ASN.1: make expiration data string, not int, to match TUF metadata

awwad · awwad · commit c7687564a9cd · 2018-11-08T16:36:51.000-05:00
While int is preferable for efficiency, the initial goal here is
total compatibility.  The TUF-internal metadata format defined in
the TUF specification uses strings for expiration dates, and so
should the ASN.1 definitions used in the reference implementation
for now.

This also facilitates automated conversion between the formats.

Signed-off-by: Sebastien Awwad &lt;sebastien.awwad@gmail.com&gt;
diff --git a/tuf/encoding/asn1_metadata_definitions.py b/tuf/encoding/asn1_metadata_definitions.py
@@ -97,7 +97,7 @@ class TopLevelDelegation(ac.Sequence):
 class RootMetadata(ac.Sequence):
   _fields = [
       ('type', ac.VisibleString),
-      ('expires', ac.Integer),
+      ('expires', ac.VisibleString),
       ('version', ac.Integer),
       ('consistent-snapshot', ac.Boolean),
       ('keys', ac.SetOf, {'_child_spec': PublicKey}),
@@ -161,7 +161,7 @@ class HashesOfSnapshot(ac.SetOf):
 class TimestampMetadata(ac.Sequence):
   _fields = [
       ('type', ac.VisibleString),
-      ('expires', ac.Integer),
+      ('expires', ac.VisibleString),
       ('version', ac.Integer),
       ('meta', ac.SetOf, {'_child_spec': HashOfSnapshot})]
 
@@ -175,7 +175,7 @@ class RoleInfo(ac.Sequence):
 class SnapshotMetadata(ac.Sequence):
   _fields = [
       ('type', ac.VisibleString),
-      ('expires', ac.Integer),
+      ('expires', ac.VisibleString),
       ('version', ac.Integer),
       ('meta', ac.SetOf, {'_child_spec': RoleInfo})]
 
@@ -206,7 +206,7 @@ class Target(ac.Sequence):
 class TargetsMetadata(ac.Sequence):
   _fields = [
       ('type', ac.VisibleString),
-      ('expires', ac.Integer),
+      ('expires', ac.VisibleString),
       ('version', ac.Integer),
       ('targets', ac.SetOf, {'_child_spec': Target}),
       ('delegations', ac.Sequence, {'_fields': [
diff --git a/tuf/encoding/metadata_definitions.asn1 b/tuf/encoding/metadata_definitions.asn1
@@ -184,7 +184,7 @@ TUFMetadataDefinitions DEFINITIONS AUTOMATIC TAGS ::= BEGIN
 
   RootMetadata ::= SEQUENCE {
     type                VisibleString,     -- ("root"),
-    expires             IntegerNatural, --date&time, UTC, as a UNIX timestamp
+    expires             VisibleString, --date&time, UTC, as a UNIX timestamp
     version             IntegerNatural,
     consistent-snapshot BOOLEAN,
     keys                SET OF PublicKey,                      -- unordered set
@@ -200,7 +200,7 @@ TUFMetadataDefinitions DEFINITIONS AUTOMATIC TAGS ::= BEGIN
 
   TimestampMetadata ::= SEQUENCE {
     type                VisibleString,     -- ("timestamp"),
-    expires             IntegerNatural,  -- date&time, UTC, as a UNIX timestamp
+    expires             VisibleString,  -- date&time, UTC, as a UNIX timestamp
     version             IntegerNatural,
 
     meta                SET OF RoleInfoLong                    -- unordered set
@@ -222,7 +222,7 @@ TUFMetadataDefinitions DEFINITIONS AUTOMATIC TAGS ::= BEGIN
 
   SnapshotMetadata ::= SEQUENCE {
     type                VisibleString,     -- ("snapshot"),
-    expires             IntegerNatural,  -- date&time, UTC, as a UNIX timestamp
+    expires             VisibleString,  -- date&time, UTC, as a UNIX timestamp
     version             IntegerNatural,
 
     meta                SET OF RoleInfo                 -- unordered set
@@ -248,7 +248,7 @@ TUFMetadataDefinitions DEFINITIONS AUTOMATIC TAGS ::= BEGIN
 
   TargetsMetadata ::= SEQUENCE {
     type                VisibleString,       -- allow delegated role names, too
-    expires             IntegerNatural,  -- date&time, UTC, as a UNIX timestamp
+    expires             VisibleString,  -- date&time, UTC, as a UNIX timestamp
     version             IntegerNatural,
 
     targets             SET OF Target,                -- unordered set
