Fix Root.add_key() argument's type

After the implementation of a Key class representing the public portion of a key, the method add_key() should take an argument of type Key, instead of a dictionary. Test cases are updated accordingly. Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
2026-05-24 10:08:28 +00:00 · 2021-05-12 14:35:32 +03:00 · 2021-05-12 14:35:32 +03:00 · 167e1793d0
commit 167e1793d0
parent 2ef8546afb
2 changed files with 10 additions and 11 deletions
--- a/tests/test_api.py
+++ b/tests/test_api.py
@ -48,10 +48,6 @@
    import_ed25519_privatekey_from_file
 )

-from securesystemslib.keys import (
-    format_keyval_to_metadata
-)
-
 from securesystemslib.signer import (
    SSlibSigner
 )
@ -234,7 +230,7 @@ def test_metadata_base(self):
        is_expired = md.signed.is_expired(md.signed.expires - timedelta(days=1))
        self.assertFalse(is_expired)

-        # Test is_expired without reference_time, 
+        # Test is_expired without reference_time,
        # manipulating md.signed.expires
        expires = md.signed.expires
        md.signed.expires = datetime.utcnow()
@ -244,7 +240,7 @@ def test_metadata_base(self):
        is_expired = md.signed.is_expired()
        self.assertFalse(is_expired)
        md.signed.expires = expires
-        
+
    def test_metadata_snapshot(self):
        snapshot_path = os.path.join(
                self.repo_dir, 'metadata', 'snapshot.json')
@ -394,9 +390,10 @@ def test_metadata_root(self):
        root_key2 =  import_ed25519_publickey_from_file(
                    os.path.join(self.keystore_dir, 'root_key2.pub'))

+
        keyid = root_key2['keyid']
-        key_metadata = format_keyval_to_metadata(
-            root_key2['keytype'], root_key2['scheme'], root_key2['keyval'])
+        key_metadata = Key(root_key2['keytype'], root_key2['scheme'],
+            root_key2['keyval'])

        # Assert that root does not contain the new key
        self.assertNotIn(keyid, root.signed.roles['root'].keyids)
@ -409,6 +406,10 @@ def test_metadata_root(self):
        self.assertIn(keyid, root.signed.roles['root'].keyids)
        self.assertIn(keyid, root.signed.keys)

+        # Confirm that the newly added key does not break
+        # the object serialization
+        root.to_dict()
+
        # Try adding the same key again and assert its ignored.
        pre_add_keyid = root.signed.roles['root'].keyids.copy()
        root.signed.add_key('root', keyid, key_metadata)
--- a/tuf/api/metadata.py
+++ b/tuf/api/metadata.py
@ -578,9 +578,7 @@ def to_dict(self) -> Dict[str, Any]:
        return root_dict

    # Update key for a role.
-    def add_key(
-        self, role: str, keyid: str, key_metadata: Dict[str, Any]
-    ) -> None:
+    def add_key(self, role: str, keyid: str, key_metadata: Key) -> None:
        """Adds new key for 'role' and updates the key store."""
        self.roles[role].keyids.add(keyid)
        self.keys[keyid] = key_metadata