tuf v3.1 releases: A Framework for Securing Software Update Systems

The Update Framework (TUF)

The Update Framework (TUF) is written in Python and intended to conform to version 1.0 of the TUF specification. This implementation is in use in production systems but is also intended to be a readable guide and demonstration for those working on implementing TUF in their own languages, environments, or update systems.

About The Update Framework

The Update Framework (TUF) design helps developers maintain the security of a software update system, even against attackers that compromise the repository or signing keys. TUF provides a flexible specification defining functionality that developers can use in any software update system or re-implement to fit their needs.

TUF is hosted by the Linux Foundation as part of the Cloud Native Computing Foundation (CNCF) and its design is used in production by various tech companies and open source organizations. A variant of TUF called Uptane is used to secure over-the-air updates in automobiles.

What TUF Does

In order to securely download and verify target files, TUF requires a few extra files to exist on a repository. These are called metadata files. TUF metadata files contain additional information, including information about which keys are trusted, the cryptographic hashes of files, signatures on the metadata, metadata version numbers, and the date after which the metadata should be considered expired.

When a software update system using TUF wants to check for updates, it asks TUF to do the work. That is, your software update system never has to deal with this additional metadata or understand what’s going on underneath. If TUF reports back that there are updates available, your software update system can then ask TUF to download these files. TUF downloads them and checks them against the TUF metadata that it also downloads from the repository. If the downloaded target files are trustworthy, TUF hands them over to your software update system. See Metadata for more information and examples.

Changelog v3.1

Added

• Metadata API: move verify_delegate() to Root/Targets (#2378)
  • verify_delegate() on Metadata is now deprecated
• Metadata API: add get_verification_result() as verbose alternative for verify_delegate() (#2481)
• Metadata API: add MetaFile.from_data() convenience factory (#2273)

Changed

• Metadata API: change Root.roles type hint to Dict (#2411)
• Various minor improvements in tests (#2447, #2491), docs (#2390, #2392, #2474) and build (#2389, #2453, #2479, #2488)

Removed

• build: Python 3.7 support (#2460)

Install & Use

Copyright (c) 2010 New York University