I'm seeing a few discrepancies in root.txt. I'm looking at the encoding here:
http://mirror1.poly.edu/test-rubygems/metadata/root.txt The PEM encoded pubkey doesn't have "\n" literals where newlines would ordinarily be. Instead it's using spaces? When I take the SHA256 digest of the DER encoding of the certificate in root.txt, I get: 6ee8101a3ff89933143ac714f7ab883329e1a65045e577238cf93507a30ccfa8 This doesn't match the one in the document (a48adfc56133e328957ecbe2511b726573cfc02091dc534357f4a436b3da7cc7). According to the TUF specification: The KEYID of a key is the hex representation of the SHA-256 hash of the canonical encoding of the key. Does canonical encoding mean something other than DER here? On Wed, Nov 20, 2013 at 12:44 PM, Trishank Karthik Kuppusamy < t...@students.poly.edu> wrote: > Sounds great, thanks for letting us know! :) > > We will be sure to review the code. I am personally going to be busy the > next few hours, but I should have some free time to look at this later > tonight. > > On 11/20/2013 02:06 PM, Xavier Shay wrote: > > fwiw I'm working on cleaning up the rubygems.org <http://rubygems.org> > > code > > here: > https://github.com/square/rubygems.org/commits/tuf-metadata-generation > > > > > > On Wed, Nov 20, 2013 at 11:04 AM, Tony Arcieri <basc...@gmail.com > > <mailto:basc...@gmail.com>> wrote: > > > > Hi there! The team here at Square has some code for you to look at > > if you'd like to perform some initial review. > > > > We're committing to the "tuf" branch on the Square fork of RubyGems > > and RubyGems.org: > > > > https://github.com/square/rubygems/commits/tuf > > https://github.com/square/rubygems.org/commits/tuf > > > > So far the server contains the main code spike, including the code > > necessary to generate TUF metadata and download and verify a gem. > > > > You can find the client here: > > > > > https://github.com/square/rubygems.org/blob/tuf/script/fetch-me-a-gem-with-tuf > > > > We'll be moving this code into the RubyGems client, which is a bit > > tricky as we can only depend on the standard library and still need > > to work on ancient versions of Ruby that don't even ship a JSON > parser. > > > > -- > > Tony Arcieri > > > > -- > > You received this message because you are subscribed to the Google > > Groups "RubyGems Update Framework" group. > > To unsubscribe from this group and stop receiving emails from it, > > send an email to rubygems-tuf+unsubscr...@googlegroups.com > > <mailto:rubygems-tuf%2bunsubscr...@googlegroups.com>. > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > > -- > > You received this message because you are subscribed to the Google > > Groups "RubyGems Update Framework" group. > > To unsubscribe from this group and stop receiving emails from it, send > > an email to rubygems-tuf+unsubscr...@googlegroups.com. > > For more options, visit https://groups.google.com/groups/opt_out. > > > -- Tony Arcieri _______________________________________________ RubyGems-Developers mailing list http://rubyforge.org/projects/rubygems RubyGems-Developers@rubyforge.org http://rubyforge.org/mailman/listinfo/rubygems-developers
