# This is a combination of 10 commits.

# This is the 1st commit message: [Delegations prereq] Use a verify.DB for delegation in client Splitting up theupdateframework#175 # This is the commit message theupdateframework#2: stash # This is the commit message theupdateframework#3: Add tests to make sure the top level targets 'delegation' edge has associated keys. Make NewDelegationsIterator return an error if the passed DB is missing the top level targets role # This is the commit message theupdateframework#4: [Delegations prereq] Make signers addressible by key ID in LocalStore Splitting up theupdateframework#175 # This is the commit message theupdateframework#5: Clarify naming # This is the commit message theupdateframework#6: Add local_store_test.go # This is the commit message theupdateframework#7: Another test case # This is the commit message theupdateframework#8: [Delegations prereq] Use a verify.DB for delegation in client Splitting up theupdateframework#175 # This is the commit message theupdateframework#9: stash # This is the commit message theupdateframework#10: Add tests to make sure the top level targets 'delegation' edge has associated keys. Make NewDelegationsIterator return an error if the passed DB is missing the top level targets role
mnm678 · Mar 9, 2022 · f1b0f9c · f1b0f9c
1 parent 8731be0
commit f1b0f9c
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 16 deletions.
diff --git a/client/delegations.go b/client/delegations.go
@@ -20,7 +20,11 @@ func (c *Client) getTargetFileMeta(target string) (data.TargetFileMeta, error) {
 	// - filter delegations with paths or path_hash_prefixes matching searched target
 	// - 5.6.7.1 cycles protection
 	// - 5.6.7.2 terminations
-	delegations := targets.NewDelegationsIterator(target, c.db)
+	delegations, err := targets.NewDelegationsIterator(target, c.db)
+	if err != nil {
+		return data.TargetFileMeta{}, err
+	}
+
 	for i := 0; i < c.MaxDelegations; i++ {
 		d, ok := delegations.Next()
 		if !ok {

diff --git a/pkg/targets/delegation.go b/pkg/targets/delegation.go
@@ -24,20 +24,20 @@ var ErrTopLevelTargetsRoleMissing = errors.New("tuf: top level targets role miss
 
 // NewDelegationsIterator initialises an iterator with a first step
 // on top level targets.
-func NewDelegationsIterator(target string, topLevelKeysDB *verify.DB) *delegationsIterator {
-	role := topLevelKeysDB.GetRole("targets")
-	keyIDs := []string{}
-	if role != nil {
-		keyIDs = sets.StringSetToSlice(role.KeyIDs)
+func NewDelegationsIterator(target string, topLevelKeysDB *verify.DB) (*delegationsIterator, error) {
+	targetsRole := topLevelKeysDB.GetRole("targets")
+	if targetsRole == nil {
+		return nil, ErrTopLevelTargetsRoleMissing
 	}
 
 	i := &delegationsIterator{
 		target: target,
 		stack: []Delegation{
 			{
 				Delegatee: data.DelegatedRole{
-					Name:   "targets",
-					KeyIDs: keyIDs,
+					Name:      "targets",
+					KeyIDs:    sets.StringSetToSlice(targetsRole.KeyIDs),
+					Threshold: targetsRole.Threshold,
 				},
 				DB: topLevelKeysDB,
 			},

diff --git a/pkg/targets/delegation_test.go b/pkg/targets/delegation_test.go
@@ -14,7 +14,20 @@ var (
 )
 
 func TestDelegationsIterator(t *testing.T) {
-	defaultKeyIDs := []string{"26b878ad73362774b8b69dd4fdeb2cc6a2688e4133ed5ace9e18a06e9d998a6d"}
+	topTargetsPubKey := &data.PublicKey{
+		Type:       data.KeyTypeEd25519,
+		Scheme:     data.KeySchemeEd25519,
+		Algorithms: data.HashAlgorithms,
+		Value:      []byte(`{"public":"aaaaec567e5901ba3976c34f7cd5169704292439bf71e6aa19c64b96706f95ef"}`),
+	}
+	delTargetsPubKey := &data.PublicKey{
+		Type:       data.KeyTypeEd25519,
+		Scheme:     data.KeySchemeEd25519,
+		Algorithms: data.HashAlgorithms,
+		Value:      []byte(`{"public":"bbbbec567e5901ba3976c34f7cd5169704292439bf71e6aa19c64b96706f95ef"}`),
+	}
+
+	defaultKeyIDs := delTargetsPubKey.IDs()
 	var iteratorTests = []struct {
 		testName    string
 		roles       map[string][]data.DelegatedRole
@@ -188,16 +201,15 @@ func TestDelegationsIterator(t *testing.T) {
 
 	for _, tt := range iteratorTests {
 		t.Run(tt.testName, func(t *testing.T) {
-			flattened := []data.DelegatedRole{}
-			for _, roles := range tt.roles {
-				flattened = append(flattened, roles...)
-			}
-			db, err := verify.NewDBFromDelegations(&data.Delegations{
-				Roles: flattened,
+			topLevelDB := verify.NewDB()
+			topLevelDB.AddKey(topTargetsPubKey.IDs()[0], topTargetsPubKey)
+			topLevelDB.AddRole("targets", &data.Role{
+				KeyIDs:    topTargetsPubKey.IDs(),
+				Threshold: 1,
 			})
 
+			d, err := NewDelegationsIterator(tt.file, topLevelDB)
 			assert.NoError(t, err)
-			d := NewDelegationsIterator(tt.file, db)
 
 			var iterationOrder []string
 			for {