def test_spoof_manifest(key):
    repo_objs = RepoObj(key)
    data = b"fake or malicious manifest data"  # file content could be provided by attacker.
    id = repo_objs.id_hash(data)
    # create a repo object containing user data (file content data).