Skip to content

on_boarding.md

Latest commit

 

History

History
109 lines (68 loc) · 8.23 KB

on_boarding.md

File metadata and controls

109 lines (68 loc) · 8.23 KB
graph LR
    Client_Updater["Client Updater"]
    Metadata_Fetcher["Metadata Fetcher"]
    Trusted_Metadata_Store["Trusted Metadata Store"]
    Repository_Service["Repository Service"]
    Metadata_API["Metadata API"]
    Serialization_Layer["Serialization Layer"]
    Payload_Verification["Payload Verification"]
    Client_Updater -- "requests metadata/targets from" --> Metadata_Fetcher
    Client_Updater -- "updates/queries trusted state in" --> Trusted_Metadata_Store
    Metadata_Fetcher -- "fetches files from" --> Repository_Service
    Repository_Service -- "serves files to" --> Metadata_Fetcher
    Trusted_Metadata_Store -- "uses for metadata object manipulation" --> Metadata_API
    Metadata_API -- "uses for serialization/deserialization" --> Serialization_Layer
    Metadata_API -- "delegates payload verification to" --> Payload_Verification
    Repository_Service -- "generates and signs metadata using" --> Metadata_API
    Repository_Service -- "calculates hashes for targets using" --> Payload_Verification
    click Client_Updater href "https://github.com/CodeBoarding/GeneratedOnBoardings/blob/main/python-tuf/Client_Updater.md" "Details"
    click Metadata_Fetcher href "https://github.com/CodeBoarding/GeneratedOnBoardings/blob/main/python-tuf/Metadata_Fetcher.md" "Details"
    click Trusted_Metadata_Store href "https://github.com/CodeBoarding/GeneratedOnBoardings/blob/main/python-tuf/Trusted_Metadata_Store.md" "Details"
    click Repository_Service href "https://github.com/CodeBoarding/GeneratedOnBoardings/blob/main/python-tuf/Repository_Service.md" "Details"
    click Metadata_API href "https://github.com/CodeBoarding/GeneratedOnBoardings/blob/main/python-tuf/Metadata_API.md" "Details"
Loading

CodeBoardingDemoContact

Details

The python-tuf architecture is fundamentally a client-server system designed for secure software updates. The Client Updater acts as the orchestrator on the client side, initiating the update process by requesting metadata and target files. These requests are fulfilled by the Metadata Fetcher, which communicates with the remote Repository Service. Upon receiving data, the Client Updater passes it to the Trusted Metadata Store for rigorous cryptographic validation and storage. Both the client-side validation (via Trusted Metadata Store) and server-side metadata generation (Repository Service) heavily rely on the Metadata API for abstract metadata object manipulation. This Metadata API in turn leverages the Serialization Layer for data format handling and the Payload Verification component for all critical cryptographic integrity checks. This layered and modular design ensures a robust and verifiable supply chain for software distribution.

Client Updater [Expand]

Orchestrates the client-side update process, managing metadata and target file downloads.

Related Classes/Methods:

Metadata Fetcher [Expand]

Handles network communication for fetching metadata and target files from the repository.

Related Classes/Methods:

Trusted Metadata Store [Expand]

Manages the client's cryptographically verified TUF metadata, ensuring integrity.

Related Classes/Methods:

Repository Service [Expand]

Manages server-side operations for a TUF repository, including metadata generation and serving.

Related Classes/Methods:

Metadata API [Expand]

Provides an abstract interface for interacting with TUF metadata objects (loading, saving, signing, verifying).

Related Classes/Methods:

Serialization Layer

Handles conversion of TUF metadata objects to and from serialization formats (e.g., JSON).

Related Classes/Methods:

Payload Verification

Encapsulates cryptographic hashing, length verification, and integrity checks for data payloads.

Related Classes/Methods:

FAQ