Initial changes for multihash keyid algorithms support on write

2026-05-24 10:08:28 +00:00 · 2016-06-08 16:49:13 -04:00 · 2016-06-08 16:49:13 -04:00 · ba0f9ca936
commit ba0f9ca936
parent 685e6a2d33
55 changed files with 45 additions and 225 deletions
--- a/tests/repository_data/client/metadata/current/role1.json
+++ b/tests/repository_data/client/metadata/current/role1.json
--- a/tests/repository_data/client/metadata/current/role1.json.gz
+++ b/tests/repository_data/client/metadata/current/role1.json.gz
--- a/tests/repository_data/client/metadata/current/root.json
+++ b/tests/repository_data/client/metadata/current/root.json
--- a/tests/repository_data/client/metadata/current/root.json.gz
+++ b/tests/repository_data/client/metadata/current/root.json.gz
--- a/tests/repository_data/client/metadata/current/snapshot.json
+++ b/tests/repository_data/client/metadata/current/snapshot.json
--- a/tests/repository_data/client/metadata/current/snapshot.json.gz
+++ b/tests/repository_data/client/metadata/current/snapshot.json.gz
--- a/tests/repository_data/client/metadata/current/targets.json
+++ b/tests/repository_data/client/metadata/current/targets.json
--- a/tests/repository_data/client/metadata/current/targets.json.gz
+++ b/tests/repository_data/client/metadata/current/targets.json.gz
--- a/tests/repository_data/client/metadata/current/timestamp.json
+++ b/tests/repository_data/client/metadata/current/timestamp.json
--- a/tests/repository_data/client/metadata/current/timestamp.json.gz
+++ b/tests/repository_data/client/metadata/current/timestamp.json.gz
--- a/tests/repository_data/client/metadata/previous/role1.json
+++ b/tests/repository_data/client/metadata/previous/role1.json
--- a/tests/repository_data/client/metadata/previous/role1.json.gz
+++ b/tests/repository_data/client/metadata/previous/role1.json.gz
--- a/tests/repository_data/client/metadata/previous/root.json
+++ b/tests/repository_data/client/metadata/previous/root.json
--- a/tests/repository_data/client/metadata/previous/root.json.gz
+++ b/tests/repository_data/client/metadata/previous/root.json.gz
--- a/tests/repository_data/client/metadata/previous/snapshot.json
+++ b/tests/repository_data/client/metadata/previous/snapshot.json
--- a/tests/repository_data/client/metadata/previous/snapshot.json.gz
+++ b/tests/repository_data/client/metadata/previous/snapshot.json.gz
--- a/tests/repository_data/client/metadata/previous/targets.json
+++ b/tests/repository_data/client/metadata/previous/targets.json
--- a/tests/repository_data/client/metadata/previous/targets.json.gz
+++ b/tests/repository_data/client/metadata/previous/targets.json.gz
--- a/tests/repository_data/client/metadata/previous/timestamp.json
+++ b/tests/repository_data/client/metadata/previous/timestamp.json
--- a/tests/repository_data/client/metadata/previous/timestamp.json.gz
+++ b/tests/repository_data/client/metadata/previous/timestamp.json.gz
--- a/tests/repository_data/generate.py
+++ b/tests/repository_data/generate.py
@ -56,32 +56,28 @@
  # Generate public and private key files for the top-level roles, and two
  # delegated roles (these number of keys should be sufficient for most of the
  # unit tests).  Unit tests may generate additional keys, if needed.
-  generate_and_write_rsa_keypair(root_key_file, bits=2048, password='password')
-  generate_and_write_rsa_keypair(targets_key_file, bits=2048,
-      password='password')
-  generate_and_write_rsa_keypair(snapshot_key_file, bits=2048,
-      password='password')
-  generate_and_write_rsa_keypair(timestamp_key_file, bits=2048,
-      password='password')
-  generate_and_write_rsa_keypair(delegation_key_file, bits=2048,
-      password='password')
+  generate_and_write_ed25519_keypair(root_key_file, password='password')
+  generate_and_write_ed25519_keypair(targets_key_file, password='password')
+  generate_and_write_ed25519_keypair(snapshot_key_file, password='password')
+  generate_and_write_ed25519_keypair(timestamp_key_file, password='password')
+  generate_and_write_ed25519_keypair(delegation_key_file, password='password')

 # Import the public keys.  These keys are needed so that metadata roles are
 # assigned verification keys, which clients use to verify the signatures created
 # by the corresponding private keys.
-root_public = import_rsa_publickey_from_file(root_key_file+'.pub')
-targets_public = import_rsa_publickey_from_file(targets_key_file+'.pub')
-snapshot_public = import_rsa_publickey_from_file(snapshot_key_file+'.pub')
-timestamp_public = import_rsa_publickey_from_file(timestamp_key_file+'.pub')
-delegation_public = import_rsa_publickey_from_file(delegation_key_file+'.pub')
+root_public = import_ed25519_publickey_from_file(root_key_file + '.pub')
+targets_public = import_ed25519_publickey_from_file(targets_key_file + '.pub')
+snapshot_public = import_ed25519_publickey_from_file(snapshot_key_file + '.pub')
+timestamp_public = import_ed25519_publickey_from_file(timestamp_key_file + '.pub')
+delegation_public = import_ed25519_publickey_from_file(delegation_key_file + '.pub')

 # Import the private keys.  These private keys are needed to generate the
 # signatures included in metadata.
-root_private = import_rsa_privatekey_from_file(root_key_file, 'password')
-targets_private = import_rsa_privatekey_from_file(targets_key_file, 'password')
-snapshot_private = import_rsa_privatekey_from_file(snapshot_key_file, 'password')
-timestamp_private = import_rsa_privatekey_from_file(timestamp_key_file, 'password')
-delegation_private = import_rsa_privatekey_from_file(delegation_key_file, 'password')
+root_private = import_ed25519_privatekey_from_file(root_key_file, 'password')
+targets_private = import_ed25519_privatekey_from_file(targets_key_file, 'password')
+snapshot_private = import_ed25519_privatekey_from_file(snapshot_key_file, 'password')
+timestamp_private = import_ed25519_privatekey_from_file(timestamp_key_file, 'password')
+delegation_private = import_ed25519_privatekey_from_file(delegation_key_file, 'password')

 # Add the verification keys to the top-level roles.
 repository.root.add_verification_key(root_public)
@ -123,6 +119,11 @@
 repository.targets.add_target(target1_filepath, file_permissions)
 repository.targets.add_target(target2_filepath)

+print('delegation public: ' + repr(delegation_public['keyid']))
+print('targets public: ' + repr(targets_public['keyid']))
+print('root public: ' + repr(root_public['keyid']))
+print('timestamp public: ' + repr(timestamp_public['keyid']))
+print('snapshot public: ' + repr(snapshot_public['keyid']))
 repository.targets.delegate('role1', [delegation_public], [target3_filepath])
 repository.targets('role1').load_signing_key(delegation_private)

@ -133,7 +134,7 @@
 repository.targets.expiration = datetime.datetime(2030, 1, 1, 0, 0)
 repository.snapshot.expiration = datetime.datetime(2030, 1, 1, 0, 0)
 repository.timestamp.expiration = datetime.datetime(2030, 1, 1, 0, 0)
-repository.targets('role1').expiration = datetime.datetime(2030, 1, 1, 0, 0)
+#repository.targets('role1').expiration = datetime.datetime(2030, 1, 1, 0, 0)

 # Compress the top-level role metadata so that the unit tests have a
 # pre-generated example of compressed metadata.
@ -143,6 +144,7 @@
 repository.timestamp.compressions = ['gz']

 # Create the actual metadata files, which are saved to 'metadata.staged'. 
+repository.status()
 if not options.dry_run:
  repository.write()

--- a/tests/repository_data/keystore/delegation_key
+++ b/tests/repository_data/keystore/delegation_key
@ -1,30 +1 @@
-----BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,8EB89B1037BC3FA7
-
-UTGKs5HlOy+TxAlskIC7gTPh9CZ0SJZs9rxUOgutLQT0CL4A8StSeOShx8gGsVxz
-+kAsehxrwD6MpGU8E6WpTNhGQcmgfSAgbI1PM0aZkG7DimIWz/ZlYRAkSoHQE438
-HnqaxydbpcXfb4wpriTx7bJx9zmGKysv7lb+j3Ub8LD1Dt96UiohmEYGnikur6CI
-7s+HhtdGNh+EGh/XBqUjIZRf0iA+HHLidWU9zL9e3HQNUc2hgVc4DwcW1lKz4ylc
-FLgiXhuRLJJVv2ciE0FXlBtoxZNz80fTuVtN8tUd7LSZ5E6radloeV90+YNzOzQx
-m0cM4bVkQrVKBkZmNLNp18qa2ZxB0zWWAM86th/YCSkRTTGIayKEw+M+642F1GXZ
-wSQRewjH/P2gfIwLLZre1/eZsohfmqC1FpRaGK4626oLgXAhaOuneucJdrkCgZeQ
-PxekzJrvfsbMuTjRq9w8EfoCl2qsQ17tKhhxb1QC3tw4aaT8Cn9fDUMqolQ4jtTm
-Rvefn8gKaDsFjnym2QV7+Of1i/rgmhE8wHEvpK6i9yQyfjCc1/5kl5abTmdoB+aa
-rzD02uNfbVrp7rzP4gPTLyHUXM8k1ffKRlnf3PRyqhN63mMnUNKp7w3lDRR/66Ld
-ce37Dc3/FQc/jM3fKIS3E2XAcjWKgHla1YdQZpQimvVR5YNK3j/f+p3sfphyTXOz
-a0xN/1sd8yP32MLVxAnB/9fSfwUecaoU6uPb64gVbRJHozZJF0BZaMioxgBarg4r
-JpcD/3aIRoB7kEUmXTEGifu+yW/Xl7JYW6gS5IdQ7V2ZFnhhlr2lg+MQ745CXgHZ
-X3Hgd/jsQkGPkjDrtowQ4B6cAWs7EflD894hVnt6QPLm0wA5CUYKXybX3jm4Rv8h
-LUNtglrj9WKSzt+KiH5j4eM7wcP3NSNv8nLTkd95uVyyuGFJpmyb/Rle5+X9Q5Or
-UbJhF9E44CFjTE2kAPZwgRn78gLBX84znS0rV0F1t/0jc6qT61492PbT79rdNka4
-nghGculmnH4MAubDcQDfQSn9vjbeRc37Qd0SQATjzpJCJDEQh5v5htXqf2Ip2TXP
-ayOPwYfxABHo0D+zkaYEPentjlFuWvNj5u6+eREIY19Opze9yY0s1A7whFvSgAjO
-OIgc+ZkhR5JgmJA5Jt1DjffWYCiPzmL14S+oPd1EswBSPSKIH09CK52LoMGk4c/A
-QtlEtHVR+r89NtAoU/l8Psr5dJvwkIH3cek9ec6IETT26Xe8D4eibruVfeHVILG4
-3vFPro8rWWXg78LgI5C3AyC13nA3yy25Yka/IDXYK/VbXDzkDWBGNmJGWds2Eswu
-1VxXwEe0BdnxNXYubU+vJ733L5i1QIbWMCduayoifPV9Yx+gDgPbKCAywOCQomsT
-3V15myDzdNajuyXt5W05CjPKq5VaUMLGCoUzBaVd3zLRCIsGf9gR77nzyJMayQwi
-vgB2LzRaim5LuKQyBUAVaLPzkItq4wLE/NDHul300aR25pochGvV0vUI7IiPKoIF
-kJk0+6ObmVgT5nS2cUrgi2dqsOLoVWKeUWH0VurGAh2FQ1fx+stUtzxqmNj35/j9
-----END RSA PRIVATE KEY-----
+354b24bd918525241d10ffb286238714@@@@100000@@@@693ec76fdb0e7bbac8a3b5a61d153bb3be47da6786187fbb6c16006736a69100@@@@9ac562ec8f301d14be84f70e7ec7838e@@@@1ae735f2890ee842ed90adf272861dc5867d9e6f853a622810e06290d2cba50bb6a0990c9c2a0fd16575c01359389e54b8cc201ee3774e119aa2e15f48c7365375fd3bdcf4fe494c0e7a4fd5d5d83caf885f7ba59b2f90afeb51b5715d9456d7d04023b09eeb1c29e192e6f8a7ce34f314529c4a589f1f288708470a5d4f8cda117b9eae2a0bb8f1df60cbd1a07cf5db22096d9a34c81e741aad156d8824ee86f91b2bfc06003ade4d26061a37238a0458c09b4987ec6933b1f2914586962209d302e1e576fa351d903772c180297796ddf0df58afd12e62d4a42029356def973960513ea3f26b4451fba68b412a8b00ed95cfcc05da2ff36e16ec4262d429e3b436768fafefa1b4ca0d7c6c
--- a/tests/repository_data/keystore/delegation_key.pub
+++ b/tests/repository_data/keystore/delegation_key.pub
@ -1,9 +1 @@
-----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKdTRVn3mLQFUf02Rpug
-wVEU4yJtechILLb6nM7+urfwLe6f7EsNCDFhkiTP7vKuQywdLYrhwZKYZMDmaVnI
-q4d/tBLvb/jGY/IPFVvWbAOWtwWG7apiAFrcp3Idq6EKGaVVLn7tyv74+nisssYJ
-cVKodlkzpgX1Ibrdq73BUlAxhEQNDAUM5bzyJUW0BU4OSjUoFKCgc8BSkNcSLwXO
-RpyqAwDpPWiL68N1Dch7R9uD6GE9aREY9SKoYsNCvUOraIcme4fJZ3NmxpN3SVnX
-tepoiJo2iAtORtEI1yTCv/dOPap/iebveeCjn667HkMezJodSR8X3pMgMKMVyxhJ
-gwIDAQAB
-----END PUBLIC KEY-----
+{"keytype": "ed25519", "keyval": {"public": "c8dc9562cb204cc0edf1bfd87a0b6e357d4775d27079387417bb3a4fc4ec3ccd"}}
--- a/tests/repository_data/keystore/root_key
+++ b/tests/repository_data/keystore/root_key
@ -1,30 +1 @@
-----BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,B90D8CBD38BD4DE2
-
-1TT2SOrSKoqg4r8DryQXBevP92jYaq5kA5QoW6ufqKV3TwACRD25P9ra/3wRqGWP
-OyVeE3KEdma1Zp/x5HW/6ouyhzPC6i82NvqOz61P/5B/NKManD8xj/0i6RlZTW03
-lOBrC9chQPcQkrdexjffGG+OWBqPg8H0ApjgDyyzxtvIK2SRzYhSoLtTCkznLDnC
-Qo2kLMtPvxxyXf+fMwyptSQyhieoCCDHTgtvtG3EHIGgeJJk5bORFoH8XPFhLVMU
-PO0asgr4WUWXrHYTgrzFvMvC3Jsm0FjuASHZsihlwn3gW22aARU2704rLSjjTEgU
-F5fzKvyUbbytc1TNjT8QOc7m78mjBqVdOf3WsH5eD1BRdexAbIRtfw8TGhGtd0f1
-KyHl/7iOEQTiNtAkCigfxzUBXv0godBPZnpbHLk/cx0Xow1wo+6TzzQP58i2j0hk
-TE5O/I6MgJmmn8lZ1FA1IkOn05kny9TST+ZuaJTfQGuV3AyYsBBtQ2TC9veuXpu9
-DTsf8eVNCr2J4x5sT9ihCKIChBdxj5l5CgmOkk9uy/3KuBjXH/jSlPzjGX14tURg
-SfhxY47SUJGsqAxdBHcQnnAhNUAqO9TW/soVsrLLKgZgRUHx3isIEADwwGko0t35
-1m4RoU9hFr+hel2muWgFGebTZsiz9Lx1sJHlVPWc+CM8XwBBzVWMMpC0/PYRapQl
-4LkA7hlebJESVG/2o4ItMWho/qDH/jZkRgzcavNzfmV+5DAKE2wquZXrc7rSjlIm
-xEpqP+O6aE+NwIxI83slL7Ga0N99vIGNC0iEoBWBXIrWsVNGJssX/F8OJUC2+f66
-Rwy0DbcO2h0z9TqKxOcnd67420KifDn6icp/JMEXGHWWyS/+OR8Q5XA8dP20PlGa
-WHQ+LhEAgx2kHE3Ciz3luMMmKbVg77AHofMm6zk5rfyHFpXQq4CDKa0uES9XmWeP
-xuhcQ4py69gRKxVvlqNoPGdnZ9D2LB7CKIdT/MhK7G3uuMHkdLpSUbGWb6K7CNno
-q7fPglxyrzAsr2P/AAdYBd+bMDTsO2p2Nleq84yhj2hZfZHXwztMmdvHRhhAmEyF
-pobpENclV075bRtZqCBHS/8dewkM6LE9vnQQJ79IqUXv3fd6oEewwtK7b7++EsQL
-LdKx43CPQ0sjJYkjaWgzFKqh8s5udsmrRadmdmMDh5UMUtzCGlS3QEHBECBwkJex
-Vgddw6zZy2bmJfANN0HUIKMzyvJ+wzho5FdGN+hkafdVa/dHR4GhAzMTbt78SuKS
-5nqV70hgubsDRIJYIeUYa7nt0CC8a1eybbARCMNYQ4NsSzKbel10Ge0WoSUyAHJw
-VWbPSlmfc2D4N/8wPXsNtR9AU6fm+z4CzudIh9HI6V/muPBJzBpUahgPpGR88RNK
-5zdxymOJPjeKSGvf8WfysBO3Uz0ClKOXPIlJERPJ4msLoD7SYixdTnZnw4NaNZW/
-ceHUmBbqwoTTp96+cp6zZIaTeYuAKYbcznRpmb7K/15u3+Rrkb8lX+cdQDw0KCxL
-DgRPhuMdApuz3LCHA5ztm3vYuQGMZshrkIg7Bwg122+7VQ0NAaIdIA==
-----END RSA PRIVATE KEY-----
+697707541cda285d6b082282593cda07@@@@100000@@@@4c3cf6cac13d4a5543ce53008005debf7141e2cf2cdcc6c9a2a873bcbb1ff439@@@@9500642dcd4a46d544eaa736f3fea5d1@@@@bb518e8a0a11d596121a3939627189bf1a6c11704ad97a1cc417430f069cbdb61e9fef456df0bd70350e3a9f6ca21b21dc8c850c8c89f817b1ac91f9f24b0281e644f8801a4e3d09cfc7cd9897b0abd1c9f1220c71ccc76d1843ebde491b2dcfc422a0009c1a4b3d809ee6a8d86cf88489a4d25fddcf8a76c9917aca768e71cb1c6898b1cecc5d8aebd6e32edfdfbd6eec4db8a9b3c63ff82ef66c63bfe4660cace73f18a6fe3919a2fb284af252d35f6cda5e95e21d5392c111dc6100951f479ad32387902a39547f60e0f32c0bddaa6efd24c06fd9ae6716e6c7ec614bbec146c4b6937ecdc32b3890f7f768f679810059258e56cde358a99a6bf91296bc3945f3f795967f04d424fd923f
--- a/tests/repository_data/keystore/root_key.pub
+++ b/tests/repository_data/keystore/root_key.pub
@ -1,9 +1 @@
-----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7J15ZaeDQPrhQsRj29wB
-PhibH+Do59xsT2396L+uCg793gZlar5wZN2eHSh725cNQWyTAa9LwG+lXaKMukQ+
-8176CKR2J5sv3DezrGVu3x8V1qhyJyy79FlNZRVYTVqNaYzvJzxsVnFPpg7f8B7C
-ffiqWJr9XkpqwRlCpxooXm4hplZ7uek5Ku21CzQ4OWg7hbuc+ZjCGzpXfm8NuosU
-7TipnKGpEt0Agiph5g6TB2/scoeFar1CKMONIl80maxzAQk+xkWgiJ00+Z2qFCsx
-ESfis/YkILS6RMFyZz7oa1WwMtUjYmrsRuz+jlFcbNuxZpIkaISiG9a2YdGcJ1Aj
-3QIDAQAB
-----END PUBLIC KEY-----
+{"keytype": "ed25519", "keyval": {"public": "806d768a9f66710beb96e91dcb81fcad50e9381f60c1bdaa50e1131197c4b4d0"}}
--- a/tests/repository_data/keystore/snapshot_key
+++ b/tests/repository_data/keystore/snapshot_key
@ -1,30 +1 @@
-----BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,9DA302AB20EFABC8
-
-s9SuQg1zhblJCXnj6mXm3sKerFlJFLo11BeKi7k/kJ80IgJLwKmhnE9n8vulo+ix
-6/TM90P1ybn0Qgj18Y5jHixvQUFVgGfBDZno7WgKONoHm6v0e3QlMo5hSe2vea6Y
-B+QciU1jzNcI9/y0x7+lghX7BFrtsp9If2xCyI5/gFqQOCYq+4RWvPfUhDR7DUvj
-yfsYfx9TzGne2FpvK817gNClKpfgcPoliMVu47Vtlfo+Hye4x/NJWnxCmT4yc3IM
-XpFEZ2PgSFbq8CIEObHiwxemI1HPWIK+PxkBrNW5+J7yaNWgkhZVlflQJvx+CQCP
-aLgODNLUitD/iD5GQrnQEnc6dYfK28lc4Z6kpFOE6/le41m3K2an8zu98PAZnDuo
-DZxobB0IhRgIM3aSkFHjKpFS5lz1Y3serZn2OxScJnHGpAsBgEXnXBA3AmyNArsR
-Z2R1Iw+GFbqPDRpVOARkhoYS0VGV0gZ4dlDjnR3Nl9DF6yhpbQDCRnib0E4Wj5pS
-fQT0B+o7qSe9eZ4UXVIZuBlJUrz/hn0wIq0tpdmFBswb8VWAKPaNY6sI13qP3WEX
-UsxMHFjt9qlCJ4WfegrwLDmUQ7ZicS0DXO7fNNElwbERMXX8K+YR0SIAHT24smsg
-FJ5MXRs1jEmu2E/lLMOewR+kiGACp9KrTjWGjb6Hoaftda/69uG3xjhkveprIls1
-ar2nGZXwwBqaWoDKIc5N0zxtIglY5Cq5mssmWjbl6/Oj8UKETYqsuXl2S3+pnrA3
-OjvNMrSAE0EDRcZCBpX5+o4MUy/IwlOOJ+aNR4dK5HfTSXXdmDqoFIERsU+BXeRz
-wq29dwoVy8L9m76y+BpuQwO5Os7F89v7JETFyL7vDvJdSjX2EoMiLv+f8x6GiG/O
-uJb8ODYVlYzCYf0piIkRXrZfkG9AGTI+yOgZrCu/nlCZpURcONO41btax3IHACdt
-BIRgcxPacAsN4RZRdXAPpW5Z68GLZwqKozRoFM9SSnEmnB0u07i5LSeaIt1CGNJm
-FtyR+w50RenByAKScc1Jo2x5D+7jkIViH9pogm/WnaEylNYYi7v+KIvp2fZ8p49i
-BggUAtXZEMMHVJojJFiVLs+W0VCT8YXj2quwqrDfcAdKa8PazgVdYSXdVj+ii9rx
-FIdpaJ8b48Z8CcYubd9Omlz2H0cVjrmjlcXuvJalqM3K19NRtc+wp9XYCsKMHFXj
-KdQ1Buva9ZZWcBBMeb+vMXCLIvlbegcToZcXMZZpBLjs7kAD33yhq2tKpeh7Hk45
-E+NrtwiALOWqyVjTagZyYFOD5knOPVOET+DYDdq1A9HcWuZeZwRv201wKz/92K/f
-9xuvO3VWBL71FbUhulh2NuknwihmFnzTTJ0nyS/Zg9XA440f2KtlKL61Jonun9eN
-RaJTBBKbcfZuRJZH804mq0tZiyaRBf0+wIBgwAgk0oADG77W7A0y2pIm3un7MEHf
-XrWGwUktQlHFUkbicae3JGb8/hyHZLrH7yZHWrYf12MvZRT8BjCw3PCJv/lACTiE
-g+tLawCAn5Xd7LBNQWRBY5zgexx5maGjq2zcbzFIsqrlHQJ+5ndZtvQaaUuBLzcQ
-----END RSA PRIVATE KEY-----
+0224d65a09805b5bb4b025ea5c715628@@@@100000@@@@79d4028aa5eae50fb496b74133981afb664da5c504cce90c4254c7bf88502684@@@@7c611eb68093693c9029ddbdc2ca63fe@@@@2f6a5da0c0dbc36fa0bcc7d7e49904fdd31fd86e03e4b3a6c8e10fb912cccf2bb1424450b903f8deb7dfc14a1f54bc69afffa95d1ebb25991f87cdf90f910153f4eecd5537cea45cbc85a5423e9bc08de3a2cf48610cbff7819686d93dd06aa4903c28970042c9b5ebdff8c9245d91f3e9508dd1c0d96069576444c450ad3890bfa10657dad2ec2a54929c5b78609e5725480e31458ac903975f5f1f6360bc1b291166a7ec4913487bcd3996d22bec236715e8ebb2ed012d464248035795c1edb83d36715d18bd4850e84aee183b9b559f3341e6b997edb445b682307a67b3fc862d0417a36c55abf590775c70cd0084e76f027501803f3db104c23de6f30194aa0ca928e885a41156d8179b
--- a/tests/repository_data/keystore/snapshot_key.pub
+++ b/tests/repository_data/keystore/snapshot_key.pub
@ -1,9 +1 @@
-----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9XqJohXw46tOKUiOMzPx
-lDtrSlpy3WLH2zFSppN0eLIqByD4mk5nbyWKOzzGetQYgv9FzyER4AbmG40kD9bT
-2jm3zxjoTnCoM+1Qt7khZm3LxcKBa7q1yrAlvSfNLauIC220kauVRn4Kehd+IqeS
-/LhfOT6YyHUMH9SjZKM8XVHU1ehxTiA69eos4AosMK1Gf7jr042FzfiBTygqV1h5
-LXxO0IUYXiI4eCYTwzK4ChfQBmG3DGFGh2G8yrgqQZ5ERaBQPYG9rqQnfF8T8RUQ
-o4n7yKpEKSWLOr6Uz9Y1pnHZG4YiKKbTe9EKGtrRbDMIfI+Mv5f3+n600nwZrN7K
-OwIDAQAB
-----END PUBLIC KEY-----
+{"keytype": "ed25519", "keyval": {"public": "f93d5a34daa8cfad5bde1b29735284b5f8be829ebde508a3674c2b4f947bb89e"}}
--- a/tests/repository_data/keystore/targets_key
+++ b/tests/repository_data/keystore/targets_key
@ -1,30 +1 @@
-----BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,807D96406E906425
-
-omm708pgsHSKHXcafBiqj685vNbnbK1Ea9XPZYE3oQ/lwS0vBRlIFcDVanswN/u0
-BsuiXlQriCycfLFCi+Vbj3Am/PAWTBibvLsoAWlF0ymxzHUmQ4n3rGldkFBPCv8N
-8DQz/kRmVwC9e/kboRRwmWymCV/HaUsQ43/XjMf3bG5gps1ygwAdGdfIIkTc1FcA
-yzunF3f73edC2IuP1AyYIXI37pYauljI5dUsAwnYTqfxkh01XMdaRjoIU1THk3DP
-1Tr6H3XBoa7YYS/Y29LpD/FEaoWmYPcQw4TQE84p2cfUoYmGLS6ohN9m/4YSbghG
-0sL5nZRVfHvdZOQoD1n4FwNlcOTHwj20wlUhY0Uh33dD5xEeBYiMndeMisfBOFG2
-bheqVtefQFMRQP4Kdin0JJEKch4AXcMeCB8+RqcfCIPF/6A+IOK48bhyiIbl06J9
-AF2fBkcbCpmzhK49Ou101LCgQvJG49+ZE6jT0sFu+Vij2JT0+zpE+6Z9fvczutRI
-8VZWYh2k78WmXVuD5IOvH/srqrZKIzFUiVVDVhFb9fV+SitBpBl5Ui/YyH2WP2tu
-uEGatgqZui6YZBBCFDdR2kq29rorAz1x3RyPybfOtQgZWgrzeXMUE5EzCONnIekM
-B4NNG5Yz7WJXIEc1aJXNpMT/HfLSXojWoJjBLXjJClUYMr7IomJnNggWNiGJ4lkL
-cOmIBZ/z4zsbUlMWe7IrjXcXR5CQj306P+q2kMtI/ACn6X6a36AASpF8hwConEiA
-c5YXMLTAHtJYqtL5YE727TcePJlUZFUh2rajO6RxHbz68Hx500E3Ml9tVPO60kvD
-rkrIWVsIgpyfRtr8jBpCL+XOcXjddjNQQCB7y2ta0MfX3lJMa5cjb+RqpgoafvcI
-dAzkA7/ELCQ1BVpXtuZsnQB1pzfv6aA1ctv9CEJAwpZ45sin7plYJ1Z0gpqcHpbr
-sjUGJm22a823sUQYM2lHZsRX4Tx4uA1cQFTz4G/N2wjJeSPV7v/F6FpFRtPBx0S9
-AB2MJNZHzi+UE/w243bdYa5hqd+39HuTkLPpSRfINyjy5OE8+pJx6G8ODRD1I09+
-jE2GKmDguT3kVCF03Sw9IBF3qMvlAtVRqNyvqbIbdqd1tqF7TJWPisobVuWDCNOT
-/HULgS+1vcB7w/74GYhniFGIoAokXdpfQ0T5JSDPlhfH4ARjJBYlbfQ4Yd20ag9j
-wawMFprnBVcRz7z8NPQIbozdouqxBmgy4HGoHFxv3H6E7L/m49lhk8q/XdJHP9/n
-1LULUZ4jFNtm674O7duyaCTWWJTHs1hdmK/Zjm+aTj4qVini+ep/T9nYi2Kux52i
-X6lSI+pgixJAHKigb+9QmTxaxqFzVGBQ1Fs166et0CibHSPSSxNoKH2STyZvKp3T
-K79Yup3CdXe9qe4995rcNdyB/sXxhuXQlZCJlPdTCtrQ7jrQKbNM9tHqCJ4MTNxG
-cU5XOJiQsZTh9ps84wRULz2iHToAC6RaHsiY7Qy8/nWZGihbVwreZuwrdI8UYlPO
-GpiSYREOFhBiHQ+hW6sIkLpiUgaOamQBY554hb+xnCpKspf/oGyGIQ==
-----END RSA PRIVATE KEY-----
+426dd87b56e3983cdb44587ed2aaaa7f@@@@100000@@@@f79b668f7137038b0b9b903c0617d107379d012db4da7613594351f014d9ff80@@@@37230e0b81f99db11bed3cf4b4ea0f03@@@@ec81c18b61cbe664c9d7810a6027bfa9d108c2b38c4eccbe134dfc3fa9e0b7803ed476665beb7d32f8512dbc9c1c85ecf67f9675d24821e30029e2dbda64845b4abd189ba5f8d77c5df67332de80cf1b81057ffcc9bd48aaa7d683b9d8969b74d9cb63a22c6832f7a5cb8e729b546f0a7b5b884a908cc4655a48539b88285fd718dd3ba10d29b38c3efed6183aad13d60a5279f34d340d999714155d789a5fb2ab66aae290a28c4331ef9b8f95a023150507018230c1a79928e712e6b64b6183ec58021bc10029cc640c1b1368ea2c5092974c0b1d71a73955a1bf3879b87e1995debf7605f1010102369a8a3f40e08dc5e379000c7df64154ad87462860b5c8fcd477db6f6f562b41909cd6
--- a/tests/repository_data/keystore/targets_key.pub
+++ b/tests/repository_data/keystore/targets_key.pub
@ -1,9 +1 @@
-----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF3xKdM9FySLLp0PiwIx
-2O9CFikFBo4Xfm4Z0HW69lu2X5WQFx8/GL9kmo1QjZrOwYToYDe287nidbbLs/rT
-lq3buN5wPMiD1GbVgGN/nknkkzv9KkJtrSF4RLbKrUnKo7/9C6IUmMt30wBk4GpJ
-RZ+8wFfRhUE6859/f6Xl4XbtBJofbIGwV/OBdIzO5zIgB3uBktbbqBVjJb8Oj6Oi
-YYskEIacP+TUrpa1iuC6nONj6ahI5NnEjt2B4/pLaUcEPm43kktJTabznkfNZXOa
-2nMjngY8v8EbNLBpG6Y7MqZwwLZ4wnaTOe5Bp323YN9eVONXfU2gtT2MBoWExvFV
-FwIDAQAB
-----END PUBLIC KEY-----
+{"keytype": "ed25519", "keyval": {"public": "45ba82cff7ab6ed0a7f12885f4971e1079cba606b1b5720875a536fe55fb2868"}}
--- a/tests/repository_data/keystore/timestamp_key
+++ b/tests/repository_data/keystore/timestamp_key
@ -1,30 +1 @@
-----BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,261BF7F755E46B73
-
-2faJuP6DIhZHuOcnCLgG1H2C076VFivK4Sz4NQipXCzLrMJvUWhAuYZrAAgDy4Z0
-wSQBONeduwVUdNm5McpOOIOgcIn2p6DDVs09OGY5BOMi1J0MlBw9d667jpYLuMbj
-CFUHvXRGLyCagg6eyJyFY3JB1ppQl5EJxh295iIz+4FouMpYQ5C0+7ub9r6rc0iR
-1Y2AYpr1XqVS9599sabwMM3IQ0d28h+o7UeleEjZQYG9u+7OF2YddULjB5CfNXcn
-yJnmHxsQwQb15YMf4pvc02RGC51BIjnXtYGG2mlyxo9Wg+HZsU7AZByqSh0RLzri
-+Us3PKKgsVFleo3V+9L6zS/pXn8KU4X6BMEDLX/t++z0VseNVxaYqMFG3um2Qw6C
-WIHtbMonOaub7VzRJx3mvTD+/xLi1HYQ0k037f4z890/HPW2eP3aE9EE+jZJH+M8
-3RAY22qQ5RWtt9oZhNhOPqVBuRJz+ZqMWNY819HrAWR72msUXItTIemwABJI7Wpy
-V0LwA03NLcTms5+z6XcdzUMnlcXSnGa9+YPIz7dRP/YNFTAwDgfbfBybaue/7wYC
-XABD9WyIx+/7jEN0trJaTKADPBUzNDrKFnUWxSqnnj05b84YeB7gA4TXemin+n80
-rHqAudscj4CqGx1dsYgjoNHa7nlbd5YAE/pUovWR6KJSRwR+jqySO8n7HvwXgxia
-AVk3jwq0GVo5MLUMMbkE61gBzTzPVyAF24q8AS2YRG8hFyQzFxTibcCjs4zwK6ZW
-WjaIHOU5pP9SX3Vz3WBWRz0KcGG/ebTq/JSOFPIxFbhPm/qyZehXRtYLTiZyvE5w
-RvuNqGulA3Zv61+5wdy+Wt43hyF36MhePXU3MeNPBRSupIAaBj+I9fWHyBTGbrQq
-DomEcSXExCdm2LKCn875QYNyaxFownKlwObQsKevQhG+DIGR12pzcvXDQLoerfIy
-gZH+oWKTipM2BwQzj1fZlh/4nZNflo4q+jPzJrSWrqkPBBiZPrHL53D7coWVxI3v
-+qtSI3Go1OoBEZAkplef9buFH+KXrksLriyxIJvzKuzY/y+JeepaBuVfb+jdeoV9
-lyWX4tLMkHLp2Of5rQM0bU0ngT32pnYhCzOUXBmdaF5krCN626sUCtdTpJpCZbOK
-0v+ssj4wUnpaIFOwrA+n68eRe5d3izXOABy4WPc66P+k9swIpUFqpBuhikcolqE0
-qDQQg2bBg5lRqCAbcNcjm/59Ozi257SaUDgB/zUBmxE917+rLFpQ1+Y78TBcQXN+
-TXgSsJ/D8oIPEnpOEBIiXdCeOkZwchJAsfH/vdpUf/cB45wqzx3vZiDnWp71vNNO
-9V00wOmz4G5yZFmScVrUwsX1dfsJtwUb3Vafa7wsBSjSrWasvGT8FbuygYUG8sGM
-rqAsUCvXt3XWY8at75zLRuFwqNlUSbeMOuJxDzvsVRvTZHW7PZPX8tNJXf92TanS
-bVHYJTEuwCienKRALp+Uyqa3tUqb/IpwN8wR5NDStr0bO7PvGLFS0Ha6O5Aj/n6s
-HksamVs6rrZwaXaoxUFQE8ig9o8bi05RjWSUWcjIbfNvwehJ19aQE31KNze2rsXA
-----END RSA PRIVATE KEY-----
+d209a181b355df1ddb42b609e18db1a6@@@@100000@@@@0a3c6f88454f6030c48c6a8071a339a2a54773bef79c59be2a670f7ab04d5ac4@@@@75a5ce4e2dc84db7f4d7a2211494d3ea@@@@6e0fdc3b8955aba8664108cab0a83bb5f9067880a793e3c4a9a5b599bb5ea36bc1470c7ad1da02b44a3cc592239d303ce12cf6bfc33a3821138b78cc198ca595eed15ed7c2a4dee190fadc27168551501b1a3234d0e0a3bcc0cabae340672565db9260dd61e74b931a947ec5cf9f89eb710be73d74a5f4e9cfaff3f5015e6a51d9343939b78ea916db1bb0f52bb0690529e88d8e6c885d5b1029a910516b31d118a4104cd8ebd40b0b91bc6d0c36b8c0a6464861efc13461c27c90f271acec7bfc16b535bd70d5a5af07bfe161e98905d0c912a9ae1e42db114299074c170276899789c15d525a2dded2b555d059392295927ed2cb4411c1852a9b2c37ec59ec89837866af0eb6a1fa69f237
--- a/tests/repository_data/keystore/timestamp_key.pub
+++ b/tests/repository_data/keystore/timestamp_key.pub
@ -1,9 +1 @@
-----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyw8QAC0PNyyf0AV3qzSp
-DgT74sGKC/72HIO1EskP4VEkdfh67PROHCm0YJTYLch9zH+uHIsmyyuzNr6go2Nv
-GPSRwYEP34LJlmqr699zkjSXw79T/t244keFiL8SFWTlWmQyTPDdn+N2v4acAmvW
-xSFcjTl8cVIGyGuU2s/vHrBn0zoOJ7ZIGAFzzCGAm0j6VvGvkxy3mymE+8VjzrAV
-9P1aOMdRVmlqCyPlGVW66Lvz7wkQKcp7rf0CEKkBGlYMtgTqiiagHJy0Sv6qAapw
-LXzE6ZdM40E1J1rT9GUitd0K4LhpSjW1lfipSbNQDLiZTG9R2EhnDMl5suaIaFh0
-UQIDAQAB
-----END PUBLIC KEY-----
+{"keytype": "ed25519", "keyval": {"public": "12e0ecd6cb3991459050337c618217e156cc2a3cfc252ec05216eb1679047536"}}
--- a/tests/repository_data/repository/metadata.staged/role1.json
+++ b/tests/repository_data/repository/metadata.staged/role1.json
--- a/tests/repository_data/repository/metadata.staged/role1.json.gz
+++ b/tests/repository_data/repository/metadata.staged/role1.json.gz
--- a/tests/repository_data/repository/metadata.staged/root.json
+++ b/tests/repository_data/repository/metadata.staged/root.json
--- a/tests/repository_data/repository/metadata.staged/root.json.gz
+++ b/tests/repository_data/repository/metadata.staged/root.json.gz
--- a/tests/repository_data/repository/metadata.staged/snapshot.json
+++ b/tests/repository_data/repository/metadata.staged/snapshot.json
--- a/tests/repository_data/repository/metadata.staged/snapshot.json.gz
+++ b/tests/repository_data/repository/metadata.staged/snapshot.json.gz
--- a/tests/repository_data/repository/metadata.staged/targets.json
+++ b/tests/repository_data/repository/metadata.staged/targets.json
--- a/tests/repository_data/repository/metadata.staged/targets.json.gz
+++ b/tests/repository_data/repository/metadata.staged/targets.json.gz
--- a/tests/repository_data/repository/metadata.staged/timestamp.json
+++ b/tests/repository_data/repository/metadata.staged/timestamp.json
--- a/tests/repository_data/repository/metadata.staged/timestamp.json.gz
+++ b/tests/repository_data/repository/metadata.staged/timestamp.json.gz
--- a/tests/repository_data/repository/metadata/role1.json
+++ b/tests/repository_data/repository/metadata/role1.json
--- a/tests/repository_data/repository/metadata/role1.json.gz
+++ b/tests/repository_data/repository/metadata/role1.json.gz
--- a/tests/repository_data/repository/metadata/root.json
+++ b/tests/repository_data/repository/metadata/root.json
--- a/tests/repository_data/repository/metadata/root.json.gz
+++ b/tests/repository_data/repository/metadata/root.json.gz
--- a/tests/repository_data/repository/metadata/snapshot.json
+++ b/tests/repository_data/repository/metadata/snapshot.json
--- a/tests/repository_data/repository/metadata/snapshot.json.gz
+++ b/tests/repository_data/repository/metadata/snapshot.json.gz
--- a/tests/repository_data/repository/metadata/targets.json
+++ b/tests/repository_data/repository/metadata/targets.json
--- a/tests/repository_data/repository/metadata/targets.json.gz
+++ b/tests/repository_data/repository/metadata/targets.json.gz
--- a/tests/repository_data/repository/metadata/timestamp.json
+++ b/tests/repository_data/repository/metadata/timestamp.json
--- a/tests/repository_data/repository/metadata/timestamp.json.gz
+++ b/tests/repository_data/repository/metadata/timestamp.json.gz
--- a/tuf/conf.py
+++ b/tuf/conf.py
@ -134,7 +134,7 @@
 # The algorithm(s) in REPOSITORY_HASH_ALGORITHMS are chosen by the repository
 # tool to generate the digests listed in metadata, prepended to the
 # filenames of consistent snapshots, or used to generate key IDs.
-REPOSITORY_HASH_ALGORITHMS = ['sha256']
+REPOSITORY_HASH_ALGORITHMS = ['sha256', 'sha512']

 # Software updaters that integrate the framework are required to specify
 # the URL prefix for the mirrors that clients can contact to download updates.
--- a/tuf/formats.py
+++ b/tuf/formats.py
@ -222,9 +222,8 @@
  keytype = SCHEMA.AnyString(),
  keyval = KEYVAL_SCHEMA)

-# A TUF key object.  This schema simplifies validation of keys that may be
-# one of the supported key types.
-# Supported key types: 'rsa', 'ed25519'.
+# A TUF key object.  This schema simplifies validation of keys that may be one
+# of the supported key types.  Supported key types: 'rsa', 'ed25519'.
 ANYKEY_SCHEMA = SCHEMA.Object(
  object_name = 'ANYKEY_SCHEMA',
  keytype = KEYTYPE_SCHEMA,
@ -343,7 +342,8 @@
  signed = SCHEMA.Any(),
  signatures = SCHEMA.ListOf(SIGNATURE_SCHEMA))

-# A dict where the dict keys hold a keyid and the dict values a key object.
+# A dictionary where the dict keys hold a keyid and the dict values a key
+# object.
 KEYDICT_SCHEMA = SCHEMA.DictOf(
  key_schema = KEYID_SCHEMA,
  value_schema = KEY_SCHEMA)
--- a/tuf/repository_lib.py
+++ b/tuf/repository_lib.py
@ -220,6 +220,8 @@ def _generate_and_write_metadata(rolename, metadata_filename, write_partial,
  # 'signable' contains an invalid threshold of signatures. 
  else:
    message = 'Not enough signatures for ' + repr(metadata_filename)
+    print('role keyids:\n' + repr(tuf.roledb.get_role_keyids(rolename)))
+    #if rolename == 'role1': print('signable:\n' + repr(signable))
    raise tuf.UnsignedMetadataError(message, signable)
  
  return signable, filename
@ -957,13 +959,13 @@ def import_rsa_publickey_from_file(filepath):
 def generate_and_write_ed25519_keypair(filepath, password=None):
  """
  <Purpose>
-    Generate an ED25519 key file, create an encrypted TUF key (using 'password'
+    Generate an Ed25519 key file, create an encrypted TUF key (using 'password'
    as the pass phrase), and store it in 'filepath'.  The public key portion of
    the generated ED25519 key is stored in <'filepath'>.pub.  Which cryptography
    library performs the cryptographic decryption is determined by the string
    set in 'tuf.conf.ED25519_CRYPTO_LIBRARY'.
    
-    PyCrypto currently supported.  The ED25519 private key is encrypted with
+    PyCrypto currently supported.  The Ed25519 private key is encrypted with
    AES-256 and CTR the mode of operation.  The password is strengthened with
    PBKDF2-HMAC-SHA256.

@ -1019,6 +1021,7 @@ def generate_and_write_ed25519_keypair(filepath, password=None):
  keyval = ed25519_key['keyval']
  ed25519key_metadata_format = \
    tuf.keys.format_keyval_to_metadata(keytype, keyval, private=False)
+  print('ed25519key_metadata_format: ' + repr(ed25519key_metadata_format))
  
  # Write the public key, conformant to 'tuf.formats.KEY_SCHEMA', to
  # '<filepath>.pub'.
@ -1076,7 +1079,7 @@ def import_ed25519_publickey_from_file(filepath):
  # loaded key object in tuf.formats.ED25519KEY_SCHEMA' format that also
  # includes the keyid.
  ed25519_key_metadata = tuf.util.load_json_file(filepath)
-  ed25519_key = tuf.keys.format_metadata_to_key(ed25519_key_metadata)
+  ed25519_key, junk = tuf.keys.format_metadata_to_key(ed25519_key_metadata)
  
  # Raise an exception if an unexpected key type is imported.
  # Redundant validation of 'keytype'.  'tuf.keys.format_metadata_to_key()'
--- a/tuf/repository_tool.py
+++ b/tuf/repository_tool.py
@ -308,8 +308,8 @@ def write(self, write_partial=False, consistent_snapshot=False,
  def write_partial(self):
    """
    <Purpose>
-      Write all the JSON Metadata objects to their corresponding files, but
-      allow metadata files to contain an invalid threshold of signatures.  
+      Write all the JSON metadata to their corresponding files, but allow
+      metadata files to contain an invalid threshold of signatures.  
    
    <Arguments>
      None.