Santiago's request: The key-removal methods in repository_tool.py should raise an exception if the key argument has not been previously loaded. They previously returned silently if the key was not found.
Update repository_tool.py and keys.py functions that import rsa publickey files. Perform a simple check of the PEM string so that an improperly formatted PEMis detected sooner. Reported by Santiago.
Add missing comments for three of the arguments in generate_snapshot_metadata()'s docstring.
Expand docstring comment in non-public function and mention that temporary metadata is generated to a temporary location.
Minor cosmetic changes.
Update the expected use of the repository_tool.py module and list the modules that may be used in TUF integrations, which the repository tool does not handle.Rewrite the sentence that mentions the integration tools so that it does not appear to be out of context.
Update the remaining unit tests following the many design changes. The unit tests should next be factored to use repository_tool.py, avoid pseudo repositories and repository objects, monkey patching, etc.
add_key() -> add_verification_key()
remove_key() -> remove_verification_key()
release.json -> snapshot.json
Update repository_tool-diagram.png
Update README following the renamed functions and release role changes.
Minor edits, such as removing lint left over from a previous merge conflict.
repository_tool.py verified that valid metadata was written, properly signed, hashes all matched, and required roles created. The only check missing was verification of delegated target paths according the parent's delegations. Now, target paths are validated before write() is called for both 'path' and 'path_hash_prefixes'. updater.py has always properly verified paths, only repository_tool.py needed the support. If any of the delegated paths are not allowed, write()
raises the following exception:
tuf.ForbiddenTargetError: Role 'targets/unclaimed' specifies target '/simple/bad_file.txt', which is not an allowed path according to the delegations set by its parent role.
Allow leading os.sep for target and restricted paths listed in metadata. Previously, '{repository directory}/targets/file.txt' was listed as 'file.txt' and unsuccessfully compared against '/', or the root-most targets directory. Now, '/file.txt' & '/' and similar examples may be compared and verified.
Fix issue where a hashed bin with empty targets was flagged as invalid because its targets did not produce a path hash prefix that matched any of those listed in the parent role. Uncovered with _ensure_all_targets_allowed().
Minor edits to code that compared paths and and used path separators.
Update and refactor status() following the changes to how metadata is written.
Minor comment change to conf.py.
Example output:
'root' role contains 1 / 1 signatures.
'targets' role contains 1 / 1 signatures.
'release' role contains 1 / 1 signatures.
'timestamp' role contains 1 / 1 signatures.
# Verify invalid number of public and private keys.
'timestamp' role contains 0 / 1 signing keys.
# Determine the delegated roles with invalid metadata.
Delegated roles with insufficient keys:
['targets/unclaimed/1', 'targets/unclaimed/0', 'targets/unclaimed/2', 'targets/unclaimed/5', 'targets/unclaimed/4', 'targets/unclaimed/7', 'targets/unclaimed/6', 'targets/unclaimed/9', 'targets/unclaimed/f', 'targets/unclaimed/3', 'targets/unclaimed/a', 'targets/unclaimed/c', 'targets/unclaimed/b', 'targets/unclaimed/e', 'targets/unclaimed/d', 'targets/unclaimed/8']
Add the add_restricted_paths() method.
Rename libtuf.py
Update README.
Update delegate_hashed_bins() docstring.
More testing of hashed bins and consistent snapshots.
Remove old scripts from setup.py.
Update docstrings and comments and complete the initial implementation of issue 151.
Adjust logger level for tuf.download._check_downloaded_length().
Initial implementation of issue 137.
Support multiple hash algorithms, where the generated digests of metadata and
target files is included in metadata (and filenames if 'consistent_snapshots'
is True). Previously, only a single hash algorithm was supported, and it was
set by default to 'sha256' in code. Repository maintainers may now choose any,
and/or multiple, hash algorithms from those supported by TUF. By default,
'sha256' is used when generating digests.
Support the recent change to the TUF specification, where writing consistent
snapshots may include N versions of identical metadata and targets, if N hash
algorithms is used by the repository when generating metadata.
Update code affected by the recent changes to the specification, such as
targets that may include digests in their filename.
Support consistent snapshots of compressed metadata, including repositories
that provide multiple versions of metadata with different digests included
in their filenames.
The repository tools can now load repositories that include consistent snapshots
of metadata and targets, including those with multiple (i.e., multiple digests
prepended to filenames) consistent snapshots of files.
The client code may now read repositories with 'consistent_snapshots': true in
Root metadata, and properly request and update files with digests included.
Initial implementation of writing consistent snapshots
Update Root schema
Support writing metadata in rolename.ext and digest.rolename.ext formats.
Modify libtuf.py methods that walk and extract metadata to recognize the digest.rolename.ext format.
Write root.txt and timestamp.txt if consistent_snapshots is True.
Support automatic version increments of delegated metadata.
Changed behavior:
Write metadata only if the uncompressed version has not been written, has changed, or if
compressed versions are missing (if requested). Not only is re-saving unmodified metadata not ideal, it also forces a new version of the release file if compressed metadata is rewritten. gzip attaches a timestamp to compressed files, which may cause compressed content to generate different digests if independently written.
Update libtuf.py comments.
Minor edit to docstrings of previous commit that addressed interposition issues.
