Adds a check to old code that confirms that arg is a hex string.
This will likely be deleted code anyway.
Marks a comment that will probably be deleted as untrustworthy.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
While int is preferable for efficiency, the initial goal here is
total compatibility. The TUF-internal metadata format defined in
the TUF specification uses strings for expiration dates, and so
should the ASN.1 definitions used in the reference implementation
for now.
This also facilitates automated conversion between the formats.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
(to_pyasn1 and from_pyasn1 require additional arguments to specify
the datatype they're to convert to/from. conversion_check did not
previously have an argument to provide those. Now it does and so it
can test those functions.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
The keys the - and _ swap was being attempted in in this spot were
not structural fields in the ASN.1 definitions, so they should not
be tinkered with.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
and generate a helpful error if an odd number is received. (Do not
implicitly pad with terminal zero.)
Also slightly improve readability of nearby error lines.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Use len() on the NamedTypes object we assume is the componentType for
a struct-like pyasn1 class, instead of iterating over each element.
Also renames element_name_underscores variable to element_name_python
(ditto relevant_element_name_underscores).
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
and some better comments in it, too. Also fixes an indentation
oversight (not impactful, just style)
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
These will both hopefully not be necessary in the end, since they're
used in only one way each and the definitions should just directly
say things like
meta: SetOf(componentType=HashOfSnapshot())
instead of having an extra level, but for now this is easier to
debug.
Separately, the Hashes definition was incorrectly Set() instead of
SetOf() Hash
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
by removing them. This is potentially problematic as it might change
the keyid when converting to ASN.1 and back, but it'll have to do for
now, and we shouldn't have these things in there in the first place.
It's an edge case, and this is a compromise.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Switch to using VisibleString to encode key values, since RSA keys
are ASCII-prefixed Base64, while ed25519 key values are hex strings.
This is inefficient, but this reference implementation profits from
being simple. May reconsider later and add specialized code. :/
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Note that the natural translation of a Python dictionary (which has no implicit
order of elements) into ASN.1 is to a Set (unordered) of objects, and not a
Sequence (ordered). For example, you can think of {'key_a': ..., 'key_b': ...}
as (key_a_obj, key_b_obj), where the order is irrelevant.
Despite this natural interpretation, there are some cases where we impose an
order here in the translation to ASN.1. We do this when the dictionary is
essentially a translation of an object/struct that contains disparate
conceptual types. For example: {'keyid': ..., 'sig': ...} is translated as
[keyid_object, sig_object], not (keyid_object, sig_object). This is to make the
structure of objects in the wire format predictable. RootMetadata below is a
good example: in the ASN.1/DER wire format, root metadata will always begin
with a 'type' element, followed by 'expires', then 'version', etc.
Already-ordered components like lists are, of course, always retained as
ordered lists (Sequence). (e.g. the 'signatures' element of metadata is always
ordered in both ASN.1 and the JSON-compatible metadata format.)
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Definitions like 'Filename' that are just renames of VisibleString
etc. are removed for simplicity. This may be slightly harder to read.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
so that TopLevelDelegation class declaration appears before the
RootMetadata class definition that uses it.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
even though 'meta' is not a particularly expressive name, it's what
the spec uses, and looking like the JSON-compatible metadata is
important for the ASN.1 metadata.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Once TAP 5 is accepted and implemented, root role metadata will
allow for an optional URL list element for each top-level role.
See TAP 5 for more details.
The placeholders here are commented-out.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
both in abstract ASN.1 definition language and a format compatible
with pyasn1.
These will be used for conversion of TUF metadata between the
JSON-compatible internal TUF metadata format and ASN.1/DER.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
This adds to PR #799; please see that for details. In short,
tests sometimes fail on slow test systems (primarily on AppVeyor)
if we don't have long enough delays.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
on AppVeyor during automatic testing. Also explains a bit better
the reason for those delays, in the comments adjacent to them.
AppVeyor was occasionally laggy enough that spawning a separate
server process didn't happen fast enough for the included delays,
so connection attempts in the tests occasionally failed.
This lengthens a few 0.3s delays that I've seen pop up in test
failures to 2s delays, along with a few others for good measure.
Sadly, this slows testing a bit.... I'll keep an eye out for more
of these.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
