Skip to content

Remove keys.format_metadata_to_key()'s dependency on settings.HASH_ALGORITHMS #220

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
joshuagl opened this issue Mar 6, 2020 · 1 comment
Closed

Remove keys.format_metadata_to_key()'s dependency on settings.HASH_ALGORITHMS #220

joshuagl opened this issue Mar 6, 2020 · 1 comment

Comments

@joshuagl
Copy link
Collaborator

joshuagl commented Mar 6, 2020

Description of issue or feature request:

It should be possible to control the hash algorithms used for generating keyids in securesystemslib.keys.format_metadata_to_key() without having to change package level settings in securesystemslib.settings

Related to #219

Current behavior:

The tuf reference implementation has code like the following, i.e. repository_tool.py#L3062

hash_algorithms = securesystemslib.settings.HASH_ALGORITHMS
securesystemslib.settings.HASH_ALGORITHMS = key_metadata['keyid_hash_algorithms']
key_object, keyids = securesystemslib.keys.format_metadata_to_key(key_metadata)
securesystemslib.settings.HASH_ALGORITHMS = hash_algorithms

Expected behavior:

format_metadata_to_key can be called without having to change securesystemslib.settings.HASH_ALGORITHMS, something like:

key_object, keyids = securesystemslib.keys.format_metadata_to_key(key_metadata, hash_algorithms)
MVrachev added a commit to MVrachev/securesystemslib that referenced this issue Apr 1, 2020
@MVrachev
Refactor format_metadata_to_key
4dad937 
Refactor format_metadata_to_key so that it won't depend
on settings.HASH_ALGORITHMS.
There are couple of code snippets in tuf where in order to provide
a custom list of hash algorithms, tuf is temporary changing
settings.HASH_ALGORITHMS and then returning it to its formal state.

This could lead to problems in future and one should
be able to control hash algorithms used for generating keyids in f
ormat_metadata_to_key() without having to change
package level settings in securesystemslib.settings.

Closes: secure-systems-lab#220

Signed-off-by: Martin Vrachev <[email protected]>
@MVrachev
Copy link
Collaborator

MVrachev commented Apr 2, 2020

I will work to fix this one.

This was referenced Apr 2, 2020
Closed
Merged
MVrachev added a commit to MVrachev/securesystemslib that referenced this issue Apr 6, 2020
@MVrachev
Refactor format_metadata_to_key
1402559 
Refactor format_metadata_to_key so that it won't depend
on settings.HASH_ALGORITHMS.
There are couple of code snippets in tuf where in order to provide
a custom list of hash algorithms, tuf is temporary changing
settings.HASH_ALGORITHMS and then returning it to its formal state.

This could lead to problems in future and one should
be able to control hash algorithms used for generating keyids in f
ormat_metadata_to_key() without having to change
package level settings in securesystemslib.settings.

Closes: secure-systems-lab#220

Signed-off-by: Martin Vrachev <[email protected]>
MVrachev added a commit to MVrachev/securesystemslib that referenced this issue Apr 14, 2020
@MVrachev
Refactor format_metadata_to_key
c22a5a8 
Refactor format_metadata_to_key so that it won't depend
on settings.HASH_ALGORITHMS.
There are couple of code snippets in tuf where in order to provide
a custom list of hash algorithms, tuf is temporary changing
settings.HASH_ALGORITHMS and then returning it to its formal state.

This could lead to problems in future and one should
be able to control hash algorithms used for generating keyids in f
ormat_metadata_to_key() without having to change
package level settings in securesystemslib.settings.

Closes: secure-systems-lab#220

Signed-off-by: Martin Vrachev <[email protected]>
MVrachev added a commit to MVrachev/securesystemslib that referenced this issue Apr 16, 2020
@MVrachev
Refactor format_metadata_to_key
5b4d843 
Refactor format_metadata_to_key so that it won't depend
on settings.HASH_ALGORITHMS.
There are couple of code snippets in tuf where in order to provide
a custom list of hash algorithms, tuf is temporary changing
settings.HASH_ALGORITHMS and then returning it to its formal state.

This could lead to problems in future and one should
be able to control hash algorithms used for generating keyids in f
ormat_metadata_to_key() without having to change
package level settings in securesystemslib.settings.

Closes: secure-systems-lab#220

Signed-off-by: Martin Vrachev <[email protected]>
MVrachev added a commit to MVrachev/securesystemslib that referenced this issue Apr 27, 2020
@MVrachev
Refactor format_metadata_to_key
19fb72a 
Refactor format_metadata_to_key so that it won't depend
on settings.HASH_ALGORITHMS.
There are couple of code snippets in tuf where in order to provide
a custom list of hash algorithms, tuf is temporary changing
settings.HASH_ALGORITHMS and then returning it to its formal state.

This could lead to problems in future and one should
be able to control hash algorithms used for generating keyids in f
ormat_metadata_to_key() without having to change
package level settings in securesystemslib.settings.

Closes: secure-systems-lab#220

Signed-off-by: Martin Vrachev <[email protected]>
MVrachev added a commit to MVrachev/securesystemslib that referenced this issue May 18, 2020
@MVrachev
Refactor format_metadata_to_key
671b9eb 
Refactor format_metadata_to_key so that it won't depend
on settings.HASH_ALGORITHMS.
There are couple of code snippets in tuf where in order to provide
a custom list of hash algorithms, tuf is temporary changing
settings.HASH_ALGORITHMS and then returning it to its formal state.

This could lead to problems in future and one should
be able to control hash algorithms used for generating keyids in f
ormat_metadata_to_key() without having to change
package level settings in securesystemslib.settings.

Closes: secure-systems-lab#220

Signed-off-by: Martin Vrachev <[email protected]>
MVrachev added a commit to MVrachev/securesystemslib that referenced this issue May 18, 2020
@MVrachev
Refactor format_metadata_to_key
69a21d9 
Refactor format_metadata_to_key so that it won't depend
on settings.HASH_ALGORITHMS.
There are couple of code snippets in tuf where in order to provide
a custom list of hash algorithms, tuf is temporary changing
settings.HASH_ALGORITHMS and then returning it to its formal state.

This could lead to problems in future and one should
be able to control hash algorithms used for generating keyids in f
ormat_metadata_to_key() without having to change
package level settings in securesystemslib.settings.

Closes: secure-systems-lab#220

Signed-off-by: Martin Vrachev <[email protected]>
MVrachev added a commit to MVrachev/securesystemslib that referenced this issue May 21, 2020
@MVrachev
Refactor format_metadata_to_key
78a2145 
Refactor format_metadata_to_key so that it won't depend
on settings.HASH_ALGORITHMS.
There are couple of code snippets in tuf where in order to provide
a custom list of hash algorithms, tuf is temporary changing
settings.HASH_ALGORITHMS and then returning it to its formal state.

This could lead to problems in future and one should
be able to control hash algorithms used for generating keyids in f
ormat_metadata_to_key() without having to change
package level settings in securesystemslib.settings.

Closes: secure-systems-lab#220

Signed-off-by: Martin Vrachev <[email protected]>
MVrachev added a commit to MVrachev/securesystemslib that referenced this issue Jun 2, 2020
@MVrachev
Refactor format_metadata_to_key
748d3bd 
Refactor format_metadata_to_key so that it won't depend
on settings.HASH_ALGORITHMS.
There are couple of code snippets in tuf where in order to provide
a custom list of hash algorithms, tuf is temporary changing
settings.HASH_ALGORITHMS and then returning it to its formal state.

This could lead to problems in future and one should
be able to control hash algorithms used for generating keyids in f
ormat_metadata_to_key() without having to change
package level settings in securesystemslib.settings.

Closes: secure-systems-lab#220

Signed-off-by: Martin Vrachev <[email protected]>
MVrachev added a commit to MVrachev/securesystemslib that referenced this issue Jun 8, 2020
@MVrachev
Refactor format_metadata_to_key
4fdccc3 
Refactor format_metadata_to_key so that it won't depend
on settings.HASH_ALGORITHMS.
There are couple of code snippets in tuf where in order to provide
a custom list of hash algorithms, tuf is temporary changing
settings.HASH_ALGORITHMS and then returning it to its formal state.

This could lead to problems in future and one should
be able to control hash algorithms used for generating keyids in f
ormat_metadata_to_key() without having to change
package level settings in securesystemslib.settings.

Closes: secure-systems-lab#220

Signed-off-by: Martin Vrachev <[email protected]>
MVrachev added a commit to MVrachev/securesystemslib that referenced this issue Jun 8, 2020
@MVrachev
Refactor format_metadata_to_key
19b654a 
Refactor format_metadata_to_key so that it won't depend
on settings.HASH_ALGORITHMS.
There are couple of code snippets in tuf where in order to provide
a custom list of hash algorithms, tuf is temporary changing
settings.HASH_ALGORITHMS and then returning it to its formal state.

This could lead to problems in future and one should
be able to control hash algorithms used for generating keyids in f
ormat_metadata_to_key() without having to change
package level settings in securesystemslib.settings.

Closes: secure-systems-lab#220

Signed-off-by: Martin Vrachev <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@joshuagl @MVrachev