Skip to main content

Database

tuf::database

Struct Database 

Source 
pub struct Database<D: Pouf> { /* private fields */ }
Expand description

Contains trusted TUF metadata and can be used to verify other metadata and targets.

Implementations§

Source§

impl<D: Pouf> Database<D>

Source

pub fn from_root_with_trusted_keys<'a, I>( raw_root: &RawSignedMetadata<D, RootMetadata>, root_threshold: u32, root_keys: I, ) -> Result<Self>
where I: IntoIterator<Item = &'a PublicKey>,

Create a new Database struct from a set of trusted root keys that are used to verify the signed metadata. The signed root metadata must be signed with at least a root_threshold of the provided root_keys. It is not necessary for the root metadata to contain these keys.

Source

pub fn from_trusted_root( raw_root: &RawSignedMetadata<D, RootMetadata>, ) -> Result<Self>

Create a new Database struct from a piece of metadata that is assumed to be trusted.

WARNING: This is trust-on-first-use (TOFU) and offers weaker security guarantees than the related method Database::from_root_with_trusted_keys because this method needs to deserialize raw_root before we have verified it has been signed properly. This exposes us to potential parser exploits. This method should only be used if the metadata is loaded from a trusted source.

Source

pub fn from_metadata_with_trusted_keys<'a, I>( metadata_set: &RawSignedMetadataSet<D>, root_threshold: u32, root_keys: I, ) -> Result<Self>
where I: IntoIterator<Item = &'a PublicKey>,

Create a new Database struct from a set of metadata that is assumed to be trusted. The signed root metadata in the metadata_set must be signed with at least a root_threshold of the provided root_keys. It is not necessary for the root metadata to contain these keys.

Source

pub fn from_metadata_with_trusted_keys_and_start_time<'a, I>( start_time: &DateTime<Utc>, metadata_set: &RawSignedMetadataSet<D>, root_threshold: u32, root_keys: I, ) -> Result<Self>
where I: IntoIterator<Item = &'a PublicKey>,

Create a new Database struct from a set of metadata that is assumed to be trusted. The signed root metadata in the metadata_set must be signed with at least a root_threshold of the provided root_keys. It is not necessary for the root metadata to contain these keys.

Source

pub fn from_trusted_metadata( metadata_set: &RawSignedMetadataSet<D>, ) -> Result<Self>

Create a new Database struct from a set of metadata that is assumed to be trusted.

WARNING: This is trust-on-first-use (TOFU) and offers weaker security guarantees than the related method Database::from_metadata_with_trusted_keys because this method needs to deserialize the root metadata from metadata_set before we have verified it has been signed properly. This exposes us to potential parser exploits. This method should only be used if the metadata is loaded from a trusted source.

Source

pub fn from_trusted_metadata_with_start_time( metadata_set: &RawSignedMetadataSet<D>, start_time: &DateTime<Utc>, ) -> Result<Self>

Create a new Database struct from a set of metadata that is assumed to be trusted.

WARNING: This is trust-on-first-use (TOFU) and offers weaker security guarantees than the related method Database::from_metadata_with_trusted_keys because this method needs to deserialize the root metadata from metadata_set before we have verified it has been signed properly. This exposes us to potential parser exploits. This method should only be used if the metadata is loaded from a trusted source.

Source

pub fn trusted_root(&self) -> &Verified<RootMetadata>

An immutable reference to the root metadata.

Source

pub fn trusted_targets(&self) -> Option<&Verified<TargetsMetadata>>

An immutable reference to the optional targets metadata.

Source

pub fn trusted_snapshot(&self) -> Option<&Verified<SnapshotMetadata>>

An immutable reference to the optional snapshot metadata.

Source

pub fn trusted_timestamp(&self) -> Option<&Verified<TimestampMetadata>>

An immutable reference to the optional timestamp metadata.

Source

pub fn trusted_delegations( &self, ) -> &HashMap<MetadataPath, Verified<TargetsMetadata>>

An immutable reference to the delegated metadata.

Source

pub fn update_metadata( &mut self, metadata: &RawSignedMetadataSet<D>, ) -> Result<bool>

Verify and update metadata. Returns true if any of the metadata was updated.

Source

pub fn update_metadata_with_start_time( &mut self, metadata: &RawSignedMetadataSet<D>, start_time: &DateTime<Utc>, ) -> Result<bool>

Verify and update metadata. Returns true if any of the metadata was updated.

Source

pub fn update_root( &mut self, raw_root: &RawSignedMetadata<D, RootMetadata>, ) -> Result<()>

Verify and update the root metadata.

Source

pub fn update_timestamp( &mut self, start_time: &DateTime<Utc>, raw_timestamp: &RawSignedMetadata<D, TimestampMetadata>, ) -> Result<Option<&Verified<TimestampMetadata>>>

Verify and update the timestamp metadata.

Returns a reference to the parsed metadata if the metadata was newer.

Source

pub fn update_snapshot( &mut self, start_time: &DateTime<Utc>, raw_snapshot: &RawSignedMetadata<D, SnapshotMetadata>, ) -> Result<bool>

Verify and update the snapshot metadata.

Source

pub fn update_targets( &mut self, start_time: &DateTime<Utc>, raw_targets: &RawSignedMetadata<D, TargetsMetadata>, ) -> Result<bool>

Verify and update the targets metadata.

Source

pub fn update_delegated_targets( &mut self, start_time: &DateTime<Utc>, parent_role: &MetadataPath, role: &MetadataPath, raw_delegated_targets: &RawSignedMetadata<D, TargetsMetadata>, ) -> Result<bool>

Verify and update a delegation metadata.

Source

pub fn target_description( &self, target_path: &TargetPath, ) -> Result<TargetDescription>

Get a reference to the description needed to verify the target defined by the given TargetPath. Returns an Error if the target is not defined in the trusted metadata. This may mean the target exists somewhere in the metadata, but the chain of trust to that target may be invalid or incomplete.

Source

pub fn target_description_with_start_time( &self, start_time: &DateTime<Utc>, target_path: &TargetPath, ) -> Result<TargetDescription>

Get a reference to the description needed to verify the target defined by the given TargetPath. Returns an Error if the target is not defined in the trusted metadata. This may mean the target exists somewhere in the metadata, but the chain of trust to that target may be invalid or incomplete.

Trait Implementations§

Source§

impl<D: Pouf> Clone for Database<D>

Source§

fn clone(&self) -> Self

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<D: Debug + Pouf> Debug for Database<D>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

§

impl<D> Freeze for Database<D>

§

impl<D> RefUnwindSafe for Database<D>
where D: RefUnwindSafe,

§

impl<D> Send for Database<D>
where D: Send,

§

impl<D> Sync for Database<D>

§

impl<D> Unpin for Database<D>
where D: Unpin,

§

impl<D> UnsafeUnpin for Database<D>

§

impl<D> UnwindSafe for Database<D>
where D: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more