Skip to content

Adopt upstream DSSE model change #2599

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
lukpueh wants to merge 1 commit into from
Closed

Adopt upstream DSSE model change #2599

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 1 addition & 3 deletions tests/test_api.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1233,9 +1233,7 @@ def test_verify_delegate(self) -> None:
envelope.sign(signer)
self.assertTrue(len(envelope.signatures) == 1)

root.verify_delegate(
role.type, envelope.pae(), envelope.signatures_dict
)
root.verify_delegate(role.type, envelope.pae(), envelope.signatures)


# Run unit test.
Expand Down
15 changes: 4 additions & 11 deletions tuf/api/dsse.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
"""Low-level TUF DSSE API. (experimental!)"""

import json
from typing import Dict, Generic, Type, cast
from typing import Generic, Type, cast

from securesystemslib.dsse import Envelope as BaseSimpleEnvelope

Expand Down Expand Up @@ -42,25 +42,18 @@ class SimpleEnvelope(Generic[T], BaseSimpleEnvelope):
delegator.verify_delegate(
role_name,
envelope.pae(), # Note, how we don't pass ``envelope.payload``!
envelope.signatures_dict,
envelope.signatures,
)

Attributes:
payload: Serialized payload bytes.
payload_type: Payload string identifier.
signatures: List of ``Signature`` objects.
signatures_dict: Ordered dictionary of keyids to ``Signature`` objects.
signatures: Dictionary of keyids to ``Signature`` objects

"""

_DEFAULT_PAYLOAD_TYPE = "application/vnd.tuf+json"

@property
def signatures_dict(self) -> Dict:
"""Convenience alias for ``self.signatures`` mapped to keyids."""
# TODO: Propose changing ``signatures`` list to dict upstream
return {sig.keyid: sig for sig in self.signatures}

@classmethod
def from_bytes(cls, data: bytes) -> "SimpleEnvelope[T]":
"""Load envelope from JSON bytes.
Expand Down Expand Up @@ -126,7 +119,7 @@ def from_signed(cls, signed: T) -> "SimpleEnvelope[T]":
except Exception as e:
raise SerializationError from e

return cls(json_bytes, cls._DEFAULT_PAYLOAD_TYPE, [])
return cls(json_bytes, cls._DEFAULT_PAYLOAD_TYPE, {})

def get_signed(self) -> T:
"""Extract and deserialize payload JSON bytes from envelope.
Expand Down
4 changes: 2 additions & 2 deletions tuf/ngclient/_internal/trusted_metadata_set.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -500,7 +500,7 @@ def _load_from_simple_envelope(
if role_name is None:
role_name = role.type
delegator.verify_delegate(
role_name, envelope.pae(), envelope.signatures_dict
role_name, envelope.pae(), envelope.signatures
)

signed = envelope.get_signed()
Expand All @@ -509,4 +509,4 @@ def _load_from_simple_envelope(
f"Expected '{role.type}', got '{signed.type}'"
)

return signed, envelope.pae(), envelope.signatures_dict
return signed, envelope.pae(), envelope.signatures