TUF Modification required: TAP 3 & TAP 4 implementations must support special behavior for custom target info

[awwad]

Uptane expects Director and OEM repositories to provide matching metadata about target files, except for the Director's custom metadata, which comes only from the Director and should be used to indicate which ECU each target file is for.

In order to support this behavior, TUF will need to support a parameter in tuf.client.updater.target() that will optionally instruct it to return all otherwise-matching target info with non-matching custom info.

I won't go into all the details here, but I'll close this issue when the appropriate changes have been made to Uptane's fork of TUF.

[awwad]

The TAP-4-related portion of this has been resolved in awwad/tuf:pinning through the addition of an optional argument to tuf.client.updater.target() that instructs it to return all targetinfo for the given target from the role that was required in the validation of that target for each repository that was required for the validation of that target.

This has to be updated to work better for TUF in the general case. In particular:

• Adjust to provide clearly different function calls for the two modes of operation for target()
• Provide similar functionality for TAP 3 (not required for Uptane)
• Handle merge conflicts with simultaneous changes

[awwad]

Should open a TUF issue for this, perhaps, but the Uptane-related portion is resolved.