Trusted_Metadata_Store.md

graph LR
    Trusted_Metadata_Store["Trusted Metadata Store"]
    External_Metadata_Loader["External Metadata Loader"]
    External_Metadata_Loader -- "provides raw, unverified metadata to" --> Trusted_Metadata_Store
    Trusted_Metadata_Store -- "requests metadata from" --> External_Metadata_Loader
    click Trusted_Metadata_Store href "https://github.com/CodeBoarding/GeneratedOnBoardings/blob/main/python-tuf/Trusted_Metadata_Store.md" "Details"

Loading

Details

The TUF client subsystem is primarily composed of two core components: the Trusted Metadata Store and the External Metadata Loader. The External Metadata Loader is responsible for the initial retrieval of raw, unverified TUF metadata from external sources, acting as the data ingress point for the system. This raw metadata is then passed to the Trusted Metadata Store. The Trusted Metadata Store is the central component, tasked with cryptographically verifying, storing, and managing all trusted TUF metadata (root, timestamp, snapshot, and targets). It ensures the integrity and authenticity of the metadata through a series of update and verification processes.

Trusted Metadata Store [Expand]

Manages the client's cryptographically verified TUF metadata, acting as the authoritative repository for root, timestamp, snapshot, and targets metadata. It orchestrates secure updates, performs cryptographic verification, enforces consistency, and serves as the foundational trust anchor for TUF interactions. This component is critical for maintaining the integrity and trustworthiness of the TUF metadata.

Related Classes/Methods:

• tuf.ngclient._internal.trusted_metadata_set.TrustedMetadataSet:94-454
• tuf.ngclient._internal.trusted_metadata_set.update_root:166-202
• tuf.ngclient._internal.trusted_metadata_set.update_timestamp:204-268
• tuf.ngclient._internal.trusted_metadata_set._check_final_timestamp:270-274
• tuf.ngclient._internal.trusted_metadata_set.update_snapshot:276-355
• tuf.ngclient._internal.trusted_metadata_set._check_final_snapshot:357-367
• tuf.ngclient._internal.trusted_metadata_set.update_targets:369-382
• tuf.ngclient._internal.trusted_metadata_set.update_delegated_targets:384-440

External Metadata Loader

A mechanism responsible for fetching raw, unverified TUF metadata from an external source (e.g., a remote repository). It acts as the initial data provider, supplying the Trusted Metadata Store with metadata that then undergoes cryptographic verification and processing.

Related Classes/Methods:

• tuf.ngclient._internal.proxy.ProxyEnvironment:17-101
• tuf.ngclient._internal.proxy.ProxyEnvironment.request:90-101

FAQ