-
Notifications
You must be signed in to change notification settings - Fork 20
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
First pass at implementing TUF sync algorithm for root.json.
WIP towards #60 Signed-off-by: Patrick Flynn <patrick@chainguard.dev>
- Loading branch information
Patrick Flynn
committed
Sep 9, 2022
1 parent
cb60f1d
commit df0ba4b
Showing
47 changed files
with
2,762 additions
and
153 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
42 changes: 42 additions & 0 deletions
42
sigstore-java/src/main/java/dev/sigstore/tuf/MetaFileExceedsMaxException.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
/* | ||
* Copyright 2022 The Sigstore Authors. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
package dev.sigstore.tuf; | ||
|
||
/** | ||
* Thrown when the Meta File exceeds the max allowable file size as configured in the {@link | ||
* TufClient} | ||
*/ | ||
public class MetaFileExceedsMaxException extends TufException { | ||
|
||
private String fileUrl; | ||
private int maxSize; | ||
|
||
public MetaFileExceedsMaxException(String fileUrl, int maxSize) { | ||
super( | ||
String.format( | ||
"The file at %s exceeds the client's max file size limit (%d)", fileUrl, maxSize)); | ||
this.fileUrl = fileUrl; | ||
this.maxSize = maxSize; | ||
} | ||
|
||
public String getFileUrl() { | ||
return fileUrl; | ||
} | ||
|
||
public int getMaxSize() { | ||
return maxSize; | ||
} | ||
} |
36 changes: 36 additions & 0 deletions
36
sigstore-java/src/main/java/dev/sigstore/tuf/RoleVersionException.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
/* | ||
* Copyright 2022 The Sigstore Authors. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
package dev.sigstore.tuf; | ||
|
||
/** Thrown when the version of the latest downloaded role does not match the expectation. */ | ||
public class RoleVersionException extends TufException { | ||
private int expectedVersion; | ||
private int foundVersion; | ||
|
||
public RoleVersionException(int expectedVersion, int foundVersion) { | ||
super(String.format("Expected version %d but found version %d", expectedVersion, foundVersion)); | ||
this.expectedVersion = expectedVersion; | ||
this.foundVersion = foundVersion; | ||
} | ||
|
||
public int getExpectedVersion() { | ||
return expectedVersion; | ||
} | ||
|
||
public int getFoundVersion() { | ||
return foundVersion; | ||
} | ||
} |
51 changes: 51 additions & 0 deletions
51
sigstore-java/src/main/java/dev/sigstore/tuf/RootExpiredException.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
/* | ||
* Copyright 2022 The Sigstore Authors. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
package dev.sigstore.tuf; | ||
|
||
import java.time.ZonedDateTime; | ||
|
||
/** | ||
* Thrown when the local trusted root is expired and no valid root is found on the remote mirror. | ||
*/ | ||
public class RootExpiredException extends TufException { | ||
private String rootUrl; | ||
private ZonedDateTime updateTime; | ||
private ZonedDateTime rootExpirationTime; | ||
|
||
public RootExpiredException( | ||
String rootUrl, ZonedDateTime updateTime, ZonedDateTime rootExpirationTime) { | ||
super( | ||
String.format( | ||
"Trusted root metadata is expired but no new versions are available at the " | ||
+ "mirror URL:(%s)\n update start time: %tc\n expired time: %tc)", | ||
rootUrl, updateTime, rootExpirationTime)); | ||
this.rootUrl = rootUrl; | ||
this.updateTime = updateTime; | ||
this.rootExpirationTime = rootExpirationTime; | ||
} | ||
|
||
public String getRootUrl() { | ||
return rootUrl; | ||
} | ||
|
||
public ZonedDateTime getUpdateTime() { | ||
return updateTime; | ||
} | ||
|
||
public ZonedDateTime getRootExpirationTime() { | ||
return rootExpirationTime; | ||
} | ||
} |
30 changes: 30 additions & 0 deletions
30
sigstore-java/src/main/java/dev/sigstore/tuf/SignatureVerificationException.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
/* | ||
* Copyright 2022 The Sigstore Authors. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
package dev.sigstore.tuf; | ||
|
||
/** Thrown when the metadata has not been signed by enough of the allowed keys. */ | ||
public class SignatureVerificationException extends TufException { | ||
final int requiredSignatures, verifiedSignatures; | ||
|
||
public SignatureVerificationException(int requiredSignatures, int verifiedSignatures) { | ||
super( | ||
String.format( | ||
"The role has not been signed by enough keys. [Theshold: %d, Actual: %d]", | ||
requiredSignatures, verifiedSignatures)); | ||
this.requiredSignatures = requiredSignatures; | ||
this.verifiedSignatures = verifiedSignatures; | ||
} | ||
} |
Oops, something went wrong.