graph LR
Metadata_Loader["Metadata Loader"]
Metadata_Persister["Metadata Persister"]
Metadata_Signer["Metadata Signer"]
Delegated_Metadata_Verifier["Delegated Metadata Verifier"]
Byte_Deserializer["Byte Deserializer"]
Byte_Serializer["Byte Serializer"]
Canonical_Byte_Provider["Canonical Byte Provider"]
Metadata_Loader -- "invokes" --> Byte_Deserializer
Metadata_Persister -- "calls" --> Byte_Serializer
Metadata_Signer -- "relies on" --> Canonical_Byte_Provider
Delegated_Metadata_Verifier -- "utilizes" --> Canonical_Byte_Provider
Byte_Deserializer -- "is used by" --> Metadata_Loader
Byte_Serializer -- "is used by" --> Metadata_Persister
Canonical_Byte_Provider -- "is relied upon by" --> Metadata_Signer
Canonical_Byte_Provider -- "is utilized by" --> Delegated_Metadata_Verifier
The Metadata API subsystem is a core component of the TUF security framework, primarily responsible for managing the lifecycle and cryptographic integrity of TUF metadata objects.
Provides a high-level interface for reading and deserializing TUF metadata from a specified file path. It abstracts the underlying byte-level deserialization process, making it easier for higher-level components to consume metadata.
Related Classes/Methods:
Offers a high-level interface for serializing TUF metadata objects into a canonical byte stream and writing them to a specified file path. It abstracts the low-level byte serialization, ensuring consistent storage.
Related Classes/Methods:
Responsible for applying cryptographic signatures to a TUF metadata object. This component is crucial for establishing the authenticity and integrity of metadata, a fundamental security requirement in TUF.
Related Classes/Methods:
Focuses on verifying the integrity and authenticity of delegated TUF metadata, including the validation of cryptographic signatures. This is a critical security function for establishing and maintaining trust in the delegated roles.
Related Classes/Methods:
A lower-level utility that converts raw byte streams into structured TUF metadata objects. It handles the format-specific parsing required before metadata can be used by the system.
Related Classes/Methods:
A lower-level utility that converts a structured TUF metadata object into a canonical byte stream. This is essential for ensuring that metadata is consistently represented for cryptographic operations like signing and hashing.
Related Classes/Methods:
Ensures that a consistent, canonical byte representation of metadata is available for cryptographic operations. This is vital for reproducible signing and verification, preventing malleability attacks.
Related Classes/Methods: