mirror of
https://github.com/theupdateframework/python-tuf
synced 2026-05-24 10:08:28 +00:00
Changes following Santiago\'s review.
This commit is contained in:
parent
0b9d2e223f
commit
c941eda8d2
3 changed files with 21 additions and 7 deletions
|
|
@ -29,6 +29,13 @@
|
|||
|
||||
"""
|
||||
|
||||
# Help with Python 3 compatability, where the print statement is a function, an
|
||||
# implicit relative import is invalid, and the '/' operator performs true
|
||||
# division. Example: print 'hello world' raises a 'SyntaxError' exception.
|
||||
from __future__ import print_function
|
||||
from __future__ import absolute_import
|
||||
from __future__ import division
|
||||
|
||||
import os
|
||||
import urllib
|
||||
|
||||
|
|
@ -121,7 +128,7 @@ def test_arbitrary_package_attack(using_tuf=False, modify_metadata=False):
|
|||
release_metadata_filepath,
|
||||
release_metadata_key_list)
|
||||
|
||||
# Modify timestamp metadata to reflect he change to release metadata.
|
||||
# Modify timestamp metadata to reflect the change to release metadata.
|
||||
timestamp_metadata_filepath = os.path.join(tuf_repo, 'metadata',
|
||||
'timestamp.txt')
|
||||
|
||||
|
|
@ -192,7 +199,8 @@ def test_arbitrary_package_attack(using_tuf=False, modify_metadata=False):
|
|||
print()
|
||||
|
||||
|
||||
print('Attempting arbitrary package attack with TUF (and tampering with metadata):')
|
||||
print('Attempting arbitrary package attack with TUF'+\
|
||||
'(and tampering with metadata):')
|
||||
try:
|
||||
test_arbitrary_package_attack(using_tuf=True, modify_metadata=True)
|
||||
except ArbitraryPackageAlert, error:
|
||||
|
|
|
|||
|
|
@ -36,6 +36,12 @@
|
|||
|
||||
"""
|
||||
|
||||
# Help with Python 3 compatability, where the print statement is a function, an
|
||||
# implicit relative import is invalid, and the '/' operator performs true
|
||||
# division. Example: print 'hello world' raises a 'SyntaxError' exception.
|
||||
from __future__ import print_function
|
||||
from __future__ import absolute_import
|
||||
from __future__ import division
|
||||
|
||||
import os
|
||||
import urllib
|
||||
|
|
@ -160,7 +166,7 @@ def test_extraneous_dependency_attack(using_tuf=False, modify_metadata=False):
|
|||
release_metadata_filepath,
|
||||
release_metadata_key_list)
|
||||
|
||||
# Modify timestamp metadata to reflect he change to release metadata.
|
||||
# Modify timestamp metadata to reflect the change to release metadata.
|
||||
timestamp_metadata_filepath = os.path.join(tuf_repo, 'metadata',
|
||||
'timestamp.txt')
|
||||
|
||||
|
|
@ -237,12 +243,12 @@ def test_extraneous_dependency_attack(using_tuf=False, modify_metadata=False):
|
|||
print()
|
||||
|
||||
|
||||
print('Attempting extraneous dependency attack with TUF\
|
||||
(and tampering with metadata):')
|
||||
print('Attempting extraneous dependency attack with TUF'+\
|
||||
'(and tampering with metadata):')
|
||||
try:
|
||||
test_extraneous_dependency_attack(using_tuf=True, modify_metadata=True)
|
||||
except ExtraneousDependencyAlert, error:
|
||||
print(error
|
||||
print(error)
|
||||
else:
|
||||
print('Extraneous dependency attack failed.')
|
||||
print()
|
||||
|
|
|
|||
|
|
@ -630,7 +630,7 @@ def update_signed_file_in_metadata(signee_filepath, signer_filepath,
|
|||
signer_filepath:
|
||||
filepath of the metadata that signs the modified file
|
||||
lookup_keys:
|
||||
a list of the keys used to look up signee's file info in signer
|
||||
a list of the DICTIONARY keys used to look up signee's file info in signer
|
||||
"""
|
||||
|
||||
signer_file = open(signer_filepath, 'r+')
|
||||
|
|
|
|||
Loading…
Reference in a new issue