)]}'
{"glance/api/v2/image_data.py":[{"author":{"_account_id":8623,"name":"Kaitlin Farr","email":"kaitlin.farr@jhuapl.edu","username":"kaitlin.farr"},"change_message_id":"f0648dc41d3ec10f275b5213258ee0acc98634c7","unresolved":false,"context_lines":[{"line_number":175,"context_line":"            LOG.error(msg)"},{"line_number":176,"context_line":"            self._delete(image_repo, image)"},{"line_number":177,"context_line":"            raise webob.exc.HTTPBadRequest("},{"line_number":178,"context_line":"                explanation\u003dencodeutils.exception_to_unicode(e))"},{"line_number":179,"context_line":""},{"line_number":180,"context_line":"        except webob.exc.HTTPGone as e:"},{"line_number":181,"context_line":"            with excutils.save_and_reraise_exception():"}],"source_content_type":"text/x-python","patch_set":15,"id":"da20952f_e77a6077","line":178,"updated":"2015-09-01 18:33:49.000000000","message":"nit: should this be explanation\u003dmsg ?","commit_id":"27807ab5bef17d79313385815f7eb862fab97fcf"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"d2a7769602cd7c87d225d4e0b9d5febb9edf9714","unresolved":false,"context_lines":[{"line_number":175,"context_line":"            LOG.error(msg)"},{"line_number":176,"context_line":"            self._delete(image_repo, image)"},{"line_number":177,"context_line":"            raise webob.exc.HTTPBadRequest("},{"line_number":178,"context_line":"                explanation\u003dencodeutils.exception_to_unicode(e))"},{"line_number":179,"context_line":""},{"line_number":180,"context_line":"        except webob.exc.HTTPGone as e:"},{"line_number":181,"context_line":"            with excutils.save_and_reraise_exception():"}],"source_content_type":"text/x-python","patch_set":15,"id":"da20952f_87ee04b3","line":178,"in_reply_to":"da20952f_e77a6077","updated":"2015-09-01 18:40:46.000000000","message":"Agreed.","commit_id":"27807ab5bef17d79313385815f7eb862fab97fcf"}],"glance/common/signature_utils.py":[{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"9d46586338f46f642894beb8a6e9d61810b24fea","unresolved":false,"context_lines":[{"line_number":25,"context_line":"from cryptography.hazmat.primitives.asymmetric import rsa"},{"line_number":26,"context_line":"from cryptography.hazmat.primitives import hashes"},{"line_number":27,"context_line":"from cryptography import x509"},{"line_number":28,"context_line":"from glance.common import exception"},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"# Note: This is the signature hash method, which is independent from the"},{"line_number":31,"context_line":"# image data checksum hash method (which is handled elsewhere)."}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_142362a8","line":28,"updated":"2015-08-20 11:34:04.000000000","message":"you need to separate out the imports please refer, \nhttp://docs.openstack.org/developer/hacking/#import-order-template","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"b84efde9769395b7aaa1d428f6f0cffd4f2de4ab","unresolved":false,"context_lines":[{"line_number":25,"context_line":"from cryptography.hazmat.primitives.asymmetric import rsa"},{"line_number":26,"context_line":"from cryptography.hazmat.primitives import hashes"},{"line_number":27,"context_line":"from cryptography import x509"},{"line_number":28,"context_line":"from glance.common import exception"},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"# Note: This is the signature hash method, which is independent from the"},{"line_number":31,"context_line":"# image data checksum hash method (which is handled elsewhere)."}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_fb46d679","line":28,"in_reply_to":"fa1b9901_142362a8","updated":"2015-08-20 15:23:26.000000000","message":"Done","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"9d46586338f46f642894beb8a6e9d61810b24fea","unresolved":false,"context_lines":[{"line_number":53,"context_line":""},{"line_number":54,"context_line":""},{"line_number":55,"context_line":"def should_verify_signature(image_properties):"},{"line_number":56,"context_line":"    \"\"\""},{"line_number":57,"context_line":"    Determine whether a signature should be verified."},{"line_number":58,"context_line":""},{"line_number":59,"context_line":"    Using the image properties, determine whether existing properties indicate"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_145a822a","line":56,"updated":"2015-08-20 11:34:04.000000000","message":"please format multiline docstring as per standard\n\nhttp://docs.openstack.org/developer/hacking/#docstrings","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"b84efde9769395b7aaa1d428f6f0cffd4f2de4ab","unresolved":false,"context_lines":[{"line_number":53,"context_line":""},{"line_number":54,"context_line":""},{"line_number":55,"context_line":"def should_verify_signature(image_properties):"},{"line_number":56,"context_line":"    \"\"\""},{"line_number":57,"context_line":"    Determine whether a signature should be verified."},{"line_number":58,"context_line":""},{"line_number":59,"context_line":"    Using the image properties, determine whether existing properties indicate"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_7e5dd413","line":56,"in_reply_to":"fa1b9901_145a822a","updated":"2015-08-20 15:23:26.000000000","message":"Done","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"9d46586338f46f642894beb8a6e9d61810b24fea","unresolved":false,"context_lines":[{"line_number":70,"context_line":""},{"line_number":71,"context_line":""},{"line_number":72,"context_line":"def verify_signature(context, checksum_hash, image_properties):"},{"line_number":73,"context_line":"    \"\"\""},{"line_number":74,"context_line":"    Retrieve the image properties and use them to verify the signature."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"    :param context: the user context for authentication"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_547b1a8c","line":73,"updated":"2015-08-20 11:34:04.000000000","message":"ditto","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"b84efde9769395b7aaa1d428f6f0cffd4f2de4ab","unresolved":false,"context_lines":[{"line_number":70,"context_line":""},{"line_number":71,"context_line":""},{"line_number":72,"context_line":"def verify_signature(context, checksum_hash, image_properties):"},{"line_number":73,"context_line":"    \"\"\""},{"line_number":74,"context_line":"    Retrieve the image properties and use them to verify the signature."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"    :param context: the user context for authentication"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_1e9db8bb","line":73,"in_reply_to":"fa1b9901_547b1a8c","updated":"2015-08-20 15:23:26.000000000","message":"Done","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"9d46586338f46f642894beb8a6e9d61810b24fea","unresolved":false,"context_lines":[{"line_number":126,"context_line":""},{"line_number":127,"context_line":""},{"line_number":128,"context_line":"def get_signature(signature_data):"},{"line_number":129,"context_line":"    \"\"\""},{"line_number":130,"context_line":"    Decodes the signature data and returns the signature."},{"line_number":131,"context_line":""},{"line_number":132,"context_line":"    :param siganture_data: the base64-encoded signature data"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_3460e6a4","line":129,"updated":"2015-08-20 11:34:04.000000000","message":"ditto","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"b84efde9769395b7aaa1d428f6f0cffd4f2de4ab","unresolved":false,"context_lines":[{"line_number":126,"context_line":""},{"line_number":127,"context_line":""},{"line_number":128,"context_line":"def get_signature(signature_data):"},{"line_number":129,"context_line":"    \"\"\""},{"line_number":130,"context_line":"    Decodes the signature data and returns the signature."},{"line_number":131,"context_line":""},{"line_number":132,"context_line":"    :param siganture_data: the base64-encoded signature data"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_3ea2fcfd","line":129,"in_reply_to":"fa1b9901_3460e6a4","updated":"2015-08-20 15:23:26.000000000","message":"Done","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"9d46586338f46f642894beb8a6e9d61810b24fea","unresolved":false,"context_lines":[{"line_number":136,"context_line":""},{"line_number":137,"context_line":""},{"line_number":138,"context_line":"def get_hash_method(hash_method_name):"},{"line_number":139,"context_line":"    \"\"\""},{"line_number":140,"context_line":"    Verifies the hash method name and creates the hash method."},{"line_number":141,"context_line":""},{"line_number":142,"context_line":"    :param hash_method_name: the name of the hash method to retrieve"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_946772b6","line":139,"updated":"2015-08-20 11:34:04.000000000","message":"ditto","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"b84efde9769395b7aaa1d428f6f0cffd4f2de4ab","unresolved":false,"context_lines":[{"line_number":136,"context_line":""},{"line_number":137,"context_line":""},{"line_number":138,"context_line":"def get_hash_method(hash_method_name):"},{"line_number":139,"context_line":"    \"\"\""},{"line_number":140,"context_line":"    Verifies the hash method name and creates the hash method."},{"line_number":141,"context_line":""},{"line_number":142,"context_line":"    :param hash_method_name: the name of the hash method to retrieve"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_beae0ce4","line":139,"in_reply_to":"fa1b9901_946772b6","updated":"2015-08-20 15:23:26.000000000","message":"Done","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"9d46586338f46f642894beb8a6e9d61810b24fea","unresolved":false,"context_lines":[{"line_number":149,"context_line":""},{"line_number":150,"context_line":"    hash_method \u003d HASH_METHODS[hash_method_name]"},{"line_number":151,"context_line":""},{"line_number":152,"context_line":"    return hash_method"},{"line_number":153,"context_line":""},{"line_number":154,"context_line":""},{"line_number":155,"context_line":"def get_signature_format(signature_format):"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_f4a82e8e","line":152,"updated":"2015-08-20 11:34:04.000000000","message":"can also be written as \n\nreturn HASH_METHODS[hash_method_name]","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"b84efde9769395b7aaa1d428f6f0cffd4f2de4ab","unresolved":false,"context_lines":[{"line_number":149,"context_line":""},{"line_number":150,"context_line":"    hash_method \u003d HASH_METHODS[hash_method_name]"},{"line_number":151,"context_line":""},{"line_number":152,"context_line":"    return hash_method"},{"line_number":153,"context_line":""},{"line_number":154,"context_line":""},{"line_number":155,"context_line":"def get_signature_format(signature_format):"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_9e4d4840","line":152,"in_reply_to":"fa1b9901_f4a82e8e","updated":"2015-08-20 15:23:26.000000000","message":"Done","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"9d46586338f46f642894beb8a6e9d61810b24fea","unresolved":false,"context_lines":[{"line_number":153,"context_line":""},{"line_number":154,"context_line":""},{"line_number":155,"context_line":"def get_signature_format(signature_format):"},{"line_number":156,"context_line":"    \"\"\""},{"line_number":157,"context_line":"    Verifies the signature format."},{"line_number":158,"context_line":""},{"line_number":159,"context_line":"    :param signature_format: the format of the signature"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_949a126d","line":156,"updated":"2015-08-20 11:34:04.000000000","message":"ditto","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"b84efde9769395b7aaa1d428f6f0cffd4f2de4ab","unresolved":false,"context_lines":[{"line_number":153,"context_line":""},{"line_number":154,"context_line":""},{"line_number":155,"context_line":"def get_signature_format(signature_format):"},{"line_number":156,"context_line":"    \"\"\""},{"line_number":157,"context_line":"    Verifies the signature format."},{"line_number":158,"context_line":""},{"line_number":159,"context_line":"    :param signature_format: the format of the signature"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_5e6a5082","line":156,"in_reply_to":"fa1b9901_949a126d","updated":"2015-08-20 15:23:26.000000000","message":"Done","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"9d46586338f46f642894beb8a6e9d61810b24fea","unresolved":false,"context_lines":[{"line_number":168,"context_line":""},{"line_number":169,"context_line":""},{"line_number":170,"context_line":"def get_public_key(context, certificate_uuid, signature_format):"},{"line_number":171,"context_line":"    \"\"\""},{"line_number":172,"context_line":"    Creates the public key object from a retrieved certificate."},{"line_number":173,"context_line":""},{"line_number":174,"context_line":"    :param context: the user context for authentication"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_d4a2ca98","line":171,"updated":"2015-08-20 11:34:04.000000000","message":"ditto","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"b84efde9769395b7aaa1d428f6f0cffd4f2de4ab","unresolved":false,"context_lines":[{"line_number":168,"context_line":""},{"line_number":169,"context_line":""},{"line_number":170,"context_line":"def get_public_key(context, certificate_uuid, signature_format):"},{"line_number":171,"context_line":"    \"\"\""},{"line_number":172,"context_line":"    Creates the public key object from a retrieved certificate."},{"line_number":173,"context_line":""},{"line_number":174,"context_line":"    :param context: the user context for authentication"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_1e07f8ca","line":171,"in_reply_to":"fa1b9901_d4a2ca98","updated":"2015-08-20 15:23:26.000000000","message":"Done","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"9d46586338f46f642894beb8a6e9d61810b24fea","unresolved":false,"context_lines":[{"line_number":172,"context_line":"    Creates the public key object from a retrieved certificate."},{"line_number":173,"context_line":""},{"line_number":174,"context_line":"    :param context: the user context for authentication"},{"line_number":175,"context_line":"    :param certificate_uuid: the uuid to use to retrieve the certificate"},{"line_number":176,"context_line":"    :return: the public key cryptography object"},{"line_number":177,"context_line":"    :raises SignatureVerificationError: if public key format is invalid"},{"line_number":178,"context_line":"    \"\"\""}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_14b362ea","line":175,"updated":"2015-08-20 11:34:04.000000000","message":"please add\n:param signature_format: the format of the signature","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"b84efde9769395b7aaa1d428f6f0cffd4f2de4ab","unresolved":false,"context_lines":[{"line_number":172,"context_line":"    Creates the public key object from a retrieved certificate."},{"line_number":173,"context_line":""},{"line_number":174,"context_line":"    :param context: the user context for authentication"},{"line_number":175,"context_line":"    :param certificate_uuid: the uuid to use to retrieve the certificate"},{"line_number":176,"context_line":"    :return: the public key cryptography object"},{"line_number":177,"context_line":"    :raises SignatureVerificationError: if public key format is invalid"},{"line_number":178,"context_line":"    \"\"\""}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_bef84cc4","line":175,"in_reply_to":"fa1b9901_14b362ea","updated":"2015-08-20 15:23:26.000000000","message":"Done","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"9d46586338f46f642894beb8a6e9d61810b24fea","unresolved":false,"context_lines":[{"line_number":183,"context_line":"    public_key \u003d certificate.public_key()"},{"line_number":184,"context_line":""},{"line_number":185,"context_line":"    # Confirm the type is of the type expected based on the signature format"},{"line_number":186,"context_line":"    if (signature_format \u003d\u003d \u0027RSA-PSS\u0027):"},{"line_number":187,"context_line":"        if not isinstance(public_key, rsa.RSAPublicKey):"},{"line_number":188,"context_line":"            raise exception.SignatureVerificationError("},{"line_number":189,"context_line":"                \u0027Invalid public key type for signature format: %s\u0027"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_b4d39603","line":186,"updated":"2015-08-20 11:34:04.000000000","message":"no need of () brackets here","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"b84efde9769395b7aaa1d428f6f0cffd4f2de4ab","unresolved":false,"context_lines":[{"line_number":183,"context_line":"    public_key \u003d certificate.public_key()"},{"line_number":184,"context_line":""},{"line_number":185,"context_line":"    # Confirm the type is of the type expected based on the signature format"},{"line_number":186,"context_line":"    if (signature_format \u003d\u003d \u0027RSA-PSS\u0027):"},{"line_number":187,"context_line":"        if not isinstance(public_key, rsa.RSAPublicKey):"},{"line_number":188,"context_line":"            raise exception.SignatureVerificationError("},{"line_number":189,"context_line":"                \u0027Invalid public key type for signature format: %s\u0027"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_fe280435","line":186,"in_reply_to":"fa1b9901_b4d39603","updated":"2015-08-20 15:23:26.000000000","message":"Done","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"9d46586338f46f642894beb8a6e9d61810b24fea","unresolved":false,"context_lines":[{"line_number":214,"context_line":"        raise exception.SignatureVerificationError("},{"line_number":215,"context_line":"            \u0027Invalid certificate format: %s\u0027 % cert.get_format())"},{"line_number":216,"context_line":""},{"line_number":217,"context_line":"    if (cert.get_format() \u003d\u003d \u0027X.509\u0027):"},{"line_number":218,"context_line":"        # Note: the certificate is in unicode format and needs to be a str"},{"line_number":219,"context_line":"        cert_data \u003d str(cert.get_encoded())"},{"line_number":220,"context_line":"        certificate \u003d x509.load_pem_x509_certificate(cert_data,"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_1438423c","line":217,"updated":"2015-08-20 11:34:04.000000000","message":"no need of () brackets here","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"b84efde9769395b7aaa1d428f6f0cffd4f2de4ab","unresolved":false,"context_lines":[{"line_number":214,"context_line":"        raise exception.SignatureVerificationError("},{"line_number":215,"context_line":"            \u0027Invalid certificate format: %s\u0027 % cert.get_format())"},{"line_number":216,"context_line":""},{"line_number":217,"context_line":"    if (cert.get_format() \u003d\u003d \u0027X.509\u0027):"},{"line_number":218,"context_line":"        # Note: the certificate is in unicode format and needs to be a str"},{"line_number":219,"context_line":"        cert_data \u003d str(cert.get_encoded())"},{"line_number":220,"context_line":"        certificate \u003d x509.load_pem_x509_certificate(cert_data,"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_9e222851","line":217,"in_reply_to":"fa1b9901_1438423c","updated":"2015-08-20 15:23:26.000000000","message":"Done","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"e6e7537349e1a9968253ea34150f3a5019387757","unresolved":false,"context_lines":[{"line_number":46,"context_line":"}"},{"line_number":47,"context_line":""},{"line_number":48,"context_line":"# These are the currently supported MGF formats, used for RSA-PSS signatures"},{"line_number":49,"context_line":"MASK_GEN_ALGORIHTMS \u003d {"},{"line_number":50,"context_line":"    \u0027MGF1\u0027: padding.MGF1"},{"line_number":51,"context_line":"}"},{"line_number":52,"context_line":""}],"source_content_type":"text/x-python","patch_set":8,"id":"fa1b9901_219eb7b8","line":49,"updated":"2015-08-24 22:23:04.000000000","message":"ALGORIHTMS should be ALGORITHMS instead","commit_id":"21da69be057219e2638cdf490c16609f3ec649ff"},{"author":{"_account_id":14676,"name":"Kairat Kushaev","email":"kkushaev@mirantis.com","username":"kairat_kushaev"},"change_message_id":"35147c6deb332e071b5fd0b7ed2fbd583255e7cb","unresolved":false,"context_lines":[{"line_number":38,"context_line":"}"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"# These are the currently supported signature formats"},{"line_number":41,"context_line":"SIGNATURE_KEY_TYPES \u003d {"},{"line_number":42,"context_line":"    \u0027RSA-PSS\u0027"},{"line_number":43,"context_line":"}"},{"line_number":44,"context_line":""}],"source_content_type":"text/x-python","patch_set":14,"id":"da20952f_61fdfcaf","line":41,"updated":"2015-09-01 09:33:45.000000000","message":"IMO, if these lists would be named tuple we can avoid using hard-coded constants in code.","commit_id":"1a224eb2d736013ebe1be74319ce43692bfef420"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"8d37d1cb2e0d210def00784746d34b97d974359e","unresolved":false,"context_lines":[{"line_number":38,"context_line":"}"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"# These are the currently supported signature formats"},{"line_number":41,"context_line":"SIGNATURE_KEY_TYPES \u003d {"},{"line_number":42,"context_line":"    \u0027RSA-PSS\u0027"},{"line_number":43,"context_line":"}"},{"line_number":44,"context_line":""}],"source_content_type":"text/x-python","patch_set":14,"id":"da20952f_36f2d170","line":41,"in_reply_to":"da20952f_61fdfcaf","updated":"2015-09-01 17:48:38.000000000","message":"I have removed the hard-coded constants in this file.","commit_id":"1a224eb2d736013ebe1be74319ce43692bfef420"},{"author":{"_account_id":14676,"name":"Kairat Kushaev","email":"kkushaev@mirantis.com","username":"kairat_kushaev"},"change_message_id":"35147c6deb332e071b5fd0b7ed2fbd583255e7cb","unresolved":false,"context_lines":[{"line_number":83,"context_line":"            \u0027Required image properties for signature verification do not\u0027"},{"line_number":84,"context_line":"            \u0027 exist. Cannot verify signature.\u0027)"},{"line_number":85,"context_line":""},{"line_number":86,"context_line":"    signature \u003d get_signature(image_properties[\u0027signature\u0027])"},{"line_number":87,"context_line":"    hash_method \u003d get_hash_method(image_properties[\u0027signature_hash_method\u0027])"},{"line_number":88,"context_line":"    signature_key_type \u003d get_signature_key_type("},{"line_number":89,"context_line":"        image_properties[\u0027signature_key_type\u0027])"}],"source_content_type":"text/x-python","patch_set":14,"id":"da20952f_c15648cd","line":86,"updated":"2015-09-01 09:33:45.000000000","message":"It is just recommendation but glance code has enough hard-coded constants in code.\nCould you please consider possibility to replace these constants with named tuple like this:\nsignature_params \u003d (IMAGE_SIGNATURE, ...) \u003d (\n                                   \"signature\"..)","commit_id":"1a224eb2d736013ebe1be74319ce43692bfef420"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"8d37d1cb2e0d210def00784746d34b97d974359e","unresolved":false,"context_lines":[{"line_number":83,"context_line":"            \u0027Required image properties for signature verification do not\u0027"},{"line_number":84,"context_line":"            \u0027 exist. Cannot verify signature.\u0027)"},{"line_number":85,"context_line":""},{"line_number":86,"context_line":"    signature \u003d get_signature(image_properties[\u0027signature\u0027])"},{"line_number":87,"context_line":"    hash_method \u003d get_hash_method(image_properties[\u0027signature_hash_method\u0027])"},{"line_number":88,"context_line":"    signature_key_type \u003d get_signature_key_type("},{"line_number":89,"context_line":"        image_properties[\u0027signature_key_type\u0027])"}],"source_content_type":"text/x-python","patch_set":14,"id":"da20952f_56e425ab","line":86,"in_reply_to":"da20952f_c15648cd","updated":"2015-09-01 17:48:38.000000000","message":"I have removed the hard-coded constants, and placed them at the start of the file.","commit_id":"1a224eb2d736013ebe1be74319ce43692bfef420"},{"author":{"_account_id":14676,"name":"Kairat Kushaev","email":"kkushaev@mirantis.com","username":"kairat_kushaev"},"change_message_id":"35147c6deb332e071b5fd0b7ed2fbd583255e7cb","unresolved":false,"context_lines":[{"line_number":125,"context_line":"        )"},{"line_number":126,"context_line":""},{"line_number":127,"context_line":"    # Verify the signature"},{"line_number":128,"context_line":"    verifier.update(checksum_hash)"},{"line_number":129,"context_line":"    try:"},{"line_number":130,"context_line":"        verifier.verify()"},{"line_number":131,"context_line":"        return True"}],"source_content_type":"text/x-python","patch_set":14,"id":"da20952f_c133a860","line":128,"updated":"2015-09-01 09:33:45.000000000","message":"It looks like we have a case when verifier is not initialized.\nSo we definetely need to fix this and do one of the following:\n1) replace verifier usage under if condition\n2) change the conditions for verifier initialize.","commit_id":"1a224eb2d736013ebe1be74319ce43692bfef420"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"8d37d1cb2e0d210def00784746d34b97d974359e","unresolved":false,"context_lines":[{"line_number":125,"context_line":"        )"},{"line_number":126,"context_line":""},{"line_number":127,"context_line":"    # Verify the signature"},{"line_number":128,"context_line":"    verifier.update(checksum_hash)"},{"line_number":129,"context_line":"    try:"},{"line_number":130,"context_line":"        verifier.verify()"},{"line_number":131,"context_line":"        return True"}],"source_content_type":"text/x-python","patch_set":14,"id":"da20952f_62d08cf8","line":128,"in_reply_to":"da20952f_c133a860","updated":"2015-09-01 17:48:38.000000000","message":"I initialized the verifier outside of the if statement.","commit_id":"1a224eb2d736013ebe1be74319ce43692bfef420"},{"author":{"_account_id":14676,"name":"Kairat Kushaev","email":"kkushaev@mirantis.com","username":"kairat_kushaev"},"change_message_id":"35147c6deb332e071b5fd0b7ed2fbd583255e7cb","unresolved":false,"context_lines":[{"line_number":140,"context_line":"    :param siganture_data: the base64-encoded signature data"},{"line_number":141,"context_line":"    :return: the decoded signature"},{"line_number":142,"context_line":"    \"\"\""},{"line_number":143,"context_line":"    return base64.b64decode(signature_data)"},{"line_number":144,"context_line":""},{"line_number":145,"context_line":""},{"line_number":146,"context_line":"def get_hash_method(hash_method_name):"}],"source_content_type":"text/x-python","patch_set":14,"id":"da20952f_6145fc40","line":143,"updated":"2015-09-01 09:33:45.000000000","message":"According to docs there can be TypeError:\nhttps://docs.python.org/2/library/base64.html\nShouldn\u0027t we keep in mind that signature is incorrect?","commit_id":"1a224eb2d736013ebe1be74319ce43692bfef420"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"8d37d1cb2e0d210def00784746d34b97d974359e","unresolved":false,"context_lines":[{"line_number":140,"context_line":"    :param siganture_data: the base64-encoded signature data"},{"line_number":141,"context_line":"    :return: the decoded signature"},{"line_number":142,"context_line":"    \"\"\""},{"line_number":143,"context_line":"    return base64.b64decode(signature_data)"},{"line_number":144,"context_line":""},{"line_number":145,"context_line":""},{"line_number":146,"context_line":"def get_hash_method(hash_method_name):"}],"source_content_type":"text/x-python","patch_set":14,"id":"da20952f_62ae4ce9","line":143,"in_reply_to":"da20952f_6145fc40","updated":"2015-09-01 17:48:38.000000000","message":"I\u0027ve added a try/except block to catch the TypeError and raise a SignatureVerificationError.","commit_id":"1a224eb2d736013ebe1be74319ce43692bfef420"},{"author":{"_account_id":12000,"name":"Ian Cordasco","email":"sigmavirus24@gmail.com","username":"sigmavirus24"},"change_message_id":"7dbccec8d073225c15e5ca7b3379aca4e6904611","unresolved":false,"context_lines":[{"line_number":38,"context_line":"}"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"# These are the currently supported signature formats"},{"line_number":41,"context_line":"(RSA_PSS) \u003d ("},{"line_number":42,"context_line":"    \u0027RSA-PSS\u0027"},{"line_number":43,"context_line":")"},{"line_number":44,"context_line":""}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_d324b9c7","line":41,"updated":"2015-09-01 22:08:46.000000000","message":"Why is this structured this way? Do you want to do tuple assignment? If so you need to do\n\n    (RSA_PSS,) \u003d (\n        \u0027RSA-PSS\u0027,\n    )","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"e80f8bc362c42967b955e76be42076c822bfb73a","unresolved":false,"context_lines":[{"line_number":38,"context_line":"}"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"# These are the currently supported signature formats"},{"line_number":41,"context_line":"(RSA_PSS) \u003d ("},{"line_number":42,"context_line":"    \u0027RSA-PSS\u0027"},{"line_number":43,"context_line":")"},{"line_number":44,"context_line":""}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_1458a5f9","line":41,"in_reply_to":"da20952f_220c9d41","updated":"2015-09-02 20:49:06.000000000","message":"Since this patch is having a minor update, I\u0027m including this fix in the upcoming patch.","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"294deef172f4b99f5444de213e4f062439d1909f","unresolved":false,"context_lines":[{"line_number":38,"context_line":"}"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"# These are the currently supported signature formats"},{"line_number":41,"context_line":"(RSA_PSS) \u003d ("},{"line_number":42,"context_line":"    \u0027RSA-PSS\u0027"},{"line_number":43,"context_line":")"},{"line_number":44,"context_line":""}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_220c9d41","line":41,"in_reply_to":"da20952f_d324b9c7","updated":"2015-09-02 14:43:56.000000000","message":"Done (in dependent patch)","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":12000,"name":"Ian Cordasco","email":"sigmavirus24@gmail.com","username":"sigmavirus24"},"change_message_id":"7dbccec8d073225c15e5ca7b3379aca4e6904611","unresolved":false,"context_lines":[{"line_number":48,"context_line":""},{"line_number":49,"context_line":"# These are the currently supported certificate formats"},{"line_number":50,"context_line":"(X_509) \u003d ("},{"line_number":51,"context_line":"    \u0027X.509\u0027"},{"line_number":52,"context_line":")"},{"line_number":53,"context_line":""},{"line_number":54,"context_line":"CERTIFICATE_FORMATS \u003d {"}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_f321bdb5","line":51,"updated":"2015-09-01 22:08:46.000000000","message":"Same here","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"e80f8bc362c42967b955e76be42076c822bfb73a","unresolved":false,"context_lines":[{"line_number":48,"context_line":""},{"line_number":49,"context_line":"# These are the currently supported certificate formats"},{"line_number":50,"context_line":"(X_509) \u003d ("},{"line_number":51,"context_line":"    \u0027X.509\u0027"},{"line_number":52,"context_line":")"},{"line_number":53,"context_line":""},{"line_number":54,"context_line":"CERTIFICATE_FORMATS \u003d {"}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_f46df199","line":51,"in_reply_to":"da20952f_42099130","updated":"2015-09-02 20:49:06.000000000","message":"Since this patch is having a minor update, I\u0027m including this fix in the upcoming patch.","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"294deef172f4b99f5444de213e4f062439d1909f","unresolved":false,"context_lines":[{"line_number":48,"context_line":""},{"line_number":49,"context_line":"# These are the currently supported certificate formats"},{"line_number":50,"context_line":"(X_509) \u003d ("},{"line_number":51,"context_line":"    \u0027X.509\u0027"},{"line_number":52,"context_line":")"},{"line_number":53,"context_line":""},{"line_number":54,"context_line":"CERTIFICATE_FORMATS \u003d {"}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_42099130","line":51,"in_reply_to":"da20952f_f321bdb5","updated":"2015-09-02 14:43:56.000000000","message":"Done (in dependent patch)","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":12000,"name":"Ian Cordasco","email":"sigmavirus24@gmail.com","username":"sigmavirus24"},"change_message_id":"7dbccec8d073225c15e5ca7b3379aca4e6904611","unresolved":false,"context_lines":[{"line_number":118,"context_line":""},{"line_number":119,"context_line":"    # create the verifier based on the signature key type"},{"line_number":120,"context_line":"    if signature_key_type \u003d\u003d RSA_PSS:"},{"line_number":121,"context_line":"        # retrieve other needed properties, or use defaults if not there"},{"line_number":122,"context_line":"        if MASK_GEN_ALG in image_properties:"},{"line_number":123,"context_line":"            mask_gen_algorithm \u003d image_properties[MASK_GEN_ALG]"},{"line_number":124,"context_line":"            if mask_gen_algorithm in MASK_GEN_ALGORITHMS:"}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_932e41a4","line":121,"updated":"2015-09-01 22:08:46.000000000","message":"I wonder if there\u0027s value in making this a separate function to do it based on key type. Then we can have a dictionary mapping key type to function to execute it and make this simpler for any key types we may need to add in the future.","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"294deef172f4b99f5444de213e4f062439d1909f","unresolved":false,"context_lines":[{"line_number":118,"context_line":""},{"line_number":119,"context_line":"    # create the verifier based on the signature key type"},{"line_number":120,"context_line":"    if signature_key_type \u003d\u003d RSA_PSS:"},{"line_number":121,"context_line":"        # retrieve other needed properties, or use defaults if not there"},{"line_number":122,"context_line":"        if MASK_GEN_ALG in image_properties:"},{"line_number":123,"context_line":"            mask_gen_algorithm \u003d image_properties[MASK_GEN_ALG]"},{"line_number":124,"context_line":"            if mask_gen_algorithm in MASK_GEN_ALGORITHMS:"}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_c0783992","line":121,"in_reply_to":"da20952f_932e41a4","updated":"2015-09-02 14:43:56.000000000","message":"I agree that there is value--it makes the \"verify_signature\" function easier to follow as well.  Done (in dependent patch).","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":12000,"name":"Ian Cordasco","email":"sigmavirus24@gmail.com","username":"sigmavirus24"},"change_message_id":"7dbccec8d073225c15e5ca7b3379aca4e6904611","unresolved":false,"context_lines":[{"line_number":121,"context_line":"        # retrieve other needed properties, or use defaults if not there"},{"line_number":122,"context_line":"        if MASK_GEN_ALG in image_properties:"},{"line_number":123,"context_line":"            mask_gen_algorithm \u003d image_properties[MASK_GEN_ALG]"},{"line_number":124,"context_line":"            if mask_gen_algorithm in MASK_GEN_ALGORITHMS:"},{"line_number":125,"context_line":"                mgf \u003d MASK_GEN_ALGORITHMS[mask_gen_algorithm](hash_method)"},{"line_number":126,"context_line":"            else:"},{"line_number":127,"context_line":"                raise exception.SignatureVerificationError("}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_b32b4594","line":124,"updated":"2015-09-01 22:08:46.000000000","message":"Style nit that can be addressed in a follow-on patch:\n\nI\u0027d rather have this do\n\n     if mask_gen_algorithm not in MASK_GEN_ALGORITHMS:\n         raise exception.SignatureVerificationError(...)\n\n     mgf \u003d MASK_GEN_ALGORITHMS[mask_gen_algorithm](hash_method)","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"294deef172f4b99f5444de213e4f062439d1909f","unresolved":false,"context_lines":[{"line_number":121,"context_line":"        # retrieve other needed properties, or use defaults if not there"},{"line_number":122,"context_line":"        if MASK_GEN_ALG in image_properties:"},{"line_number":123,"context_line":"            mask_gen_algorithm \u003d image_properties[MASK_GEN_ALG]"},{"line_number":124,"context_line":"            if mask_gen_algorithm in MASK_GEN_ALGORITHMS:"},{"line_number":125,"context_line":"                mgf \u003d MASK_GEN_ALGORITHMS[mask_gen_algorithm](hash_method)"},{"line_number":126,"context_line":"            else:"},{"line_number":127,"context_line":"                raise exception.SignatureVerificationError("}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_e09e9d62","line":124,"in_reply_to":"da20952f_b32b4594","updated":"2015-09-02 14:43:56.000000000","message":"Done (in dependent patch)","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":12000,"name":"Ian Cordasco","email":"sigmavirus24@gmail.com","username":"sigmavirus24"},"change_message_id":"7dbccec8d073225c15e5ca7b3379aca4e6904611","unresolved":false,"context_lines":[{"line_number":131,"context_line":"            mgf \u003d padding.MGF1(hash_method)"},{"line_number":132,"context_line":"        if PSS_SALT_LENGTH in image_properties:"},{"line_number":133,"context_line":"            pss_salt_length \u003d image_properties[PSS_SALT_LENGTH]"},{"line_number":134,"context_line":"            try:"},{"line_number":135,"context_line":"                salt_length \u003d int(pss_salt_length)"},{"line_number":136,"context_line":"            except ValueError:"},{"line_number":137,"context_line":"                raise exception.SignatureVerificationError("}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_53174954","line":134,"updated":"2015-09-01 22:08:46.000000000","message":"We could move this out of the if after the else, e.g.,\n\n    pss_salt_length \u003d image_properties.get(PSS_SALT_LENGTH, padding.PSS.MAX_LENGTH)\n    try:\n        salt_length \u003d int(pss_salt_length)\n    except ValueError:\n        raise ...\n\nThis makes it simpler and avoids having two lookups into the dictionary.","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"294deef172f4b99f5444de213e4f062439d1909f","unresolved":false,"context_lines":[{"line_number":131,"context_line":"            mgf \u003d padding.MGF1(hash_method)"},{"line_number":132,"context_line":"        if PSS_SALT_LENGTH in image_properties:"},{"line_number":133,"context_line":"            pss_salt_length \u003d image_properties[PSS_SALT_LENGTH]"},{"line_number":134,"context_line":"            try:"},{"line_number":135,"context_line":"                salt_length \u003d int(pss_salt_length)"},{"line_number":136,"context_line":"            except ValueError:"},{"line_number":137,"context_line":"                raise exception.SignatureVerificationError("}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_e0e45dad","line":134,"in_reply_to":"da20952f_53174954","updated":"2015-09-02 14:43:56.000000000","message":"This actually won\u0027t work, since \"padding.PSS.MAX_LENGTH\" is an object, not an integer, and so it will always raise an exception whenever it is selected as the default.  (Since int() requires a string or a number).\n\nSince the max length is variable deepening on other parameters, cryptography uses this object to indicate that the max length should be calculated and then used.\n\nI left it as-is.","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":12000,"name":"Ian Cordasco","email":"sigmavirus24@gmail.com","username":"sigmavirus24"},"change_message_id":"7dbccec8d073225c15e5ca7b3379aca4e6904611","unresolved":false,"context_lines":[{"line_number":225,"context_line":"    public_key \u003d certificate.public_key()"},{"line_number":226,"context_line":""},{"line_number":227,"context_line":"    # Confirm the type is of the type expected based on the signature key type"},{"line_number":228,"context_line":"    if signature_key_type \u003d\u003d RSA_PSS:"},{"line_number":229,"context_line":"        if not isinstance(public_key, rsa.RSAPublicKey):"},{"line_number":230,"context_line":"            raise exception.SignatureVerificationError("},{"line_number":231,"context_line":"                \u0027Invalid public key type for signature key type: %s\u0027"}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_731ccd77","line":228,"updated":"2015-09-01 22:08:46.000000000","message":"These two can become one:\n\n    if (signature_key_type \u003d\u003d RSA_PSS and\n            not isinstance(public_key, rsa.RSAPublicKey)):\n        raise ...","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"294deef172f4b99f5444de213e4f062439d1909f","unresolved":false,"context_lines":[{"line_number":225,"context_line":"    public_key \u003d certificate.public_key()"},{"line_number":226,"context_line":""},{"line_number":227,"context_line":"    # Confirm the type is of the type expected based on the signature key type"},{"line_number":228,"context_line":"    if signature_key_type \u003d\u003d RSA_PSS:"},{"line_number":229,"context_line":"        if not isinstance(public_key, rsa.RSAPublicKey):"},{"line_number":230,"context_line":"            raise exception.SignatureVerificationError("},{"line_number":231,"context_line":"                \u0027Invalid public key type for signature key type: %s\u0027"}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_405bc954","line":228,"in_reply_to":"da20952f_731ccd77","updated":"2015-09-02 14:43:56.000000000","message":"Done (in dependent patch)","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":12000,"name":"Ian Cordasco","email":"sigmavirus24@gmail.com","username":"sigmavirus24"},"change_message_id":"7dbccec8d073225c15e5ca7b3379aca4e6904611","unresolved":false,"context_lines":[{"line_number":249,"context_line":"    try:"},{"line_number":250,"context_line":"        # The certificate retrieved here is a castellan certificate object"},{"line_number":251,"context_line":"        cert \u003d keymgr_api.get(context, signature_certificate_uuid)"},{"line_number":252,"context_line":"    except Exception:"},{"line_number":253,"context_line":"        raise exception.SignatureVerificationError("},{"line_number":254,"context_line":"            \u0027Unable to retrieve certificate with ID: %s\u0027"},{"line_number":255,"context_line":"            % signature_certificate_uuid)"}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_1311d15d","line":252,"updated":"2015-09-01 22:08:46.000000000","message":"Can we get any more specific with \"Exception\" here? If not, can we have a comment as to why not?","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"294deef172f4b99f5444de213e4f062439d1909f","unresolved":false,"context_lines":[{"line_number":249,"context_line":"    try:"},{"line_number":250,"context_line":"        # The certificate retrieved here is a castellan certificate object"},{"line_number":251,"context_line":"        cert \u003d keymgr_api.get(context, signature_certificate_uuid)"},{"line_number":252,"context_line":"    except Exception:"},{"line_number":253,"context_line":"        raise exception.SignatureVerificationError("},{"line_number":254,"context_line":"            \u0027Unable to retrieve certificate with ID: %s\u0027"},{"line_number":255,"context_line":"            % signature_certificate_uuid)"}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_dbc7cc62","line":252,"in_reply_to":"da20952f_1311d15d","updated":"2015-09-02 14:43:56.000000000","message":"I\u0027d like to avoid the situation where an unexpected Exception is raised by the castellan backend, that is difficult to trace back to a Signature Verification problem.  A different backend for castellan might raise different types of exceptions for different errors.\n\nFor example, the barbican backend might raise barbican-specific exceptions, and I don\u0027t think it\u0027s worthwhile to import barbican exceptions here because the castellan backend might be barbican.\n\nI\u0027ve added a comment to this end in the dependent patch.","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"e80f8bc362c42967b955e76be42076c822bfb73a","unresolved":false,"context_lines":[{"line_number":249,"context_line":"    try:"},{"line_number":250,"context_line":"        # The certificate retrieved here is a castellan certificate object"},{"line_number":251,"context_line":"        cert \u003d keymgr_api.get(context, signature_certificate_uuid)"},{"line_number":252,"context_line":"    except Exception:"},{"line_number":253,"context_line":"        raise exception.SignatureVerificationError("},{"line_number":254,"context_line":"            \u0027Unable to retrieve certificate with ID: %s\u0027"},{"line_number":255,"context_line":"            % signature_certificate_uuid)"}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_140f45e2","line":252,"in_reply_to":"da20952f_441bd880","updated":"2015-09-02 20:49:06.000000000","message":"I\u0027ve decided to include the fix for this in a minor update to this patch.","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":8623,"name":"Kaitlin Farr","email":"kaitlin.farr@jhuapl.edu","username":"kaitlin.farr"},"change_message_id":"bc5fdcdf6d630d1e76ca8cb1763b7a1b45caf95e","unresolved":false,"context_lines":[{"line_number":249,"context_line":"    try:"},{"line_number":250,"context_line":"        # The certificate retrieved here is a castellan certificate object"},{"line_number":251,"context_line":"        cert \u003d keymgr_api.get(context, signature_certificate_uuid)"},{"line_number":252,"context_line":"    except Exception:"},{"line_number":253,"context_line":"        raise exception.SignatureVerificationError("},{"line_number":254,"context_line":"            \u0027Unable to retrieve certificate with ID: %s\u0027"},{"line_number":255,"context_line":"            % signature_certificate_uuid)"}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_d14d6dc5","line":252,"in_reply_to":"da20952f_915db5ee","updated":"2015-09-02 14:56:36.000000000","message":"The key manager has pluggable backends that could raise different errors depending on the backend, so I agree with Brianna that the general Exception should be caught above, though I agree with Kairat that it would be helpful to log the original exception, perhaps in the dependent patch.","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"7394f5c02cadbfd7fff4f6ca243c1efd32e284f6","unresolved":false,"context_lines":[{"line_number":249,"context_line":"    try:"},{"line_number":250,"context_line":"        # The certificate retrieved here is a castellan certificate object"},{"line_number":251,"context_line":"        cert \u003d keymgr_api.get(context, signature_certificate_uuid)"},{"line_number":252,"context_line":"    except Exception:"},{"line_number":253,"context_line":"        raise exception.SignatureVerificationError("},{"line_number":254,"context_line":"            \u0027Unable to retrieve certificate with ID: %s\u0027"},{"line_number":255,"context_line":"            % signature_certificate_uuid)"}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_441bd880","line":252,"in_reply_to":"da20952f_d14d6dc5","updated":"2015-09-02 15:47:08.000000000","message":"I agree that this should be logged. I included a log for this castellan exception in the dependent patch (https://review.openstack.org/#/c/219731/)","commit_id":"228992ef868d2026ac9880f9470145736541c467"},{"author":{"_account_id":14676,"name":"Kairat Kushaev","email":"kkushaev@mirantis.com","username":"kairat_kushaev"},"change_message_id":"a441f46233e48fd882f4845e221395dd018e304c","unresolved":false,"context_lines":[{"line_number":249,"context_line":"    try:"},{"line_number":250,"context_line":"        # The certificate retrieved here is a castellan certificate object"},{"line_number":251,"context_line":"        cert \u003d keymgr_api.get(context, signature_certificate_uuid)"},{"line_number":252,"context_line":"    except Exception:"},{"line_number":253,"context_line":"        raise exception.SignatureVerificationError("},{"line_number":254,"context_line":"            \u0027Unable to retrieve certificate with ID: %s\u0027"},{"line_number":255,"context_line":"            % signature_certificate_uuid)"}],"source_content_type":"text/x-python","patch_set":16,"id":"da20952f_915db5ee","line":252,"in_reply_to":"da20952f_dbc7cc62","updated":"2015-09-02 14:49:53.000000000","message":"Brianna, I am not so familiar with these backend but this except-clause can save a lot of time during debugging if you log caught exception somewhere.\nOtherwise, the exception will be shadowed and we will have no idea of error.","commit_id":"228992ef868d2026ac9880f9470145736541c467"}],"glance/location.py":[{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"9d46586338f46f642894beb8a6e9d61810b24fea","unresolved":false,"context_lines":[{"line_number":379,"context_line":"            context\u003dself.context)"},{"line_number":380,"context_line":""},{"line_number":381,"context_line":"        # Verify the signature (if correct properties are present)"},{"line_number":382,"context_line":"        if (hasattr(self.image, \u0027extra_properties\u0027) and"},{"line_number":383,"context_line":"            signature_utils.should_verify_signature("},{"line_number":384,"context_line":"                self.image.extra_properties)):"},{"line_number":385,"context_line":"            # NOTE(bpoulos): if verification fails, exception will be raised"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_b7e958e8","line":382,"updated":"2015-08-20 11:34:04.000000000","message":"IMO no need to check hasattr for \u0027extra_properties\u0027 it will always return True because even if you not specified any extra_properties at the time of image creation, self.image.extra_properties will return empty {}.","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"b84efde9769395b7aaa1d428f6f0cffd4f2de4ab","unresolved":false,"context_lines":[{"line_number":379,"context_line":"            context\u003dself.context)"},{"line_number":380,"context_line":""},{"line_number":381,"context_line":"        # Verify the signature (if correct properties are present)"},{"line_number":382,"context_line":"        if (hasattr(self.image, \u0027extra_properties\u0027) and"},{"line_number":383,"context_line":"            signature_utils.should_verify_signature("},{"line_number":384,"context_line":"                self.image.extra_properties)):"},{"line_number":385,"context_line":"            # NOTE(bpoulos): if verification fails, exception will be raised"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_ca0c56ee","line":382,"in_reply_to":"fa1b9901_b7e958e8","updated":"2015-08-20 15:23:26.000000000","message":"Not all the unit tests have an \"extra_properties\" object, so I\u0027ll have to go through and add a \"extra_properties \u003d {}\" for these tests, so that they more accurately represent an image at image creation.","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"9d46586338f46f642894beb8a6e9d61810b24fea","unresolved":false,"context_lines":[{"line_number":387,"context_line":"                self.context, checksum, self.image.extra_properties)"},{"line_number":388,"context_line":"            if result:"},{"line_number":389,"context_line":"                msg \u003d (_LI(\"Successfully verified signature for image \""},{"line_number":390,"context_line":"                           \"%s \") % self.image.image_id)"},{"line_number":391,"context_line":"                LOG.info(msg)"},{"line_number":392,"context_line":""},{"line_number":393,"context_line":"        self.image.locations \u003d [{\u0027url\u0027: location, \u0027metadata\u0027: loc_meta,"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_94f77258","line":390,"updated":"2015-08-20 11:34:04.000000000","message":"remove blank space in \"%s \"","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"b84efde9769395b7aaa1d428f6f0cffd4f2de4ab","unresolved":false,"context_lines":[{"line_number":387,"context_line":"                self.context, checksum, self.image.extra_properties)"},{"line_number":388,"context_line":"            if result:"},{"line_number":389,"context_line":"                msg \u003d (_LI(\"Successfully verified signature for image \""},{"line_number":390,"context_line":"                           \"%s \") % self.image.image_id)"},{"line_number":391,"context_line":"                LOG.info(msg)"},{"line_number":392,"context_line":""},{"line_number":393,"context_line":"        self.image.locations \u003d [{\u0027url\u0027: location, \u0027metadata\u0027: loc_meta,"}],"source_content_type":"text/x-python","patch_set":6,"id":"fa1b9901_be94cc42","line":390,"in_reply_to":"fa1b9901_94f77258","updated":"2015-08-20 15:23:26.000000000","message":"Done","commit_id":"8f6286d43f4f5af73792eae7947c04c1cdb7e1dd"},{"author":{"_account_id":14676,"name":"Kairat Kushaev","email":"kkushaev@mirantis.com","username":"kairat_kushaev"},"change_message_id":"35147c6deb332e071b5fd0b7ed2fbd583255e7cb","unresolved":false,"context_lines":[{"line_number":31,"context_line":""},{"line_number":32,"context_line":"_ \u003d i18n._"},{"line_number":33,"context_line":"_LE \u003d i18n._LE"},{"line_number":34,"context_line":"_LI \u003d i18n._LI"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"CONF \u003d cfg.CONF"},{"line_number":37,"context_line":"LOG \u003d logging.getLogger(__name__)"}],"source_content_type":"text/x-python","patch_set":14,"id":"da20952f_5e71b70a","line":34,"updated":"2015-09-01 09:33:45.000000000","message":"IMO, it is better and shorter to do this through imports.","commit_id":"1a224eb2d736013ebe1be74319ce43692bfef420"},{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"8d37d1cb2e0d210def00784746d34b97d974359e","unresolved":false,"context_lines":[{"line_number":31,"context_line":""},{"line_number":32,"context_line":"_ \u003d i18n._"},{"line_number":33,"context_line":"_LE \u003d i18n._LE"},{"line_number":34,"context_line":"_LI \u003d i18n._LI"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"CONF \u003d cfg.CONF"},{"line_number":37,"context_line":"LOG \u003d logging.getLogger(__name__)"}],"source_content_type":"text/x-python","patch_set":14,"id":"da20952f_adc8d5a9","line":34,"in_reply_to":"da20952f_5e71b70a","updated":"2015-09-01 17:48:38.000000000","message":"I\u0027m following the current convention in this file and across glance in general.  \n\nUpdating all of the lines like these to use imports instead is something that should probably be done in a separate patch.","commit_id":"1a224eb2d736013ebe1be74319ce43692bfef420"}],"requirements.txt":[{"author":{"_account_id":7012,"name":"Brianna Poulos","email":"Brianna.Poulos@jhuapl.edu","username":"brianna-poulos"},"change_message_id":"0895654bdc0c9f20a94197efaa4270567ce34839","unresolved":false,"context_lines":[{"line_number":69,"context_line":"semantic-version\u003e\u003d2.3.1"},{"line_number":70,"context_line":""},{"line_number":71,"context_line":"castellan\u003e\u003d0.1.0 # Apache-2.0"},{"line_number":72,"context_line":"cryptography\u003e\u003d0.9.1 # Apache-2.0"}],"source_content_type":"text/plain","patch_set":9,"id":"fa1b9901_02c0357b","line":72,"updated":"2015-08-25 13:00:16.000000000","message":"The version for cryptography has been updated to \u003e\u003d1.0 in global-requirements, so this needs to be updated here too.","commit_id":"a734d8edd18b0debcebf970e57c1844088e757d1"}]}