Skip to content

Commit

Permalink
SuccinctHashDelegations with unique role name id
Browse files Browse the repository at this point in the history
Add a unique identifier for delegated roles using a succinct hash
delegations. This functionality is required by our implementation of
Delegations.roles where the keys are DelegatedRole.name attributes and
values are DelegatedRole objects and the fact that when succinct hash
delegations are used DelegatedRole.name should be populated with "None".

Mypy complained that it's possible to have DelegatedRole.name with a
value of "None" which is not a string. That's why I had to add special
handling for this special case when succinct hash delegations are used
and return the name of the first bin as the supposed DelegatedRole.name.

Solves: #1943

Signed-off-by: Martin Vrachev <[email protected]>
  • Loading branch information
MVrachev committed Apr 20, 2022
1 parent 2c007bb commit 9efaffa
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 7 deletions.
15 changes: 10 additions & 5 deletions tests/repository_simulator.py
Original file line number Diff line number Diff line change
Expand Up @@ -357,17 +357,22 @@ def add_delegation(
# Create delegation
if delegator.delegations is None:
delegator.delegations = Delegations({}, {})

role_name: str = role.name if role.name is not None else ""
if role.succinct_hash_info:
role_name = role.succinct_hash_info.get_first_bin_name()

# put delegation last by default
delegator.delegations.roles[role.name] = role
delegator.delegations.roles[role_name] = role

# By default add one new key for the role
key, signer = self.create_key()
delegator.add_key(role.name, key)
self.add_signer(role.name, signer)
delegator.add_key(role_name, key)
self.add_signer(role_name, signer)

# Add metadata for the role
if role.name not in self.md_delegates:
self.md_delegates[role.name] = Metadata(targets, {})
if role_name not in self.md_delegates:
self.md_delegates[role_name] = Metadata(targets, {})

def write(self) -> None:
"""Dump current repository metadata to self.dump_dir
Expand Down
12 changes: 10 additions & 2 deletions tuf/api/metadata.py
Original file line number Diff line number Diff line change
Expand Up @@ -1323,6 +1323,10 @@ def to_dict(self) -> Dict[str, Any]:
**self.unrecognized_fields,
}

def get_first_bin_name(self) -> str:
"""Return the name of the first bin"""
return f"{self.bin_name_prefix}-0"

def _calculate_delegation(self, hash_bits_representation: str) -> str:
"""Helper function for find_delegation calculating the actual rolename.
Expand Down Expand Up @@ -1637,9 +1641,13 @@ def from_dict(cls, delegations_dict: Dict[str, Any]) -> "Delegations":
roles_res: Dict[str, DelegatedRole] = {}
for role_dict in roles:
new_role = DelegatedRole.from_dict(role_dict)
if new_role.name in roles_res:
role_name: str = new_role.name if new_role.name is not None else ""
if new_role.succinct_hash_info:
role_name = new_role.succinct_hash_info.get_first_bin_name()

if role_name in roles_res:
raise ValueError(f"Duplicate role {new_role.name}")
roles_res[new_role.name] = new_role
roles_res[role_name] = new_role
# All fields left in the delegations_dict are unrecognized.
return cls(keys_res, roles_res, delegations_dict)

Expand Down

0 comments on commit 9efaffa

Please sign in to comment.