@@ -1296,10 +1296,10 @@ it in the next step.
12961296 reached. Therefore, it MUST temporarily turn on consistent snapshots in
12971297 order to download * versioned* root metadata files as described next.
12981298
1299- 1 . Let N denote the version number of the trusted root metadata
1299+ 2 . Let N denote the version number of the trusted root metadata
13001300 file.
13011301
1302- 1 . ** Try downloading version N+1 of the root metadata file** , up to
1302+ 3 . ** Try downloading version N+1 of the root metadata file** , up to
13031303 some W number of bytes (because the size is unknown). The value for W is set
13041304 by the authors of the application using TUF. For example, W may be tens of
13051305 kilobytes. The filename used to download the root metadata file is of the
@@ -1309,15 +1309,15 @@ it in the next step.
13091309 The value for Y is set by the authors of the application using TUF. For
13101310 example, Y may be 2^10.
13111311
1312- 1 . ** Check for an arbitrary software attack.** Version N+1 of the root
1312+ 4 . ** Check for an arbitrary software attack.** Version N+1 of the root
13131313 metadata file MUST have been signed by: (1) a threshold of keys specified in
13141314 the trusted root metadata file (version N), and (2) a threshold of keys
13151315 specified in the new root metadata file being validated (version N+1). If
13161316 version N+1 is not signed as required, discard it, abort the update cycle,
13171317 and report the signature failure. On the next update cycle, begin at step
13181318 [[ #update-root]] and version N of the root metadata file.
13191319
1320- 1 . ** Check for a rollback attack.** The version number of the trusted
1320+ 5 . ** Check for a rollback attack.** The version number of the trusted
13211321 root metadata file (version N) MUST be less than or equal to the version
13221322 number of the new root metadata file (version N+1). Effectively, this means
13231323 checking that the version number signed in the new root metadata file is
@@ -1326,24 +1326,24 @@ it in the next step.
13261326 rollback attack. On the next update cycle, begin at step [[ #update-root]]
13271327 and version N of the root metadata file.
13281328
1329- 1 . Note that the expiration of the new (intermediate) root metadata
1329+ 6 . Note that the expiration of the new (intermediate) root metadata
13301330 file does not matter yet, because we will check for it in step 5.3.10.
13311331
1332- 1 . ** Set the trusted root metadata file** to the new root metadata
1332+ 7 . ** Set the trusted root metadata file** to the new root metadata
13331333 file.
13341334
1335- 1 . ** Persist root metadata.** The client MUST write the file to
1335+ 8 . ** Persist root metadata.** The client MUST write the file to
13361336 non-volatile storage as FILENAME.EXT (e.g. root.json).
13371337
1338- 1 . Repeat steps 5.3.1 to 5.3.8
1338+ 9 . Repeat steps 5.3.1 to 5.3.8
13391339
1340- 1 . ** Check for a freeze attack.** The expiration timestamp in the
1340+ 10 . ** Check for a freeze attack.** The expiration timestamp in the
13411341 trusted root metadata file MUST be higher than the fixed update start time.
13421342 If the trusted root metadata file has expired, abort the update cycle,
13431343 report the potential freeze attack. On the next update cycle, begin at step
13441344 5.1 and version N of the root metadata file.
13451345
1346- 1 . ** If the timestamp and / or snapshot keys have been rotated, then delete the
1346+ 11 . ** If the timestamp and / or snapshot keys have been rotated, then delete the
13471347 trusted timestamp and snapshot metadata files.** This is done
13481348 in order to recover from fast-forward attacks after the repository has been
13491349 compromised and recovered. A _ fast-forward attack_ happens when attackers
@@ -1353,7 +1353,7 @@ it in the next step.
13531353 paper] ( https://theupdateframework.io/papers/prevention-rollback-attacks-atc2017.pdf )
13541354 for more details.
13551355
1356- 1 . ** Set whether consistent snapshots are used as per the trusted**
1356+ 12 . ** Set whether consistent snapshots are used as per the trusted**
13571357 root metadata file (see [[ #file-formats-root]] ).
13581358
13591359## Update the timestamp role ## {#update-timestamp}
@@ -1364,32 +1364,32 @@ it in the next step.
13641364 used to download the timestamp metadata file is of the fixed form FILENAME.EXT
13651365 (e.g., timestamp.json).
13661366
1367- 1 . ** Check for an arbitrary software attack.** The new timestamp
1367+ 2 . ** Check for an arbitrary software attack.** The new timestamp
13681368 metadata file MUST have been signed by a threshold of keys specified in the
13691369 trusted root metadata file. If the new timestamp metadata file is not
13701370 properly signed, discard it, abort the update cycle, and report the signature
13711371 failure.
13721372
1373- 1 . ** Check for a rollback attack.**
1373+ 3 . ** Check for a rollback attack.**
13741374
13751375 1 . The version number of the trusted timestamp metadata file, if
13761376 any, MUST be less than or equal to the version number of the new timestamp
13771377 metadata file. If the new timestamp metadata file is older than the
13781378 trusted timestamp metadata file, discard it, abort the update cycle, and
13791379 report the potential rollback attack.
13801380
1381- 1 . The version number of the snapshot metadata file in the
1381+ 2 . The version number of the snapshot metadata file in the
13821382 trusted timestamp metadata file, if any, MUST be less than or equal to its
13831383 version number in the new timestamp metadata file. If not, discard the new
13841384 timestamp metadata file, abort the update cycle, and report the failure.
13851385
1386- 1 . ** Check for a freeze attack.** The expiration timestamp in the
1386+ 4 . ** Check for a freeze attack.** The expiration timestamp in the
13871387 new timestamp metadata file MUST be higher than the fixed update start time.
13881388 If so, the new timestamp metadata file becomes the trusted timestamp
13891389 metadata file. If the new timestamp metadata file has expired, discard it,
13901390 abort the update cycle, and report the potential freeze attack.
13911391
1392- 1 . ** Persist timestamp metadata** . The client MUST write the file
1392+ 5 . ** Persist timestamp metadata** . The client MUST write the file
13931393 to non-volatile storage as FILENAME.EXT (e.g. timestamp.json).
13941394
13951395## Update the snapshot role ## {#update-snapshot}
@@ -1405,25 +1405,25 @@ it in the next step.
14051405 the version number of the snapshot metadata file listed in the timestamp
14061406 metadata file.
14071407
1408- 1 . ** Check against timestamp role's snapshot hash** . The hashes
1408+ 2 . ** Check against timestamp role's snapshot hash** . The hashes
14091409 of the new snapshot metadata file MUST match the hashes, if any, listed in
14101410 the trusted timestamp metadata. This is done, in part, to prevent a
14111411 mix-and-match attack by man-in-the-middle attackers. If the hashes do not
14121412 match, discard the new snapshot metadata, abort the update cycle, and report
14131413 the failure.
14141414
1415- 1 . ** Check for an arbitrary software attack** . The new snapshot
1415+ 3 . ** Check for an arbitrary software attack** . The new snapshot
14161416 metadata file MUST have been signed by a threshold of keys specified in the
14171417 trusted root metadata file. If the new snapshot metadata file is not signed
14181418 as required, discard it, abort the update cycle, and report the signature
14191419 failure.
14201420
1421- 1 . ** Check against timestamp role's snapshot version** . The version
1421+ 4 . ** Check against timestamp role's snapshot version** . The version
14221422 number of the new snapshot metadata file MUST match the version number listed
14231423 in the trusted timestamp metadata. If the versions do not match, discard the
14241424 new snapshot metadata, abort the update cycle, and report the failure.
14251425
1426- 1 . ** Check for a rollback attack** . The version number of the targets
1426+ 5 . ** Check for a rollback attack** . The version number of the targets
14271427 metadata file, and all delegated targets metadata files, if any, in the
14281428 trusted snapshot metadata file, if any, MUST be less than or equal to its
14291429 version number in the new snapshot metadata file. Furthermore, any targets
@@ -1432,14 +1432,14 @@ it in the next step.
14321432 these conditions are not met, discard the new snapshot metadata file, abort
14331433 the update cycle, and report the failure.
14341434
1435- 1 . ** Check for a freeze attack** . The expiration timestamp in the
1435+ 6 . ** Check for a freeze attack** . The expiration timestamp in the
14361436 new snapshot metadata file MUST be higher than the fixed update start time.
14371437 If so, the new snapshot metadata file becomes the trusted snapshot metadata
14381438 file. If the new snapshot metadata file is expired, discard it, abort the
14391439 update cycle, and report the potential freeze attack.
14401440
14411441
1442- 1 . ** Persist snapshot metadata** . The client MUST write the file to
1442+ 7 . ** Persist snapshot metadata** . The client MUST write the file to
14431443 non-volatile storage as FILENAME.EXT (e.g. snapshot.json).
14441444
14451445## Update the targets role ## {#update-targets}
@@ -1454,33 +1454,33 @@ it in the next step.
14541454 42.targets.json), where VERSION_NUMBER is the version number of the targets
14551455 metadata file listed in the snapshot metadata file.
14561456
1457- 1 . ** Check against snapshot role's targets hash** . The hashes
1457+ 2 . ** Check against snapshot role's targets hash** . The hashes
14581458 of the new targets metadata file MUST match the hashes, if any, listed in the
14591459 trusted snapshot metadata. This is done, in part, to prevent a mix-and-match
14601460 attack by man-in-the-middle attackers. If the new targets metadata file does
14611461 not match, discard the new target metadata, abort the update cycle, and
14621462 report the failure.
14631463
1464- 1 . ** Check for an arbitrary software attack** . The new targets
1464+ 3 . ** Check for an arbitrary software attack** . The new targets
14651465 metadata file MUST have been signed by a threshold of keys specified in the
14661466 trusted root metadata file. If the new targets metadata file is not signed
14671467 as required, discard it, abort the update cycle, and report the failure.
14681468
1469- 1 . ** Check against snapshot role's targets version** . The version
1469+ 4 . ** Check against snapshot role's targets version** . The version
14701470 number of the new targets metadata file MUST match the version number listed
14711471 in the trusted snapshot metadata. If the versions do not match, discard it,
14721472 abort the update cycle, and report the failure.
14731473
1474- 1 . ** Check for a freeze attack** . The expiration timestamp in the
1474+ 5 . ** Check for a freeze attack** . The expiration timestamp in the
14751475 new targets metadata file MUST be higher than the fixed update start time.
14761476 If so, the new targets metadata file becomes the trusted targets metadata
14771477 file. If the new targets metadata file is expired, discard it, abort the
14781478 update cycle, and report the potential freeze attack.
14791479
1480- 1 . ** Persist targets metadata** . The client MUST write the file to
1480+ 6 . ** Persist targets metadata** . The client MUST write the file to
14811481 non-volatile storage as FILENAME.EXT (e.g. targets.json).
14821482
1483- 1 . ** Perform a pre-order depth-first search for metadata about the
1483+ 7 . ** Perform a pre-order depth-first search for metadata about the
14841484 desired target, beginning with the top-level targets role.** Note: If
14851485 any metadata requested in steps 5.6.7.1 - 5.6.7.2 cannot be downloaded nor
14861486 validated, end the search and report that the target cannot be found.
@@ -1492,18 +1492,18 @@ it in the next step.
14921492 bandwidth or time). Otherwise, if this role contains metadata about the
14931493 desired target, then go to step [[ #fetch-target]] .
14941494
1495- 1 . Otherwise, recursively search the list of delegations in
1495+ 2 . Otherwise, recursively search the list of delegations in
14961496 order of appearance.
14971497
14981498 1 . If the current delegation is a multi-role delegation,
14991499 recursively visit each role, and check that each has signed exactly the
15001500 same non-custom metadata (i.e., length and hashes) about the target (or
15011501 the lack of any such metadata).
15021502
1503- 1 . If the current delegation is a terminating delegation,
1503+ 2 . If the current delegation is a terminating delegation,
15041504 then jump to step [[ #fetch-target]] .
15051505
1506- 1 . Otherwise, if the current delegation is a
1506+ 3 . Otherwise, if the current delegation is a
15071507 non-terminating delegation, continue processing the next delegation, if
15081508 any. Stop the search, and jump to step [[ #fetch-target]] as soon as a delegation
15091509 returns a result.
@@ -1512,10 +1512,10 @@ it in the next step.
15121512
151315131 . ** Verify the desired target against its targets metadata** .
15141514
1515- 1 . If there is no targets metadata about this target, abort the
1515+ 2 . If there is no targets metadata about this target, abort the
15161516 update cycle and report that there is no such target.
15171517
1518- 1 . Otherwise, download the target (up to the number of bytes
1518+ 3 . Otherwise, download the target (up to the number of bytes
15191519 specified in the targets metadata), and verify that its hashes match the
15201520 targets metadata. (We download up to this number of bytes, because in some
15211521 cases, the exact number is unknown. This may happen, for example, if an
0 commit comments