Added two switches to the generate script:
-k (or --keys), which forces the creation of new keys.
-d (or --dry-run), which skips the actual writing or copying phases
The second option might be useful in the future, and helped me debug the
optparse module, so I left it there.
The new test tries to make the fact that the datetime object given will
contain microseconds. It also tests for the fact that the microseconds
value is truncated after being set.
The test case for the expiration setter now includes a set case in which
the microseconds value is forced to be one. This is likely to happen
when users try to set expirations using datetime.datetime.today() or
functions that return the actual clock, which have microsecond
resolution.
Reject downloaded metadata as early as possible. The top-level roles were all downloaded as a group and then their
expiration inspected. All metadata provided by a mirror that has already expired is discarded immediately and the next mirror tried. The update process stops if a requested role cannot be successfully validated, or one of its parents.
[2014-04-29 02:00:32,308 UTC] [tuf.download] [INFO] [_download_file:745@download.py]
Downloading: http://localhost:8001/metadata/timestamp.json
[2014-04-29 02:00:32,324 UTC] [tuf.download] [INFO] [_check_downloaded_length:676@download.py]
Downloaded 544 bytes out of an upper limit of 16384 bytes.
[2014-04-29 02:00:32,324 UTC] [tuf.client.updater] [INFO] [_get_file:1189@updater.py]
Not decompressing http://localhost:8001/metadata/timestamp.json
[2014-04-29 02:00:32,331 UTC] [tuf.download] [INFO] [_download_file:745@download.py]
Downloading: http://localhost:8001/metadata/snapshot.json
[2014-04-29 02:00:32,333 UTC] [tuf.download] [INFO] [_check_downloaded_length:654@download.py]
Downloaded 1003 bytes out of the expected 1003 bytes.
[2014-04-29 02:00:32,334 UTC] [tuf.client.updater] [INFO] [_get_file:1189@updater.py]
Not decompressing http://localhost:8001/metadata/snapshot.json
[2014-04-29 02:00:32,334 UTC] [tuf.client.updater] [INFO] [_check_hashes:696@updater.py]
The file's sha256 hash is correct: 5b3aec7cf295a25e4b39d875c7474511da9645bc6d27f9e86fb7e439c82e0ec7
[2014-04-29 02:00:32,335 UTC] [tuf.client.updater] [ERROR] [_ensure_not_expired:1789@updater.py]
Metadata 'snapshot' expired on Tue Apr 29 01:59:01 2014 (UTC).
Do not request, download, and install top-level roles if the root of trust has already expired after the inital load. If requested, update an expired root role:
[2014-04-29 01:18:02,457 UTC] [tuf.client.updater] [ERROR] [_ensure_not_expired:1789@updater.py]
Metadata 'root' expired on Mon Apr 28 23:23:57 2014 (UTC).
[2014-04-29 01:18:02,458 UTC] [tuf.client.updater] [INFO] [refresh:628@updater.py]
Expired Root metadata was loaded from disk. Try to update it now.
[2014-04-29 01:18:02,458 UTC] [tuf.download] [INFO] [_download_file:745@download.py]
Downloading: http://localhost:8001/metadata/root.json
[2014-04-29 01:18:02,461 UTC] [tuf.download] [INFO] [_check_downloaded_length:676@download.py]
Downloaded 1198 bytes out of an upper limit of 512000 bytes.
[2014-04-29 01:18:02,461 UTC] [tuf.client.updater] [INFO] [_get_file:1189@updater.py]
Not decompressing http://localhost:8001/metadata/root.json
[2014-04-29 01:18:02,462 UTC] [tuf.client.updater] [ERROR] [_ensure_not_expired:1789@updater.py]
Metadata 'root' expired on Mon Apr 28 23:23:57 2014 (UTC).
Note: An expired 'root' was provided by the server. The requested root must also be signed by keys trusted by the client.
Ensure the target file used in the slow retrieval attack is larger than tuf.conf.SLOW_START_GRACE_PERIOD. The previous size of the test file might have led to inconsistent triggering of a slow retrieval error.
Add test cases for the crypto funtions (e.g., generate_and_write_ed25519_keypair()).
Add test case for get_metadata_filenames().
Add test case for get_metadata_fileinfo().
Add setUpClass() and tearDownClass().
Update affected functions that failed testing, and any that needed modifying (such as util.py).
Add 'test_repository_tool.py' (initial incomplete commit)
Add test cases for the top-level metadata objects (Root(), Targets(), etc.)
Add test case for Repository()
Add test case for get_target_hash()
Minor update to 'repository_tool.py': add default rolename for Targets() and call tuf.util.get_target_hash() in the
repository tool's get_target_hash()
Refactored to use the 'unittest' module (test conditions in code, rather
than verifying text output), use pre-generated repository files, and
discontinue use of the old repository tools. Modify the previous scenario
simulated for the mix-and-match attack. The metadata that specified the
dependencies of a project modified (previously a text file.)
Refactored to use the 'unittest' module (test conditions in code, rather
than verifying text output), use pre-generated repository files, and
discontinue use of the old repository tools. Modify the previous scenario
simulated for the mix-and-match attack.
Refactored to use the 'unittest' module (test conditions in code, rather
than verifying text output), use pre-generated repository files, and
discontinue use of the old repository tools. Expanded comments and modified
previous setup.
Minor edits to slow_retrieval_server.py.
Add missing else clauses (to detect when TUF fails to prevent an attack) for a couple of the integrations tests.
Refactored to use the 'unittest' module (test conditions in code, rather
than verifying text output), use pre-generated repository files, and
discontinue use of the old repository tools. Expanded comments.
Minor edit to comment.
Disable console log messages enabled by the repository tool, which this unit tests needs.
Sleep for at least 1 minute before checking for an expired metadata error, and ensure the function supplied to self.assertraises() is a callable.
Refactored 'test_endless_data_attack.py' to use the 'unittest' module (test
conditions in code, rather than verifying text output), use pre-generated
repository files, and discontinue use of the old repository tools. Minor
edits to the test cases.
Refactored to use the 'unittest' module (test conditions in code, rather
than verifying text output), use pre-generated repository files, and
discontinue use of the old repository tools. Fix for issue #111.
Add missing test cases for the following functions:
get_target_hash()
find_delegated_role()
paths_are_consistent_with_hash_prefixes()
ensure_all_targets_allowed()
Add test condition to test_B6_load_json_string().
Continue refactoring the test cases of test_updater.py.
Fix issue where repository_tool.py was not writing new compressed metadata.
Minor edits to TUF modules.
Add generate.py script and pre-generated repository files used by Unit tests (replacing repository_setup.py).
Refactor test_updater.py (10 test cases remaining).
Update modules affected by the changes made to the latest versions of pyca-ed25519 and pyca-pynacl:
Do not use the unsafe key and signature generation functions of pure python ed25519, but do support the signature verification routine. Developers must use the faster and secure pynacl+libsodium to generate ed25519 keys and signatures.
Temporarily suppress pynacl's import warning error.
Minor edits to comments and code.
Update the remaining unit tests following the many design changes. The unit tests should next be factored to use repository_tool.py, avoid pseudo repositories and repository objects, monkey patching, etc.
add_key() -> add_verification_key()
remove_key() -> remove_verification_key()
release.json -> snapshot.json
Update repository_tool-diagram.png
Update README following the renamed functions and release role changes.
Minor edits, such as removing lint left over from a previous merge conflict.
Update the key modules and their unit tests so that only the signature scheme is included in the signature label.
PyCrypto-PKCS#1 PSS -> RSASSA-PSS
ed25519-python and ed25519-pynacl -> ed25519
Configurable crypto changes previously implemented but the docstrings and comments of keys.py still needed updating. Minor edit to test_keys.py and a note added about a missing test case.
A util_test_tools.init_repo() parameter name was changed from 'tuf' to 'using_tuf', however, test_util_test_tools was not updated following the name change.
A util_test_tools.init_repo() parameter name was changed from 'tuf' to 'using_tuf', however, test_util_test_tools was not updated following the name change.
