Module tough::schema

source ·
Expand description

Provides the schema objects as defined by the TUF spec.

Modules

  • decoded
    Provides a wrapper and traits for abstracting over decoded keys or different types.
  • key
    Handles cryptographic keys and their serialization in TUF metadata files.

Structs

  • DelegatedRole
    Each role delegated in a targets file is considered a delegated role
  • DelegatedTargets
    Wrapper for Targets so that a Targets role can be given a name
  • Delegations
    Delegations are found in a targets.json file. TUF 4.5: DELEGATIONS is an object whose format is the following:
  • FilesystemTransport
    Provides a Transport for local files.
  • Hashes
    Represents the hash dictionary in a snapshot.json file.
  • PathHashPrefix
    The first characters found in the string representation of a sha256 digest. This can be used for randomly sharding a repository. See [PathSet::PathHashDigest] for the description of how this is used.
  • PathPattern
    A glob-like path pattern for matching delegated targets, e.g. foo/bar/*.
  • RoleKeys
    Represents the key IDs used for a role and the threshold of signatures required to validate it. TUF 4.3: A ROLE is one of “root”, “snapshot”, “targets”, “timestamp”, or “mirrors”. A role for each of “root”, “snapshot”, “timestamp”, and “targets” MUST be specified in the key list. The role of “mirror” is optional. If not specified, the mirror list will not need to be signed if mirror lists are being used. The THRESHOLD for a role is an integer of the number of keys of that role whose signatures are required in order to consider a file as being properly signed by that role.
  • Root
    TUF 4.3: The root.json file is signed by the root role’s keys. It indicates which keys are authorized for all top-level roles, including the root role itself. Revocation and replacement of top-level role keys, including for the root role, is done by changing the keys listed for the roles in this file.
  • Signature
    A signature and the key ID that made it.
  • Signed
    A signed metadata object.
  • Snapshot
    TUF 4.4 The snapshot.json file is signed by the snapshot role. It MUST list the version numbers of the top-level targets metadata and all delegated targets metadata. It MAY also list their lengths and file hashes.
  • SnapshotMeta
    Represents a metadata file in a snapshot.json file. TUF 4.4: METAFILES is an object whose format is the following:
  • Target
    TUF 4.5: TARGETS is an object whose format is the following:
  • Targets
    Represents a targets.json file. TUF 4.5: The “signed” portion of targets.json is as follows:
  • Timestamp
    Represents a timestamp.json file. TUF 4.6: The timestamp file is signed by a timestamp key. It indicates the latest version of the snapshot metadata and is frequently resigned to limit the amount of time a client can be kept unaware of interference with obtaining updates.
  • TimestampMeta
    METAFILES is the same as described for the snapshot.json file. In the case of the timestamp.json file, this MUST only include a description of the snapshot.json file.

Enums

  • Error
    The error type for this library.
  • KeyHolder
    A KeyHolder is metadata that is responsible for verifying the signatures of a role. KeyHolder contains either a Delegations of a Targets or a Root
  • PathSet
    Specifies the target paths that a delegated role controls.
  • RoleId
    A role identifier
  • RoleType
    The type of metadata role.

Traits

  • Role
    Common trait implemented by all roles.
  • Transport
    A trait to abstract over the method/protocol by which files are obtained.

Type Definitions

  • Result
    Alias for Result<T, Error>.