Allow validation of specific libraries rather than checking all of them in check_crypto_libraries().
Log warning if the repository tool is imported but has not been properly installed: $ pip install tuf[tools].
Modify format string of console log messages.
TUF's crypto dependencies was recently changed: ED25519 signatures supported by default, and require PyCrypto or tuf[tools] to verify RSASSA-PSS signatures.
The error returned for clients that tried to verify rsassa-pss signatures without the required library was bad. Error message returned now:
$ basic_client.py --repo http://localhost:8001
Error: No working mirror was found:
localhost:8001: Metadata downloaded from the remote repository specified an RSA signature. Verifying RSA signatures requires PyCrypto.
$ pip install PyCrypto, or pip install tuf[tools].
Update modules affected by the changes made to the latest versions of pyca-ed25519 and pyca-pynacl:
Do not use the unsafe key and signature generation functions of pure python ed25519, but do support the signature verification routine. Developers must use the faster and secure pynacl+libsodium to generate ed25519 keys and signatures.
Temporarily suppress pynacl's import warning error.
Minor edits to comments and code.
Update repository_tool.py and keys.py functions that import rsa publickey files. Perform a simple check of the PEM string so that an improperly formatted PEMis detected sooner. Reported by Santiago.
Add support for encrypted (and public ed25519 keys) TUF key files.
Add support for ed25519 keys, signatures, and key files in libtuf.py.
Update libtuf.py diagram.
Move canonical encoding operations to the create and verify key functions.
Update the key modules and their unit tests so that only the signature scheme is included in the signature label.
PyCrypto-PKCS#1 PSS -> RSASSA-PSS
ed25519-python and ed25519-pynacl -> ed25519
Configurable crypto changes previously implemented but the docstrings and comments of keys.py still needed updating. Minor edit to test_keys.py and a note added about a missing test case.