Make length and hashes optional for snapshot

As per the specification (v1.0.1) length and hashes fields
in snapshot metadata are optional.
The reference implementation should reflect this.

Signed-off-by: Martin Vrachev <[email protected]>

Author: MVrachev

tuf/repository_lib.py

@@ -95,7 +95,8 @@ def _generate_and_write_metadata(rolename, metadata_filename,
   targets_directory, metadata_directory, consistent_snapshot=False,
   filenames=None, allow_partially_signed=False, increment_version_number=True,
   repository_name='default', use_existing_fileinfo=False,
-  use_timestamp_length=True, use_timestamp_hashes=True):
+  use_timestamp_length=True, use_timestamp_hashes=True,
+  use_snapshot_length=True, use_snapshot_hashes=True):
   """
   Non-public function that can generate and write the metadata for the
   specified 'rolename'.  It also increments the version number of 'rolename' if
@@ -125,7 +126,8 @@ def _generate_and_write_metadata(rolename, metadata_filename,
     targets_filename = TARGETS_FILENAME[:-len(METADATA_EXTENSION)]
     metadata = generate_snapshot_metadata(metadata_directory,
         roleinfo['version'], roleinfo['expires'], targets_filename,
-        consistent_snapshot, repository_name)
+        consistent_snapshot, repository_name,
+        use_length=use_snapshot_length, use_hashes=use_snapshot_hashes)
 
 
     _log_warning_if_expires_soon(SNAPSHOT_FILENAME, roleinfo['expires'],
@@ -1415,7 +1417,8 @@ def _generate_targets_fileinfo(target_files, targets_directory,
 
 
 def generate_snapshot_metadata(metadata_directory, version, expiration_date,
-    targets_filename, consistent_snapshot=False, repository_name='default'):
+    targets_filename, consistent_snapshot=False, repository_name='default',
+    use_length=True, use_hashes=True):
   """
   <Purpose>
     Create the snapshot metadata.  The minimum metadata must exist (i.e.,
@@ -1450,6 +1453,16 @@ def generate_snapshot_metadata(metadata_directory, version, expiration_date,
       The name of the repository.  If not supplied, 'rolename' is added to the
       'default' repository.
 
+    use_length:
+      Used to decide if the length attribute should be used. From version 1.0.1
+      of the tuf spec, length is an optional attribute in snapshot metadata.
+      Default is true.
+
+    use_hashes:
+      Used to decide if the hashes attribute should be used. From version 1.0.1
+      of the tuf spec, hashes is an optional attribute in snapshot metadata.
+      Default is true.
+
   <Exceptions>
     securesystemslib.exceptions.FormatError, if the arguments are improperly
     formatted.
@@ -1474,6 +1487,8 @@ def generate_snapshot_metadata(metadata_directory, version, expiration_date,
   securesystemslib.formats.PATH_SCHEMA.check_match(targets_filename)
   securesystemslib.formats.BOOLEAN_SCHEMA.check_match(consistent_snapshot)
   securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
+  securesystemslib.formats.BOOLEAN_SCHEMA.check_match(use_length)
+  securesystemslib.formats.BOOLEAN_SCHEMA.check_match(use_hashes)
 
   metadata_directory = _check_directory(metadata_directory)
 
@@ -1508,9 +1523,27 @@ def generate_snapshot_metadata(metadata_directory, version, expiration_date,
       # list these roles found in the metadata directory.
       if tuf.roledb.role_exists(rolename, repository_name) and \
           rolename not in ['root', 'snapshot', 'timestamp', 'targets']:
-        fileinfodict[metadata_name] = get_metadata_versioninfo(rolename,
+
+        length = None
+        hashes = None
+        if use_length or use_hashes:
+
+          length, hashes = securesystemslib.util.get_file_details(
+            os.path.join(metadata_directory, metadata_filename),
+            tuf.settings.FILE_HASH_ALGORITHMS)
+
+          if use_length == False:
+            length = None
+
+          if use_hashes == False:
+            hashes = None
+
+        file_version = get_metadata_versioninfo(rolename,
             repository_name)
 
+        fileinfodict[metadata_name] = tuf.formats.make_fileinfo(
+          length, hashes, version=file_version['version'])
+
     else:
       logger.debug('Metadata file has an unsupported file'
           ' extension: ' + metadata_filename)

tuf/repository_tool.py

@@ -184,6 +184,16 @@ class Repository(object):
       From version 1.0.1, of the tuf spec, hashes is an optional attribute in
       timestamp metadata file. Default is true.
 
+    use_snapshot_length:
+      Used to decide if the length attribute should be used in the snapshot file.
+      From version 1.0.1 of the tuf spec, length is an optional attribute in
+      snapshot metadata file. Default is true.
+
+    use_snapshot_hashes:
+      Used to decide if the hashes attribute should be used in the snapshot file.
+      From version 1.0.1, of the tuf spec, hashes is an optional attribute in
+      snapshot metadata file. Default is true.
+
   <Exceptions>
     securesystemslib.exceptions.FormatError, if the arguments are improperly
     formatted.
@@ -198,7 +208,8 @@ class Repository(object):
 
   def __init__(self, repository_directory, metadata_directory,
       targets_directory, repository_name='default',
-      use_timestamp_length=True, use_timestamp_hashes=True):
+      use_timestamp_length=True, use_timestamp_hashes=True,
+      use_snapshot_length=True, use_snapshot_hashes=True):
 
     # Do the arguments have the correct format?
     # Ensure the arguments have the appropriate number of objects and object
@@ -210,13 +221,17 @@ def __init__(self, repository_directory, metadata_directory,
     securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
     securesystemslib.formats.BOOLEAN_SCHEMA.check_match(use_timestamp_length)
     securesystemslib.formats.BOOLEAN_SCHEMA.check_match(use_timestamp_hashes)
+    securesystemslib.formats.BOOLEAN_SCHEMA.check_match(use_snapshot_length)
+    securesystemslib.formats.BOOLEAN_SCHEMA.check_match(use_snapshot_hashes)
 
     self._repository_directory = repository_directory
     self._metadata_directory = metadata_directory
     self._targets_directory = targets_directory
     self._repository_name = repository_name
     self._use_timestamp_length = use_timestamp_length
     self._use_timestamp_hashes = use_timestamp_hashes
+    self._use_snapshot_length = use_snapshot_length
+    self._use_snapshot_hashes = use_snapshot_hashes
 
     try:
       tuf.roledb.create_roledb(repository_name)
@@ -339,7 +354,9 @@ def writeall(self, consistent_snapshot=False, use_existing_fileinfo=False):
       snapshot_signable, junk = repo_lib._generate_and_write_metadata('snapshot',
           filenames['snapshot'], self._targets_directory,
           self._metadata_directory, consistent_snapshot, filenames,
-          repository_name=self._repository_name)
+          repository_name=self._repository_name,
+          use_snapshot_length=self._use_snapshot_length,
+          use_snapshot_hashes=self._use_snapshot_hashes)
 
     # Generate the 'timestamp.json' metadata file.
     if 'timestamp' in dirty_rolenames: