Merge pull request #47 from erickt/hex

lukpueh · web-flow · commit 889800e10edb · 2019-08-06T11:04:06.000+02:00
Use hex encoding is used for ed25519 and target hashes
diff --git a/tuf-spec.md b/tuf-spec.md
@@ -475,7 +475,8 @@ repo](https://github.com/theupdateframework/specification/issues).
 
           KEYID is the identifier of the key signing the ROLE dictionary.
 
-          SIGNATURE is a signature of the canonical JSON form of ROLE.
+          SIGNATURE is a hex-encoded signature of the canonical JSON form of
+          ROLE.
 
 
    All keys have the format:
@@ -532,7 +533,9 @@ repo](https://github.com/theupdateframework/specification/issues).
           "keyval" : {"public" : PUBLIC}
         }
 
-   where PUBLIC is a 32-byte string.
+   where:
+
+          PUBLIC is a 64-byte hex encoded string.
 
    The 'ecdsa' format is:
 
@@ -770,6 +773,11 @@ repo](https://github.com/theupdateframework/specification/issues).
    It is allowed to have a TARGETS object with no TARGETPATH elements.  This
    can be used to indicate that no target files are available.
 
+   HASHES is a dictionary that specifies one or more hashes, including
+   the cryptographic hash function.  For example: { "sha256": HASH, ... }. It
+   is required for delegated roles, and optional for all others. HASH is the
+   hexdigest of the cryptographic function computed on the target file.
+
    If defined, the elements and values of "custom" will be made available to the
    client application.  The information in "custom" is opaque to the framework
    and can include version numbers, dependencies, requirements, and any other
