Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'develop' of https://github.com/theupdateframework/tuf into develop

Browse source
This commit is contained in:
Vladimir Diaz 2015-01-05 13:27:30 -05:00
commit f810a07bb9
2 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
docs/tuf-spec.txt
View file

@ -131,7 +131,7 @@
installing software that is older than that which the client previously knew
to be available.
Indefinite freeze attacks. Attackers should not be able respond to client
Indefinite freeze attacks. Attackers should not be able to respond to client
requests with the same, outdated metadata without the client being aware of
the problem.
@ -177,7 +177,7 @@
files, or executable binaries is irrelevant to the framework.
The metadata describing target files is the information necessary to
securely identity the file and indicate which roles are trusted to provide
securely identify the file and indicate which roles are trusted to provide
the file. As providing additional information about
target files may be important to some software update systems using the
framework, additional arbitrary information can be provided with any target

7
tuf/README-developer-tools.md
View file

@ -44,7 +44,7 @@ First, we will need to generate a key to sign the metadata. Keys are generated
in pairs: one public and the other private. The private key is
password-protected and is used to sign metadata. The public key can be shared
freely, and is used to verify signatures made by the private key. You will need
too share your public key with the repository hosting your project so they can
to share your public key with the repository hosting your project so they can
verify your metadata is signed by the right person.
The generate\_and\_write\_rsa\_keypair function will create two key files named
@ -94,7 +94,7 @@ After importing the key, we can generate a new project with the following
command:
```
>>> project = create_new_project(name="example_project",
>>> project = create_new_project(project_name="example_project",
... metadata_directory="local/path/to/metadata/",
... targets_directory="local/path/to/example_project",
... location_in_repository="repo/unclaimed", key=public_key)
@ -117,7 +117,7 @@ the project.
To add a target, we issue the following method:
```
>>> project.add_target("target_1")
>>> project.add_target("local/path/to/example_project/target_1")
```
Note that the file "target\_1" should be located in
@ -189,6 +189,7 @@ to delegate a new role for them. For example, we can do the following:
```
>>> other_key = import_rsa_publickey_from_file(“another_public_key.pub”)
>>> targets = ['local/path/to/newtarget']
>>> project.delegate(“newrole”, [other_key], targets)
```