Add test cases for the crypto funtions (e.g., generate_and_write_ed25519_keypair()).
Add test case for get_metadata_filenames().
Add test case for get_metadata_fileinfo().
Add setUpClass() and tearDownClass().
Update affected functions that failed testing, and any that needed modifying (such as util.py).
Add missing test cases for the following functions:
get_target_hash()
find_delegated_role()
paths_are_consistent_with_hash_prefixes()
ensure_all_targets_allowed()
Add test condition to test_B6_load_json_string().
Rename the unused 'json_object' variable in util.py.
Roles are allowed to share verification keys. Update repository_tool.py so that the targets role can successfully load an already recognized key when loading a repository. Reported by Santiago.
repository_tool.py verified that valid metadata was written, properly signed, hashes all matched, and required roles created. The only check missing was verification of delegated target paths according the parent's delegations. Now, target paths are validated before write() is called for both 'path' and 'path_hash_prefixes'. updater.py has always properly verified paths, only repository_tool.py needed the support. If any of the delegated paths are not allowed, write()
raises the following exception:
tuf.ForbiddenTargetError: Role 'targets/unclaimed' specifies target '/simple/bad_file.txt', which is not an allowed path according to the delegations set by its parent role.
Support multiple hash algorithms, where the generated digests of metadata and
target files is included in metadata (and filenames if 'consistent_snapshots'
is True). Previously, only a single hash algorithm was supported, and it was
set by default to 'sha256' in code. Repository maintainers may now choose any,
and/or multiple, hash algorithms from those supported by TUF. By default,
'sha256' is used when generating digests.
Support the recent change to the TUF specification, where writing consistent
snapshots may include N versions of identical metadata and targets, if N hash
algorithms is used by the repository when generating metadata.
Update code affected by the recent changes to the specification, such as
targets that may include digests in their filename.
Support consistent snapshots of compressed metadata, including repositories
that provide multiple versions of metadata with different digests included
in their filenames.
The repository tools can now load repositories that include consistent snapshots
of metadata and targets, including those with multiple (i.e., multiple digests
prepended to filenames) consistent snapshots of files.
The client code may now read repositories with 'consistent_snapshots': true in
Root metadata, and properly request and update files with digests included.
You may argue that the redundancy is unnecessary (pun intended), but it
is there because redundancy means one safety check will work where
another fails. I introduced this redundant file length check because the
updater unit test is mocking the download functions, which means that
file length checks in the download functions are being bypassed.
Redundancy is a good thing for safety.
