You may argue that the redundancy is unnecessary (pun intended), but it
is there because redundancy means one safety check will work where
another fails. I introduced this redundant file length check because the
updater unit test is mocking the download functions, which means that
file length checks in the download functions are being bypassed.
Redundancy is a good thing for safety.
You may argue that the redundancy is unnecessary (pun intended), but it
is there because redundancy means one safety check will work where
another fails. I introduced this redundant file length check because the
updater unit test is mocking the download functions, which means that
file length checks in the download functions are being bypassed.
Redundancy is a good thing for safety.
The default tuf.keystore._PBKDF_ITERATIONS (90,510) slow down the unit tests considerably. Reduce it temporarily for the unit tests depending on it and that do not test the strength of derived keys. All 164 tests now run in approximately 2 minutes, down from approximately 17 minutes. The lowered PBKDF count set for the unit tests is equal to the previous key derivation count used by evpy.
The default tuf.keystore._PBKDF_ITERATIONS (90,510) slow down the unit tests considerably. Reduce it temporarily for the unit tests depending on it and that do not test the strength of derived keys. All 164 tests now run in approximately 2 minutes, down from approximately 17 minutes. The lowered PBKDF count set for the unit tests is equal to the previous key derivation count used by evpy.
A bug in test_signercli.py prevents required keys from loading. A password for a test keyid is modified but not properly restored. This particular bug made it difficulty in adding a new feature (i.e., derived keys) and updating the unit tests. We need to simplify the unit tests, specifically the removal of side effects, monkey patches, pseudo repositories/data structures, and dependency on scripts that expect user input. 'signerlib.py' should be called instead of the signer tools (e.g., signercli.py).
A bug in test_signercli.py prevents required keys from loading. A password for a test keyid is modified but not properly restored. This particular bug made it difficulty in adding a new feature (i.e., derived keys) and updating the unit tests. We need to simplify the unit tests, specifically the removal of side effects, monkey patches, pseudo repositories/data structures, and dependency on scripts that expect user input. 'signerlib.py' should be called instead of the signer tools (e.g., signercli.py).
