor
  Provides a RepositoryEditor object for building and editing TUF repositories.
• error
  Contains the error type for this library.
• key_source
  Provides an abstraction over the source of a signing key. This allows signing keys to be obtained, for example, from local files or from cloud provider key stores.
• schema
  Provides the schema objects as defined by the TUF spec.
• sign
  Provides the Sign trait which abstracts over the method of signing with different key types.

Structs

• Bytes
  A cheaply cloneable and sliceable chunk of contiguous memory.
• DefaultTransport
  A Transport that provides support for both local files and, if the http feature is enabled, HTTP-transported files.
• FilesystemTransport
  Provides a Transport for local files.
• Limits
  Limits used when fetching repository metadata.
• Repository
  A TUF repository.
• RepositoryLoader
  A builder for settings with which to load a Repository. Required settings are provided in the RepositoryLoader::new function. Optional parameters can be added after calling new. Finally, call RepositoryLoader::load to load the Repository.
• TargetName
  Represents the name of a target in the repository. Path-like constructs are resolved (e.g. foo/../bar becomes bar). Certain unsafe names are rejected when constructing a TargetName. Unsafe names include:
• TransportError
  The error type that Transport::fetch returns.

Enums

• ExpirationEnforcement
  Represents whether a Repository should fail to load when metadata is expired (Safe) or whether it should ignore expired metadata (Unsafe). Only use Unsafe if you are sure you need it.
• Prefix
  Use this enum to specify whether or not we should include a prefix in the target name when saving a target.
• TransportErrorKind
  The kind of error that the transport object experienced during fetch.

Traits

• IntoVec
  Fallible byte streams that collect into a Vec<u8>.
• SafeUrlPath
  Converts a file URL into a file path. Needed because url.to_file_path() will decode any percent encoding, which could restore path traversal characters, and url.path() roots paths to ‘/’ on Windows.
• Transport
  A trait to abstract over the method/protocol by which files are obtained.

Attribute Macros

• async_trait