Inheritance diagram for Uptane::Root:
Collaboration diagram for Uptane::Root:
Public Member Functions | |
| Root (Policy policy=Policy::kRejectAll) | |
| An empty Root, that either accepts or rejects everything. | |
| Root (RepositoryType repo, const Json::Value &json) | |
| A 'real' Root that implements TUF signature validation. More... | |
| Root (RepositoryType repo, const Json::Value &json, Root &root) | |
| void | UnpackSignedObject (RepositoryType repo, const Role &role, const Json::Value &signed_object) override |
| Take a JSON blob that contains a signatures/signed component that is supposedly for a given role, and check that is suitably signed. More... | |
| bool | operator== (const Root &rhs) const |
 Public Member Functions inherited from Uptane::MetaWithKeys | |
| MetaWithKeys () | |
| An empty metadata object that could contain keys. | |
| MetaWithKeys (const Json::Value &json) | |
| A 'real' metadata object that can contain keys (Root or Targets with delegations) and that implements TUF signature validation. More... | |
| MetaWithKeys (RepositoryType repo, const Role &role, const Json::Value &json, const std::shared_ptr< MetaWithKeys > &signer) | |
| void | ParseKeys (RepositoryType repo, const Json::Value &keys) |
| void | ParseRole (RepositoryType repo, const Json::ValueConstIterator &it, const Role &role, const std::string &meta_role) |
| bool | operator== (const MetaWithKeys &rhs) const |
| Public Member Functions inherited from Uptane::BaseMeta | |
| BaseMeta (const Json::Value &json) | |
| BaseMeta (RepositoryType repo, const Role &role, const Json::Value &json, const std::shared_ptr< MetaWithKeys > &signer) | |
| int | version () const |
| TimeStamp | expiry () const |
| bool | isExpired (const TimeStamp &now) const |
| Json::Value | original () const |
| bool | operator== (const BaseMeta &rhs) const |
Additional Inherited Members | |
| Public Types inherited from Uptane::MetaWithKeys | |
| enum | Policy { kRejectAll, kAcceptAll, kCheck } |
| Protected Attributes inherited from Uptane::MetaWithKeys | |
| std::map< KeyId, PublicKey > | keys_ |
| std::set< std::pair< Role, KeyId > > | keys_for_role_ |
| std::map< Role, int64_t > | thresholds_for_role_ |
| Protected Attributes inherited from Uptane::BaseMeta | |
| int | version_ = {-1} |
| TimeStamp | expiry_ |
| Json::Value | original_object_ |
| Static Protected Attributes inherited from Uptane::MetaWithKeys | |
| static const int64_t | kMinSignatures = 1 |
| static const int64_t | kMaxSignatures = 1000 |
Detailed Description
Constructor & Destructor Documentation
◆ Root()
| Root::Root | ( | RepositoryType | repo, |
| const Json::Value & | json | ||
| ) |
Member Function Documentation
◆ UnpackSignedObject()
|
overridevirtual |
Take a JSON blob that contains a signatures/signed component that is supposedly for a given role, and check that is suitably signed.
If it is, it returns the contents of the 'signed' part.
It performs the following checks:
- "_type" matches the given role
- "expires" is in the past (vs 'now')
- The blob has valid signatures from enough keys to cross the threshold for this role
- Parameters
-
repo - Repository type (only used to improve the error messages) role - The Uptane role of the signed metadata object signed_object
- Returns
Reimplemented from Uptane::MetaWithKeys.
The documentation for this class was generated from the following files:
