Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Metadata API: Fix keyval "public" requirement #1480

Merged
merged 1 commit into from
Jul 7, 2021
Merged

Metadata API: Fix keyval "public" requirement #1480

merged 1 commit into from
Jul 7, 2021

Conversation

MVrachev
Copy link
Collaborator

@MVrachev MVrachev commented Jul 5, 2021

Description of the changes being introduced by the pull request:

Currently, we require that the keyval attribute in the Key class
is a dictionary and has "public" as a key, otherwise, we throw
KeyError or ValueError.

This requirement is too strict given that in the spec for KEYVAL it's
only said that KEYVAL is:
"A dictionary containing the public portion of the key."
See: https://theupdateframework.github.io/specification/latest/index.html#keyva

Signed-off-by: Martin Vrachev mvrachev@vmware.com

Please verify and check that the pull request fulfills the following
requirements:

  • The code follows the Code Style Guidelines
  • Tests have been added for the bug fix or new feature
  • Docs have been added for the bug fix or new feature

@MVrachev
Metadata API: Fix keyval "public" requirement
88422de 
Currently, we require that the keyval attribute in the Key class
is a dictionary and has "public" as a key, otherwise, we throw
KeyError or ValueError.

This requirement is too strict given that in the spec for KEYVAL it's
only said that KEYVAL is:
"A dictionary containing the public portion of the key."
See: https://theupdateframework.github.io/specification/latest/index.html#keyval

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
@MVrachev
Copy link
Collaborator Author

MVrachev commented Jul 5, 2021

There is one additional place where we relly that keyval includes a public key in:
https://github.com/theupdateframework/tuf/blob/745a8f7680c69ea290d48bc5a2066dd4ad9781d3/tuf/ngclient/_internal/trusted_metadata_set.py#L110

any ideas on how to fix this one?
I am not sure how can we retrieve the public portion of the key if there is no public key.

@MVrachev MVrachev mentioned this pull request Jul 5, 2021
Merged
3 tasks
@jku
Copy link
Member

jku commented Jul 6, 2021
edited
Loading

any ideas on how to fix this one?
I am not sure how can we retrieve the public portion of the key if there is no public key.

The value of using public key there was debatable in the first place so I remove it in #1436 (see #1436 (comment)). The ngclient code will be removed after this PR is in

jku
jku approved these changes Jul 6, 2021
View reviewed changes
Copy link
Member

@jku jku left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, thanks

@jku jku merged commit faeaf34 into theupdateframework:develop Jul 7, 2021
@MVrachev MVrachev deleted the fix-keyval-check branch July 19, 2021 13:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jku jku jku approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MVrachev @jku