Repository tools #170
Repository tools #170
Conversation
Refactored the majority of affected modules. Added optimized version of the reference implementation of ed25519.
Add new schema to formats.py and simplify input validation in keys.py
Fix docstrings for whitespace consistency.
Fix docstrings for whitespace consistency.
Add missing doctest and minor edits.
Add separate 'tuf.conf.py' options for key types.
Modify the object name of a schema so that FormatError error messages are clearer about which schema is expected.
test cases updated with configurable crypto changes.
Update docstring whitespace.
New ed25519 schemas to validate public and seed keys, and signatures.
Validate arguments using the newly added ed25519 schemas to formats.py.
test_verify_signature() incomplete.
Updates to docstrings and comments.
Remove extra whitespace in __init__.py
Minor change to function names and argument validation.
…ork/tuf into repository-tools
Santiago's request: The key-removal methods in repository_tool.py should raise an exception if the key argument has not been previously loaded. They previously returned silently if the key was not found.
|
Documentation says the attribute in tuf.repository_tool.Repository.write() is "consistent_snapshots", but the code says it's "consistent_snapshot" instead. |
Fix write() parameter in the Consistent Snapshots section. consistent_snapshots -> consistent_snapshot
|
Cryptic error message when accidentally loaded public instead of private key. I think it's better to say "Sorry, this is not a private key." |
| # the top-level roles, but no targets. | ||
| repository = load_repository("path/to/repository/") | ||
|
|
||
| # Get a list of file paths in a directory, even those in sub-directories. |
There was a problem hiding this comment.
Shouldn't recursive_walk=True then?
I guess the "unavailable" part can be interpreted multiple ways? On Mon, Feb 24, 2014 at 10:55 AM, Trishank Karthik Kuppusamy <
|
| repository = load_repository("path/to/repository/") | ||
|
|
||
| # Get a list of file paths in a directory, even those in sub-directories. | ||
| # This must be relative to an existing directory in the repository, raise an exception. |
There was a problem hiding this comment.
This constraint isn't actually enforced, is it? I can point it to a targets directory that is not relative to the repository, and it seems to work just fine, although I'm sure downloading the targets themselves will fail later due to mismatch of expectations.
There was a problem hiding this comment.
It is enforced by add_target() and add_targets():
>>> target_files = repository.get_filepaths_in_directory('repository/metadata')
>>> repository.targets.add_targets(target_files)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/home/vlad/projects/tuf/tuf/repository_tool.py", line 1786, in add_targets
raise tuf.Error(message)
tuf.Error: '/home/vlad/projects/tuf/tuf/repository/metadata/timestamp.json' is not under the Repository's targets directory: '/home/vlad/projects/tuf/tuf/repository/targets'
>>> Not sure if repository maintainers might want this to be a general-purpose method. For example, getting file paths in non-target directories. Should it also raise an exception here?
There was a problem hiding this comment.
On Mon, Feb 24, 2014 at 11:38 AM, Vladimir Diaz [email protected]:
Not sure if repository maintainers might want this to be a general-purpose
method. For example, getting file paths in non-targets directory. Should it
also raise an exception here?
Not a problem here if a potential mistake is (certainly) caught later
Lines 204-213: Update comments for get_filepaths_in_directory() and add_targets() examples.
The previous exception raised when a non-signing key is loaded may be misinterpreted: tuf.Error: The private key is unavailable. Changed to: This is not a private key.
…ork/tuf into repository-tools
Add Table of Contents. Add documentation for the Consistent Snapshots section.
Properly strip (again) the digest prepended to 'digest.filename' files. The required '+1' appears to have been accidentally deleted in a recent commit: 298f52d#diff-59d384d80d746c800b16c8387756c0ccL2750 Thanks to Santiago for locating the bug.
…ork/tuf into repository-tools
Update keys.py and pycrypto_keys.py following Monzur's code review. Update affected modules.
Add purpose section header. Consistent snapshot section: file attributes (archive, hidden, access?) -> file hash.
Address issue #179 Lines 800, 803: (root|timestamp).digest.json -> digest.(root|timestamp).json
Rename the unused 'json_object' variable in util.py. Roles are allowed to share verification keys. Update repository_tool.py so that the targets role can successfully load an already recognized key when loading a repository. Reported by Santiago.
…ork/tuf into repository-tools
|
Santiago reported that the |
repository_tool.py methods that add keys to roles should also log a warning if it detects a shared key. Add a console handler, and a function to disable it, to repository_tool.py. Update _delete_obsolete_metatadata() docstring and comments in repository_tool.py.
Update section on supported cryptographic signatures. Add some whitespace to improve readability.
|
All seems to work properly, the log warning messages with repeated keys also works. |
Minor updates to comments of the previous repository_tool.py commit. Update repository_tool-diagram.png to list disable_console_log_messages(). Rename disable_console_messages().
Thanks given to Trishank, Santiago, Justin, Zane, Monzur, Lai, Dennis, and the appsec students for reviewing & testing the changes made in this pull request.
|
Congrats! On Wed, Mar 5, 2014 at 8:35 PM, Vladimir Diaz [email protected]:
|
repository_tool.py
configurable cryptography
ed25519
Let pbkdf2 iterations vary