Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
3274 commits 28 branches 35 tags 23 MiB
Commit graph

261 commits

Author SHA1 Message Date
Vladimir Diaz
c1e72e0fdd "latest time" --> "latest known time" 2017-05-24 12:37:43 -04:00
Vladimir Diaz
b7f893dd62 Edit instances of "downloaded time" to just "time" 2017-05-24 12:37:43 -04:00
Vladimir Diaz
836ebe59cb Fix section 3, where the hash is specified rather than the version number 2017-05-24 12:14:36 -04:00
Trishank Karthik Kuppusamy
c5e8c079bb Fix bloopers. 2017-05-23 21:41:31 -04:00
Trishank Karthik Kuppusamy
558fb43dec Merge branch 'add-detailed-workflow' of github.com:trishankkarthik/tuf into add-detailed-workflow 2017-05-23 17:12:20 -04:00
Trishank Karthik Kuppusamy
98de3c490f Worked with @vladimir-v-diaz to add root migration workflow. 
Also corrected how files are fetched.
 2017-05-23 17:09:57 -04:00
Vladimir Diaz
06665c0bdc Merge branch 'develop' into add-detailed-workflow 2017-05-23 12:20:25 -04:00
Trishank Karthik Kuppusamy
d80ea0b145 Add a note about the expiration of the previous root metadata file. 2017-05-19 16:32:48 -04:00
Trishank Karthik Kuppusamy
3935141b85 Remove what seems like an unnecessary note. 2017-05-19 16:31:18 -04:00
Trishank Karthik Kuppusamy
a2a5931883 Merge reading consistent snapshots with the client update workflow. 2017-05-19 00:45:28 -04:00
Trishank Karthik Kuppusamy
5666cbcfc0 Remove what seems like unnecessary, obsolete text. 2017-05-19 00:10:50 -04:00
Trishank Karthik Kuppusamy
487d27a654 Add subtleties to preorder DFS for targets. 2017-05-19 00:10:29 -04:00
Trishank Karthik Kuppusamy
30536cfb1a Edit Section 7.2 to reflect Section 5.1. 
Ideally, the former should be merged with the latter.
 2017-05-18 21:09:35 -04:00
Trishank Karthik Kuppusamy
c5deaa340f Explain why download targets up to the # of bytes in the targets metadata. 2017-05-18 20:59:00 -04:00
Trishank Karthik Kuppusamy
8b1f85363a Explain how to obtain and load the previous root metadata file. 2017-05-18 20:58:37 -04:00
Trishank Karthik Kuppusamy
947e366557 Use "MUST" with regard to RFC 2119. 2017-05-18 20:44:46 -04:00
Vladimir Diaz
70cf57ad85 Slight edit to fix incorrect version of root file 2017-05-18 16:04:44 -04:00
Vladimir Diaz
1269ed9678 Fix whitespace issue in previous commit 2017-05-18 16:04:44 -04:00
Vladimir Diaz
4a1791d125 Incorporate @awwad and @heartsucker suggestions 2017-05-18 16:04:44 -04:00
Vladimir Diaz
be7a7ffd6f Clarify procedure for updating to new root.json 
Client's should validate new root.json according to the threshold and keys set by its previous version.

See @heartsucker comment [here](https://github.com/heartsucker/rust-tuf/issues/42#issuecomment-302436972)
 2017-05-18 16:04:44 -04:00
Trishank Karthik Kuppusamy
afa804f093 Clarify that the previous snapshot metadata file may be safely expired. 2017-05-18 12:36:01 -04:00
Trishank Karthik Kuppusamy
6236878eb1 Address comments by @JustinCappos. 2017-04-26 15:07:56 -04:00
Trishank Karthik Kuppusamy
f092d2a87b Expand on the TUF client update workflow, per popular demand. 2017-04-26 14:02:01 -04:00
Vladimir Diaz
7eae7e38b0 Explain that section 7 covers consistent snapshots 2017-04-24 16:10:16 -04:00
Vladimir Diaz
3532fb8005 Remove alternative schemes for overlapping targets 2017-04-24 14:59:18 -04:00
Vladimir Diaz
116cb39039 Add matching example of shell-style wildcard 
One more matching example here would help. Right now, it looks as if "?" matches only "numbers".
 2017-04-24 12:55:51 -04:00
Vladimir Diaz
adf48f90ce Remove parenthetical note 
in text for terminating delegations.
 2017-04-24 12:25:12 -04:00
Vladimir Diaz
6665d25b9e Remove notion of a full rolename 
We previously used a full rolename when delegations resembled a tree
 2017-02-27 16:22:10 -05:00
Vladimir Diaz
6cca34b6f1 Add 'terminating' attribute and text explaining its use 2017-02-27 16:19:25 -05:00
Vladimir Diaz
bbd3288245 Update text for handling overlapping targets between delegations. 
Remove note about priority tag schemes and our investigation of several of these schemes
 2017-02-27 15:29:51 -05:00
Vladimir Diaz
1a00c4cd8f Update text describing format of PATHPATTERN 2017-02-27 15:11:37 -05:00
Vladimir Diaz
c105077d05 Add compression_algorithms and consistent_snapshot attributes to root.json 2017-02-27 14:48:37 -05:00
Vladimir Diaz
76435bfdb5 Update tuf-spec.txt 
Add improved definition of the fast-forward attack in the specification.
 2017-02-07 11:29:43 -05:00
Vladimir Diaz
70fc8dce36 Resolve merge conflicts with upstream and ecordell-root-versioning 2016-10-18 10:28:04 -04:00
Vladimir Diaz
8882dc5b7b Merge branch 'root-versioning' of https://github.com/ecordell/tuf into ecordell-root-versioning 
Conflicts:
	tests/test_key_revocation.py
	tests/test_replay_attack.py
	tests/test_repository_tool.py
	tests/test_updater.py
	tuf/formats.py
	tuf/repository_lib.py
 2016-10-17 15:57:48 -04:00
Vladimir Diaz
3ab08e52f6 Update tuf-spec.txt 
Distinguish the "signed" portion of a metadata file from the entire file itself.  Addressing comment provided by @HuKeping
 2016-10-07 10:57:19 -04:00
Evan Cordell
a11709000d Add root versioning for root key rotation 2016-09-19 15:18:20 -04:00
Vladimir Diaz
5d2c8fdc76 Update tuf-spec.txt 
Remove mention of a "private" dictionary key in metadata.  Public TUF metadata consumed by clients would never include a "private" field, so it shouldn't be specified here in the specification.
 2016-09-15 14:23:44 -04:00
Vladimir Diaz
f8e56d29e6 Add favicons 
Add two favicons that are easier to see in the browser.
 2016-09-02 10:22:58 -04:00
Vladimir Diaz
158f452b1b Create new folder 
Add a `proposals` folder to keep track of changes made to specification.
 2016-08-25 14:09:31 -04:00
Vladimir Diaz
fbd901422f Update tuf-spec.txt 
Address issue #364.  The specification includes examples of metadata with version numbers listed, but the description of snapshot.json does not.  The `custom` field is listed only in targets metadata.
 2016-08-25 07:02:00 -04:00
Vladimir Diaz
0dac8e7b19 Update tuf-spec.txt 
Move text explaining where delegated roles live on the repository
 2016-08-22 15:23:19 -04:00
Vladimir Diaz
53b16aefd1 Update tuf-spec.txt 
All delegated metadata is stored in one flat directory.
 2016-08-09 15:02:14 -04:00
Jonathan Rudenberg
03a5cc4b36 Use HTTPS links in spec 2016-08-08 11:32:00 -04:00
Jonathan Rudenberg
eac88eb3e8 Fix Thandy link 2016-08-08 11:19:38 -04:00
Vladimir Diaz
15bbbb7b53 List fast-forward attack in the specification, including those missing. Alphabetize the attacks. 2016-07-28 16:06:59 -04:00
Vladimir Diaz
ece53b413d Mark the version 1.0 specification as a draft 2016-07-28 13:12:58 -04:00
Vladimir Diaz
f57a0bb1a9 Save version 0.9 of specification 2016-07-26 12:21:49 -04:00
Vladimir Diaz
2f909f695f Add Spec 1.0 2016-07-26 12:17:31 -04:00
Vladimir Diaz
e3a1544070 Begin implementation changes to address issue with a global role and key database 2016-05-06 12:13:57 -04:00
Vladimir Diaz
1bed3e09a4 Update tuf-spec.txt 2016-02-25 17:29:36 -05:00
Vladimir Diaz
b008edd7cd Update tuf-spec.txt 
Begin section 5.1 (The Client Application) with a concise overview of the update procedure followed by client applications.  Follow the overview text with the more detailed explanation of the update procedure.
 2016-02-25 17:24:23 -05:00
Vladimir Diaz
e943048757 Add Diplomat paper 2016-02-19 14:13:03 -05:00
Vladimir Diaz
801c4ced2f Remove logo of dolly 2016-02-19 11:15:51 -05:00
Vladimir Diaz
30bd90810d Rename the banner images 2016-02-19 11:14:28 -05:00
Vladimir Diaz
2c0ef0c94a Merge branch 'logo' of github.com:vladimir-v-diaz/tuf into logo 2016-02-19 11:10:05 -05:00
Vladimir Diaz
1b378a2f80 Add avatar, banner, and favicon 2016-02-19 11:07:43 -05:00
Vladimir Diaz
b60b741261 Update tuf-spec.txt 
* @jawi recommended that the specification say that it is up to implementers to decide how keys should be securely stored.

* Python implementation -> reference implementation: for clarity and to be consistent with other documents.
 2015-11-17 15:19:24 -05:00
Vladimir Diaz
cb1591e63d Update tuf-spec.txt 
Fix for issue #296.  We should document which underlying hash function is used with PKCS #1 RSA PSS signatures to maintain compatibility with different clients, or integrators that wish to verify/test our metadata.
 2015-11-11 12:55:30 -05:00
Benno Fünfstück
6ae6a0cda0 tuf-spec.txt: fix duplicate 'the' 2015-10-03 15:40:24 +02:00
Vladimir Diaz
bd757d6738 Update tuf-spec.txt 
Add date and version number.
 2015-05-14 18:02:26 -04:00
Vladimir Diaz
d1d4b3cc56 Add examples of top-level role files to tuf-spec.txt. Fix for issue #273 2015-05-03 15:28:38 -04:00
Vladimir Diaz
91b2405ab4 Update tuf-spec.txt 
Fix for issue #271.
 2015-05-01 10:42:04 -04:00
Vladimir Diaz
e370553d62 Update tuf-spec.txt. Fix for issue #269. 
Specify format of HASHES.
 2015-04-29 11:33:35 -04:00
Arturo Filastò
db0ba6d0f1 Minor typo fixes 2015-01-02 14:42:33 +01:00
Vladimir Diaz
53baf44c65 Add logo. 
Preview logo (dolly).
 2014-12-23 15:49:15 -05:00
Vladimir Diaz
66f4b88ef2 Update repository tool diagram and coverage. 
Fix text box alignment in diagram.
Omit coverage of repository tool prompt and getpass.
Minor coverage update.
 2014-06-03 14:59:56 -04:00
vladdd
5f94d5be0d Support ISO 8601, vendor iso8601, clean codebase. 2014-04-19 14:27:53 -04:00
Vladimir Diaz
0f86447eac Update tuf-spec.txt 
Update time format.
 2014-04-15 13:23:41 -04:00
Vladimir Diaz
4ddd5a417c Update repository tool diagram. 
Add missing 'repository_tool.Metadata.signatures' to the diagram.
 2014-04-09 12:52:20 -04:00
vladdd
e9da58328b Update repository_tool-diagram.png and comments. 
Minor updates to comments of the previous repository_tool.py commit.
Update repository_tool-diagram.png to list disable_console_log_messages().
Rename disable_console_messages().
 2014-03-05 19:40:05 -05:00
Vladimir Diaz
d92b78b971 Update tuf-spec.txt 
Update section on supported cryptographic signatures.
Add some whitespace to improve readability.
 2014-03-05 12:20:44 -05:00
Vladimir Diaz
416d39bfc8 Update tuf-spec.txt 
Address issue #179
Lines 800, 803: (root|timestamp).digest.json -> digest.(root|timestamp).json
 2014-02-26 09:33:09 -05:00
Vladimir Diaz
a6c3b447d4 Update tuf-spec.txt 2014-02-13 12:10:08 -05:00
vladdd
cdaacb9da3 Update tuf-spec.txt. 
Incorporate recent design changes, such as a role name change, supported signature schemes, and expected metadata extension.
Fix for issue #171.
 2014-02-07 22:39:41 -05:00
Vladimir Diaz
b84225f3e7 Add disclaimer for deprecated latex documents. 2014-02-04 08:37:33 -05:00
Vladimir Diaz
36b59f922e Continue updating unit tests and modify ROOT_SCHEMA. 2014-01-30 08:11:35 -05:00
Vladimir Diaz
009ddd9f37 Rename top-level role and functions of repository_tool.py. Update documentation and diagram. 
add_key() -> add_verification_key()
remove_key() -> remove_verification_key()
release.json -> snapshot.json
Update repository_tool-diagram.png
Update README following the renamed functions and release role changes.
Minor edits, such as removing lint left over from a previous merge conflict.
 2014-01-29 11:26:56 -05:00
Vladimir Diaz
3b5e0c0814 Merge 'develop' and resolve conflicts. 2014-01-27 13:35:11 -05:00
Vladimir Diaz
761c83f717 Remove outdated module name from repository_tool.py diagram. 2014-01-24 07:26:57 -05:00
Vladimir Diaz
570640898d Update repository tool diagram and README. 2014-01-23 12:34:59 -05:00
dachshund
a0a51d6f5e Slightly change filename modification. 2014-01-17 15:31:42 -05:00
dachshund
9dbb3a7815 A few clarifications to the spec on consistent snapshots. 2014-01-14 20:11:35 -05:00
Vladimir Diaz
cd60d6dfb6 Address issue #164. 
Backup client and server spec pdfs
Add missing .sh code to tex document
Change code listing formatting
Fix minor issues
 2014-01-09 10:55:05 -05:00
Vladimir Diaz
1e69c9583a Remove linked+outdated client and server specs 2014-01-09 10:26:52 -05:00
dachshund
e645ff69d7 Adjust spec to carefully rename downloaded files. 2014-01-08 16:06:31 -05:00
dachshund
3cee44ec6f First cut of specification for consistent snapshots. 2014-01-06 19:40:54 -05:00
Vladimir Diaz
0399e5ace8 Update tuf-spec.txt 
Update specification following the changed behavior outlined in Issue #158.
 2014-01-06 10:34:27 -05:00
dachshund
a6aba55605 WIP on spec. 2014-01-05 18:08:39 -05:00
dachshund
3fa84d7a58 WIP on spec. 2014-01-05 18:07:32 -05:00
vladdd
d5ca811eda Update libtuf-diagram. 
Update the libtuf.py diagram following Issue #165 changes.
 2014-01-02 13:57:52 -05:00
Vladimir Diaz
45c65c9178 Merge branch 'develop' into repository-tools 2013-12-16 14:22:31 -05:00
Vladimir Diaz
d27543258e Update libtuf.py documentation and address issues #143 and #144 
Add support for encrypted (and public ed25519 keys) TUF key files.
Add support for ed25519 keys, signatures, and key files in libtuf.py.
Update libtuf.py diagram.
Move canonical encoding operations to the create and verify key functions.
 2013-12-16 08:45:40 -05:00
Vladimir Diaz
56a4a44785 Update tuf-spec.txt 2013-11-20 21:15:43 -05:00
vladdd
9f75253d0a Add libtuf-diagram.png 2013-11-15 18:04:29 -05:00
dachshund
b082f7af19 Read from and write to a list of path hash prefixes. 2013-08-12 00:47:08 -04:00
dachshund
77a868c58d Read from and write to a list of path hash prefixes. 2013-08-12 00:47:08 -04:00
dachshund
4d66ea3fee Fixed a few bugs and refactored the target workflow. 2013-08-09 14:10:21 -04:00
dachshund
5c1290611f Fixed a few bugs and refactored the target workflow. 2013-08-09 14:10:21 -04:00
vladdd
45203d25d1 Update tuf-spec.txt and implement "lazy bin walk" 
tuf-spec.txt was updated to include the latest metadata changes, such as version numbers, and the "lazy bin walk" scheme was implemented in updater.py.
 2013-08-09 08:29:57 -04:00
vladdd
609bbe084e Update tuf-spec.txt and implement "lazy bin walk" 
tuf-spec.txt was updated to include the latest metadata changes, such as version numbers, and the "lazy bin walk" scheme was implemented in updater.py.
 2013-08-09 08:29:57 -04:00
dachshund
c7fe1cd69f Improved checking of the "paths" and "path_hash_prefix" attributes. 
Removed checking whether "path_hash_prefix" is consistent with the
delegated paths in the delegator, because now the delegated paths may
list directories instead of simply files.
 2013-08-07 02:42:06 -04:00
dachshund
43db37c2ab Improved checking of the "paths" and "path_hash_prefix" attributes. 
Removed checking whether "path_hash_prefix" is consistent with the
delegated paths in the delegator, because now the delegated paths may
list directories instead of simply files.
 2013-08-07 02:42:06 -04:00
dachshund
cb3c30e13b Update specification and code to recognize the new 'path_hash_prefix' attribute. 2013-08-05 01:36:38 -04:00
dachshund
688b0e21ca WIP on adjusting tuf.client.updater to use list of roles. 2013-06-22 16:23:52 +08:00
dachshund
99ae000645 Clarify priority tags. 2013-06-19 01:35:35 +08:00
dachshund
260176517e Update spec to discuss priority tags. 2013-05-21 08:23:16 -04:00
Kon
e7c4352177 Removed doc duplicate and an obsolete test module. 2013-02-23 11:15:16 -05:00
Kon
bb059cd17e Refactored test_replay_attack.py, changes to test_system_setup.py and renamed one of the docs. 2013-02-23 11:08:35 -05:00
vladdd
391e90c630 Add .tex files for the TUF spec documents. 2013-02-11 14:20:45 -05:00
vladdd
abf0349b05 Move all files up one directory from 'src/'. 2013-02-10 21:38:06 -05:00