Skip to content
This repository has been archived by the owner on May 21, 2024. It is now read-only.

Don't require hashes and sizes of Targets objects in Snapshot metadata. #1162

Merged
merged 1 commit into from
Apr 15, 2019

Conversation

pattivacek
Copy link
Collaborator

@pattivacek pattivacek commented Mar 29, 2019

Uptane (and TUF) no longer require them. If they are there, we will use
them, and if not, we skip them. This provides no real security benefit,
but may help detect implementation faults.

For more information, see:
uptane/uptane-standard#90
uptane/uptane-standard#92

Please also review advancedtelematic/tuf-test-vectors#49. That needs to get merged first.

@simao
Copy link

simao commented Apr 1, 2019

+1 for the idea, can't comment on the code.

break;
case Hash::Type::kSha512:
if (Hash(Hash::Type::kSha512, boost::algorithm::hex(Crypto::sha512digest(canonical))) != it) {
LOG_ERROR << "Hash verification for " << role.ToString() << " metadata failed";
return false;
}
hash_exists = true;
break;
default:
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The previous code version returns false in 'default' case while the PR version returns true. Is it desired behavior ?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, hence the comment above. The goal of this PR is to make this very hash check non-required, hence it returns true by default. I could've removed it entirely, but for now I decided to leave it.

if (meta_version.isIntegral()) {
role_version_[role_object] = meta_version.asInt();
} else {
role_version_[role_object] = -1;
}

// Size and hashes are not required, but we may as well record them if
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we assume that hashes_list and meta_size won't return true for isObject() if there is no "hashes" or "length" in the json/meta_list ?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep, isObject is false if the field is not present.

@lbonn
Copy link
Contributor

lbonn commented Apr 15, 2019

Maybe have the commit title and/or message mention that it concerns the Snapshot metadata?

@pattivacek
Copy link
Collaborator Author

pattivacek commented Apr 15, 2019

Maybe have the commit title and/or message mention that it concerns the Snapshot metadata?

Sure, I can do that. Can you or someone else review the tuf-test-vectors change, though, so I can merge that first? Then I can rebase this and finally get it ready.

(Update: just saw that you approved it, thanks!)

@pattivacek pattivacek force-pushed the fix/snapshot-hashes branch from c8da0db to d0b705b Compare April 15, 2019 09:57
@codecov-io
Copy link

codecov-io commented Apr 15, 2019

Codecov Report

Merging #1162 into master will decrease coverage by 0.11%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff            @@
##           master   #1162      +/-   ##
=========================================
- Coverage   78.01%   77.9%   -0.12%     
=========================================
  Files         170     170              
  Lines       10006    9991      -15     
=========================================
- Hits         7806    7783      -23     
- Misses       2200    2208       +8
Impacted Files Coverage Δ
src/aktualizr_repo/repo.cc 96.44% <ø> (-0.26%) ⬇️
src/libaktualizr/uptane/imagesrepository.cc 91.97% <100%> (+0.51%) ⬆️
src/libaktualizr/uptane/tuf.cc 87.64% <100%> (+0.09%) ⬆️
src/libaktualizr/uptane/exceptions.h 90.47% <0%> (-9.53%) ⬇️
src/libaktualizr/package_manager/ostreemanager.cc 68.22% <0%> (-1.7%) ⬇️
src/libaktualizr/uptane/iterator.cc 89.62% <0%> (-0.95%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 9c5ef10...65921af. Read the comment docs.

@pattivacek pattivacek changed the title Don't require hashes and sizes of Targets objects. Don't require hashes and sizes of Targets objects in Snapshot metadata. Apr 15, 2019
Uptane (and TUF) no longer require them. If they are there, we will use
them, and if not, we skip them. This provides no real security benefit,
but may help detect implementation faults.

For more information, see:
uptane/uptane-standard#90
uptane/uptane-standard#92

Signed-off-by: Patrick Vacek <[email protected]>
@pattivacek pattivacek force-pushed the fix/snapshot-hashes branch from d0b705b to 65921af Compare April 15, 2019 11:38
@pattivacek pattivacek merged commit 5467f2d into master Apr 15, 2019
@pattivacek pattivacek deleted the fix/snapshot-hashes branch April 15, 2019 13:06
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants