Convert the 'expires' field of metadata to a Unix/POSIX timestamp (previously a custom string format.)
Replace tuf.formats.py functions 'format_time()' and 'parse_time()' with unix_timestamp_to_datetime() and datetime_to_unix_timestamp().
Update affected schemas.
Add test cases for the crypto funtions (e.g., generate_and_write_ed25519_keypair()).
Add test case for get_metadata_filenames().
Add test case for get_metadata_fileinfo().
Add setUpClass() and tearDownClass().
Update affected functions that failed testing, and any that needed modifying (such as util.py).
Add 'test_repository_tool.py' (initial incomplete commit)
Add test cases for the top-level metadata objects (Root(), Targets(), etc.)
Add test case for Repository()
Add test case for get_target_hash()
Minor update to 'repository_tool.py': add default rolename for Targets() and call tuf.util.get_target_hash() in the
repository tool's get_target_hash()
Refactored to use the 'unittest' module (test conditions in code, rather
than verifying text output), use pre-generated repository files, and
discontinue use of the old repository tools. Modify the previous scenario
simulated for the mix-and-match attack. The metadata that specified the
dependencies of a project modified (previously a text file.)
Refactored to use the 'unittest' module (test conditions in code, rather
than verifying text output), use pre-generated repository files, and
discontinue use of the old repository tools. Modify the previous scenario
simulated for the mix-and-match attack.
Refactored to use the 'unittest' module (test conditions in code, rather
than verifying text output), use pre-generated repository files, and
discontinue use of the old repository tools. Expanded comments and modified
previous setup.
Minor edits to slow_retrieval_server.py.
Add missing else clauses (to detect when TUF fails to prevent an attack) for a couple of the integrations tests.
Refactored to use the 'unittest' module (test conditions in code, rather
than verifying text output), use pre-generated repository files, and
discontinue use of the old repository tools. Expanded comments.
repository_tool.targets.delegate_hashed_bins():
Edit comments, add logging information, and rename 'max_number_of_bins' (now 'total_hash_prefixes') for clarity.
Fix expected value of 'number_of_bins' (power of 2 instead of multiple of 16.)
Remove the 'self' argument in get_filepaths_in_directory() (now a staticmethod.)
formats.py:
NUMBINS_SCHEMA may now start from 1 (allow the creation of 1 delegated hashed bin.)
Project name is now an argument of the project constructor and the
create_new project function.
The project_name field defines the rolename to add to the roledb, the
filename to create and adds a new field to the project.cfg file.
TUF's crypto dependencies was recently changed: ED25519 signatures supported by default, and require PyCrypto or tuf[tools] to verify RSASSA-PSS signatures.
The error returned for clients that tried to verify rsassa-pss signatures without the required library was bad. Error message returned now:
$ basic_client.py --repo http://localhost:8001
Error: No working mirror was found:
localhost:8001: Metadata downloaded from the remote repository specified an RSA signature. Verifying RSA signatures requires PyCrypto.
$ pip install PyCrypto, or pip install tuf[tools].
Minor edit to comment.
Disable console log messages enabled by the repository tool, which this unit tests needs.
Sleep for at least 1 minute before checking for an expired metadata error, and ensure the function supplied to self.assertraises() is a callable.
Refactored 'test_endless_data_attack.py' to use the 'unittest' module (test
conditions in code, rather than verifying text output), use pre-generated
repository files, and discontinue use of the old repository tools. Minor
edits to the test cases.
