Skip to content
This repository has been archived by the owner on May 21, 2024. It is now read-only.

Don't require hashes and sizes of Targets objects in Snapshot metadata. #1162

Merged
merged 1 commit into from
Apr 15, 2019
Merged

Don't require hashes and sizes of Targets objects in Snapshot metadata. #1162

merged 1 commit into from
Apr 15, 2019

Conversation

pattivacek
Copy link
Collaborator

@pattivacek pattivacek commented Mar 29, 2019
edited

Uptane (and TUF) no longer require them. If they are there, we will use
them, and if not, we skip them. This provides no real security benefit,
but may help detect implementation faults.

For more information, see:
uptane/uptane-standard#90
uptane/uptane-standard#92

Please also review advancedtelematic/tuf-test-vectors#49. That needs to get merged first.

@simao
Copy link

simao commented Apr 1, 2019

+1 for the idea, can't comment on the code.

mike-sul
mike-sul reviewed Apr 4, 2019
View reviewed changes
src/libaktualizr/uptane/imagesrepository.cc
break;
case Hash::Type::kSha512:
if (Hash(Hash::Type::kSha512, boost::algorithm::hex(Crypto::sha512digest(canonical))) != it) {
LOG_ERROR << "Hash verification for " << role.ToString() << " metadata failed";
return false;
}
hash_exists = true;
break;
default:
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The previous code version returns false in 'default' case while the PR version returns true. Is it desired behavior ?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, hence the comment above. The goal of this PR is to make this very hash check non-required, hence it returns true by default. I could've removed it entirely, but for now I decided to leave it.

mike-sul
mike-sul reviewed Apr 4, 2019
View reviewed changes
src/libaktualizr/uptane/tuf.cc
if (meta_version.isIntegral()) {
role_version_[role_object] = meta_version.asInt();
} else {
role_version_[role_object] = -1;
}

// Size and hashes are not required, but we may as well record them if
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we assume that hashes_list and meta_size won't return true for isObject() if there is no "hashes" or "length" in the json/meta_list ?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep, isObject is false if the field is not present.

@lbonn
Copy link
Contributor

lbonn commented Apr 15, 2019

Maybe have the commit title and/or message mention that it concerns the Snapshot metadata?

@pattivacek
Copy link
Collaborator Author

pattivacek commented Apr 15, 2019
edited

Maybe have the commit title and/or message mention that it concerns the Snapshot metadata?

Sure, I can do that. Can you or someone else review the tuf-test-vectors change, though, so I can merge that first? Then I can rebase this and finally get it ready.

(Update: just saw that you approved it, thanks!)

@codecov-io
Copy link

codecov-io commented Apr 15, 2019
edited

Codecov Report

Merging #1162 into master will decrease coverage by 0.11%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff            @@
##           master   #1162      +/-   ##
=========================================
- Coverage   78.01%   77.9%   -0.12%     
=========================================
  Files         170     170              
  Lines       10006    9991      -15     
=========================================
- Hits         7806    7783      -23     
- Misses       2200    2208       +8
Impacted Files Coverage Δ
src/aktualizr_repo/repo.cc 96.44% <ø> (-0.26%) ⬇️
src/libaktualizr/uptane/imagesrepository.cc 91.97% <100%> (+0.51%) ⬆️
src/libaktualizr/uptane/tuf.cc 87.64% <100%> (+0.09%) ⬆️
src/libaktualizr/uptane/exceptions.h 90.47% <0%> (-9.53%) ⬇️
src/libaktualizr/package_manager/ostreemanager.cc 68.22% <0%> (-1.7%) ⬇️
src/libaktualizr/uptane/iterator.cc 89.62% <0%> (-0.95%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 9c5ef10...65921af. Read the comment docs.

@pattivacek pattivacek changed the title Don't require hashes and sizes of Targets objects. Don't require hashes and sizes of Targets objects in Snapshot metadata. Apr 15, 2019
@pattivacek
Don't require hashes and sizes of Targets objects in Snapshot metadata.
65921af 
Uptane (and TUF) no longer require them. If they are there, we will use
them, and if not, we skip them. This provides no real security benefit,
but may help detect implementation faults.

For more information, see:
uptane/uptane-standard#90
uptane/uptane-standard#92

Signed-off-by: Patrick Vacek <patrickvacek@gmail.com>
@pattivacek pattivacek merged commit 5467f2d into master Apr 15, 2019
@pattivacek pattivacek deleted the fix/snapshot-hashes branch April 15, 2019 13:06
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@mike-sul mike-sul mike-sul left review comments

@lbonn lbonn lbonn approved these changes

@simao simao Awaiting requested review from simao

@tkfu tkfu Awaiting requested review from tkfu

@eu-siemann eu-siemann Awaiting requested review from eu-siemann

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@pattivacek @simao @lbonn @codecov-io @mike-sul