Package dev.sigstore.tuf
Class FileSystemTufStore
- java.lang.Object
-
- dev.sigstore.tuf.FileSystemTufStore
-
- All Implemented Interfaces:
MutableTufStore,TufStore
public class FileSystemTufStore extends java.lang.Object implements MutableTufStore
Uses a local file system directory to store the trusted TUF metadata.
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description voidclearMetaDueToKeyRotation()This clears out the snapshot and timestamp metadata from the store, as required when snapshot or timestamp verification keys have changed as a result of a root update.java.lang.StringgetIdentifier()A generic string for identifying the local store in debug messages.byte[]getTargetFile(java.lang.String targetName)Reads a TUF target file from the local TUF storejava.util.Optional<Snapshot>loadSnapshot()Return the local trusted snapshot metadata if there is any.java.util.Optional<Targets>loadTargets()Return the local trusted targets metadata if there is any.java.util.Optional<Timestamp>loadTimestamp()Return local trusted timestamp metadata if there is any.java.util.Optional<Root>loadTrustedRoot()Local store must have a root that has been blessed safe.static MutableTufStorenewFileSystemStore(java.nio.file.Path repoBaseDir)voidstoreMeta(SignedTufMeta<?> timestamp)Generic method to store one of theSignedTufMetaresources in the local tuf store.voidstoreTargetFile(java.lang.String targetName, byte[] targetContents)Writes a TUF target to the local target store.voidstoreTrustedRoot(Root root)Once you have ascertained that your root is trustworthy use this method to persist it to your local store.
-
-
-
Method Detail
-
newFileSystemStore
public static MutableTufStore newFileSystemStore(java.nio.file.Path repoBaseDir) throws java.io.IOException
- Throws:
java.io.IOException
-
getIdentifier
public java.lang.String getIdentifier()
Description copied from interface:TufStoreA generic string for identifying the local store in debug messages. A file system based implementation might return the path being used for storage, while an in-memory store may just return something like 'in-memory'.- Specified by:
getIdentifierin interfaceTufStore
-
loadTrustedRoot
public java.util.Optional<Root> loadTrustedRoot() throws java.io.IOException
Description copied from interface:TufStoreLocal store must have a root that has been blessed safe.- Specified by:
loadTrustedRootin interfaceTufStore- Throws:
java.io.IOException
-
loadTimestamp
public java.util.Optional<Timestamp> loadTimestamp() throws java.io.IOException
Description copied from interface:TufStoreReturn local trusted timestamp metadata if there is any.- Specified by:
loadTimestampin interfaceTufStore- Throws:
java.io.IOException
-
loadSnapshot
public java.util.Optional<Snapshot> loadSnapshot() throws java.io.IOException
Description copied from interface:TufStoreReturn the local trusted snapshot metadata if there is any.- Specified by:
loadSnapshotin interfaceTufStore- Throws:
java.io.IOException
-
loadTargets
public java.util.Optional<Targets> loadTargets() throws java.io.IOException
Description copied from interface:TufStoreReturn the local trusted targets metadata if there is any.- Specified by:
loadTargetsin interfaceTufStore- Throws:
java.io.IOException
-
storeTargetFile
public void storeTargetFile(java.lang.String targetName, byte[] targetContents) throws java.io.IOExceptionDescription copied from interface:MutableTufStoreWrites a TUF target to the local target store.- Specified by:
storeTargetFilein interfaceMutableTufStore- Parameters:
targetName- the name of the target file to write (e.g. ctfe.pub)targetContents- the content of the target file as bytes- Throws:
java.io.IOException- if an error occurs
-
getTargetFile
public byte[] getTargetFile(java.lang.String targetName) throws java.io.IOExceptionDescription copied from interface:TufStoreReads a TUF target file from the local TUF store- Specified by:
getTargetFilein interfaceTufStore- Parameters:
targetName- the name of the target file to read (e.g. ctfe.pub)- Returns:
- the content of the file as bytes
- Throws:
java.io.IOException- if an error occurs
-
storeMeta
public void storeMeta(SignedTufMeta<?> timestamp) throws java.io.IOException
Description copied from interface:MutableTufStoreGeneric method to store one of theSignedTufMetaresources in the local tuf store.- Specified by:
storeMetain interfaceMutableTufStore- Parameters:
timestamp- the metadata to store- Throws:
java.io.IOException- if writing the resource causes an IO error
-
storeTrustedRoot
public void storeTrustedRoot(Root root) throws java.io.IOException
Description copied from interface:MutableTufStoreOnce you have ascertained that your root is trustworthy use this method to persist it to your local store. This will usually only be called with a root loaded statically from a bundled trusted root, or after the successful verification of an updated root from a mirror.- Specified by:
storeTrustedRootin interfaceMutableTufStore- Parameters:
root- a root that has been proven trustworthy by the client- Throws:
java.io.IOException- since some implementations may persist the root to disk or over the network we throwIOExceptionin case of IO error.- See Also:
- 5.3.8
-
clearMetaDueToKeyRotation
public void clearMetaDueToKeyRotation() throws java.io.IOExceptionDescription copied from interface:MutableTufStoreThis clears out the snapshot and timestamp metadata from the store, as required when snapshot or timestamp verification keys have changed as a result of a root update.- Specified by:
clearMetaDueToKeyRotationin interfaceMutableTufStore- Throws:
java.io.IOException- implementations that read/write IO to clear the data may throwIOException- See Also:
- 5.3.11
-
-