|
| Root (Policy policy=Policy::kRejectAll) |
| An empty Root, that either accepts or rejects everything.
|
|
| Root (RepositoryType repo, const Json::Value &json) |
| A 'real' Root that implements TUF signature validation. More...
|
|
| Root (RepositoryType repo, const Json::Value &json, Root &root) |
|
void | UnpackSignedObject (RepositoryType repo, const Role &role, const Json::Value &signed_object) override |
| Take a JSON blob that contains a signatures/signed component that is supposedly for a given role, and check that is suitably signed. More...
|
|
bool | operator== (const Root &rhs) const |
|
| MetaWithKeys () |
| An empty metadata object that could contain keys.
|
|
| MetaWithKeys (const Json::Value &json) |
| A 'real' metadata object that can contain keys (Root or Targets with delegations) and that implements TUF signature validation. More...
|
|
| MetaWithKeys (RepositoryType repo, const Role &role, const Json::Value &json, const std::shared_ptr< MetaWithKeys > &signer) |
|
void | ParseKeys (RepositoryType repo, const Json::Value &keys) |
|
void | ParseRole (RepositoryType repo, const Json::ValueConstIterator &it, const Role &role, const std::string &meta_role) |
|
bool | operator== (const MetaWithKeys &rhs) const |
|
| BaseMeta (const Json::Value &json) |
|
| BaseMeta (RepositoryType repo, const Role &role, const Json::Value &json, const std::shared_ptr< MetaWithKeys > &signer) |
|
int | version () const |
|
TimeStamp | expiry () const |
|
bool | isExpired (const TimeStamp &now) const |
|
Json::Value | original () const |
|
bool | operator== (const BaseMeta &rhs) const |
|
|
enum | Policy { kRejectAll,
kAcceptAll,
kCheck
} |
|
std::map< KeyId, PublicKey > | keys_ |
|
std::set< std::pair< Role, KeyId > > | keys_for_role_ |
|
std::map< Role, int64_t > | thresholds_for_role_ |
|
int | version_ = {-1} |
|
TimeStamp | expiry_ |
|
Json::Value | original_object_ |
|
static const int64_t | kMinSignatures = 1 |
|
static const int64_t | kMaxSignatures = 1000 |
|
Definition at line 216 of file tuf.h.
◆ Root()
A 'real' Root that implements TUF signature validation.
- Parameters
-
repo | - Repository type (only used to improve the error messages) |
json | - The contents of the 'signed' portion |
Definition at line 12 of file root.cc.
◆ UnpackSignedObject()
void Uptane::Root::UnpackSignedObject |
( |
RepositoryType |
repo, |
|
|
const Role & |
role, |
|
|
const Json::Value & |
signed_object |
|
) |
| |
|
overridevirtual |
Take a JSON blob that contains a signatures/signed component that is supposedly for a given role, and check that is suitably signed.
If it is, it returns the contents of the 'signed' part.
It performs the following checks:
- "_type" matches the given role
- "expires" is in the past (vs 'now')
- The blob has valid signatures from enough keys to cross the threshold for this role
- Parameters
-
repo | - Repository type (only used to improve the error messages) |
role | - The Uptane role of the signed metadata object |
signed_object | |
- Returns
Reimplemented from Uptane::MetaWithKeys.
Definition at line 29 of file root.cc.
The documentation for this class was generated from the following files:
- src/libaktualizr/uptane/tuf.h
- src/libaktualizr/uptane/root.cc