<~> DO NOT MERGE: status freeze to switch tracks

saving changes pending commit here, to switch tracks from
ASN.1 support itself to finally resolve #660, which is causing
problems here.

Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>

requirements.txt

@@ -129,9 +129,12 @@ pynacl==1.3.0 \
 requests==2.21.0 \
     --hash=sha256:502a824f31acdacb3a35b6690b5fbf0bc41d63a24a45c4004352b0242707598e \
     --hash=sha256:7bf2a778576d825600030a110f3c0e3e8edc51dfaafe1c146e39a2027784957b
-securesystemslib==0.11.3 \
-    --hash=sha256:368ef6f6cc40d3636e271485c7adb21c53c22200bab44a2fe8af62886a01c3d5 \
-    --hash=sha256:cbd1f7f1af2f2921be33b9fd17384705f5f4147d3a8b5d95b33ec3ce2213f176
+# Temporary.  Switch to main-branch git dependency when the PR is merged, then
+# switch back to a normal PyPI dependency when a release is made.
+git+https://github.com/secure-systems-lab/securesystemslib.git@separate_data_serialization_from_signing
+# securesystemslib==0.11.3 \
+#     --hash=sha256:368ef6f6cc40d3636e271485c7adb21c53c22200bab44a2fe8af62886a01c3d5 \
+#     --hash=sha256:cbd1f7f1af2f2921be33b9fd17384705f5f4147d3a8b5d95b33ec3ce2213f176
 six==1.12.0 \
     --hash=sha256:3350809f0555b11f552448330d0b52d5f24c91a322ea4a15ef22629740f3761c \
     --hash=sha256:d16a0141ec1a18405cd4ce8b4613101da75da0e9a7aec5bdd4fa804d0e0eba73

tests/aggregate_tests.py

@@ -59,6 +59,7 @@
 # configured to use. Note also that this TUF implementation does not support
 # any Python versions <2.7 or any Python3 versions <3.4.
 VERSION_SPECIFIC_TESTS = {
+    'test_asn1_convert': {'major': 42, 'minor': 42}, # skip me for now. DEBUG ONLY
     'test_proxy_use': {'major': 2, 'minor': 7}} # Run test only if Python2.7
 # Further example:
 #   'test_abc': {'major': 2} # Run test only if Python2

tests/test_asn1_convert.py

@@ -28,6 +28,7 @@
 import unittest
 unittest.util._MAX_LENGTH=20000  # DEBUG
 import os
+import os.path
 import logging
 import binascii # for bytes to hex
 # Dependency Imports
@@ -377,7 +378,7 @@ def test_key_conversion(self):
 
 
 
-  def test_signed_portion_of_root_conversion(self):
+  def test_root_conversion(self):
     root = {
       'signatures': [
         {
@@ -437,22 +438,25 @@ def test_signed_portion_of_root_conversion(self):
     # Test by calling the general to_asn1 and from_asn1 calls that will call
     # the helper functions.
     # 'signed' subsection first.
-    self.conversion_check(
+    data_asn1, data_der = self.conversion_check(
         data=root['signed'],
         datatype=asn1_defs.RootMetadata,
         expected_der=root_data_expected_der)
 
+    write_test_data_file('root_signed_portion_only.der', data_der)
+
     # Then the whole thing.
-    self.conversion_check(
+    data_asn1, data_der = self.conversion_check(
         data=root,
         datatype=asn1_defs.RootEnvelope,
         expected_der=root_signable_expected_der)
 
+    write_test_data_file('root_envelope.der', data_der)
 
 
 
 
-  def test_signed_portion_of_timestamp_conversion(self):
+  def test_timestamp_conversion(self):
     timestamp = {
       'signatures': [
         {
@@ -486,22 +490,27 @@ def test_signed_portion_of_timestamp_conversion(self):
     # Test by calling the general to_asn1 and from_asn1 calls that will call
     # the helper functions.
     # 'signed' subsection first.
-    self.conversion_check(
+    data_asn1, data_der = self.conversion_check(
         data=timestamp['signed'],
         datatype=asn1_defs.TimestampMetadata,
         expected_der=timestamp_data_expected_der)
 
+    write_test_data_file('timestamp_signed_portion_only.der', data_der)
+
+
     # Then the whole thing.
-    self.conversion_check(
+    data_asn1, data_der = self.conversion_check(
         data=timestamp,
         datatype=asn1_defs.TimestampEnvelope,
         expected_der=timestamp_signable_expected_der)
 
+    write_test_data_file('timestamp_envelope.der', data_der)
 
 
 
 
-  def test_signed_portion_of_snapshot_conversion(self):
+
+  def test_snapshot_conversion(self):
     snapshot = {
       'signatures': [
         {
@@ -536,17 +545,23 @@ def test_signed_portion_of_snapshot_conversion(self):
     # Test by calling the general to_asn1 and from_asn1 calls that will call
     # the helper functions.
     # 'signed' subsection first.
-    self.conversion_check(
+    data_asn1, data_der = self.conversion_check(
         data=snapshot['signed'],
         datatype=asn1_defs.SnapshotMetadata,
         expected_der=snapshot_data_expected_der)
 
+    write_test_data_file('snapshot_signed_contents.der', data_der)
+
+
     # Then the whole thing.
-    self.conversion_check(
+    data_asn1, data_der = self.conversion_check(
         data=snapshot,
         datatype=asn1_defs.SnapshotEnvelope,
         expected_der=snapshot_signable_expected_der)
 
+    write_test_data_file('snapshot_envelope.der', data_der)
+
+
 
 
 
@@ -623,17 +638,20 @@ def test_targets_conversion(self):
     # Test by calling the general to_asn1 and from_asn1 calls that will call
     # the helper functions.
     # 'signed' subsection first.
-    self.conversion_check(
+    data_asn1, data_der = self.conversion_check(
         data=targets['signed'],
         datatype=asn1_defs.TargetsMetadata,
         expected_der=targets_data_expected_der)
 
+    write_test_data_file('targets_w_delegation_and_targets_signed_contents.der', data_der)
+
     # Then the whole thing.
-    self.conversion_check(
+    data_asn1, data_der = self.conversion_check(
         data=targets,
         datatype=asn1_defs.TargetsEnvelope,
         expected_der=targets_signable_expected_der)
 
+    write_test_data_file('targets_w_delegation_and_targets_full_envelope.der', data_der)
 
 
 
@@ -789,6 +807,28 @@ def assert_asn1_obj_equivalent(self, obj1, obj2):
 
 
 
+
+
+def write_test_data_file(fname, data_der):
+
+  if not os.path.exists('der_test_data'):
+    os.mkdir('der_test_data')
+
+  # Lazy protection.
+  assert '/' not in fname
+  assert '\\' not in fname
+  assert '~' not in fname
+  assert '..' not in fname
+  fullpath = os.path.abspath(os.path.join('der_test_data', fname))
+  assert fullpath.startswith(os.getcwd())
+
+  with open(fullpath, 'wb') as fobj:
+    fobj.write(data_der)
+
+
+
+
+
 # Run unit test.
 if __name__ == '__main__':
   unittest.main()