by removing them. This is potentially problematic as it might change
the keyid when converting to ASN.1 and back, but it'll have to do for
now, and we shouldn't have these things in there in the first place.
It's an edge case, and this is a compromise.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Switch to using VisibleString to encode key values, since RSA keys
are ASCII-prefixed Base64, while ed25519 key values are hex strings.
This is inefficient, but this reference implementation profits from
being simple. May reconsider later and add specialized code. :/
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Note that the natural translation of a Python dictionary (which has no implicit
order of elements) into ASN.1 is to a Set (unordered) of objects, and not a
Sequence (ordered). For example, you can think of {'key_a': ..., 'key_b': ...}
as (key_a_obj, key_b_obj), where the order is irrelevant.
Despite this natural interpretation, there are some cases where we impose an
order here in the translation to ASN.1. We do this when the dictionary is
essentially a translation of an object/struct that contains disparate
conceptual types. For example: {'keyid': ..., 'sig': ...} is translated as
[keyid_object, sig_object], not (keyid_object, sig_object). This is to make the
structure of objects in the wire format predictable. RootMetadata below is a
good example: in the ASN.1/DER wire format, root metadata will always begin
with a 'type' element, followed by 'expires', then 'version', etc.
Already-ordered components like lists are, of course, always retained as
ordered lists (Sequence). (e.g. the 'signatures' element of metadata is always
ordered in both ASN.1 and the JSON-compatible metadata format.)
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Definitions like 'Filename' that are just renames of VisibleString
etc. are removed for simplicity. This may be slightly harder to read.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
so that TopLevelDelegation class declaration appears before the
RootMetadata class definition that uses it.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
even though 'meta' is not a particularly expressive name, it's what
the spec uses, and looking like the JSON-compatible metadata is
important for the ASN.1 metadata.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Once TAP 5 is accepted and implemented, root role metadata will
allow for an optional URL list element for each top-level role.
See TAP 5 for more details.
The placeholders here are commented-out.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
both in abstract ASN.1 definition language and a format compatible
with pyasn1.
These will be used for conversion of TUF metadata between the
JSON-compatible internal TUF metadata format and ASN.1/DER.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
