Merge pull request #855 from theupdateframework/adjust_to_removals_from_securesystemslib

Adjust to removals from securesystemslib
This commit is contained in:
lukpueh 2019-09-17 11:31:12 +02:00 committed by GitHub
commit 6a145d027e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 80 additions and 81 deletions

View file

@ -170,7 +170,7 @@ def test_create_new_project(self):
developer_tool.create_new_project(project_name, metadata_directory,
location_in_repository, targets_directory, project_key)
except (OSError, securesystemslib.exceptions.RepositoryError):
except (OSError, tuf.exceptions.RepositoryError):
pass
developer_tool.METADATA_DIRECTORY_NAME = valid_metadata_directory_name

View file

@ -132,12 +132,12 @@ def test_clear_keydb(self):
keyid = KEYS[0]['keyid']
repository_name = 'example_repository'
tuf.keydb.create_keydb(repository_name)
self.assertRaises(securesystemslib.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid, repository_name)
self.assertRaises(tuf.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid, repository_name)
tuf.keydb.add_key(rsakey, keyid, repository_name)
self.assertEqual(rsakey, tuf.keydb.get_key(keyid, repository_name))
tuf.keydb.clear_keydb(repository_name)
self.assertRaises(securesystemslib.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid, repository_name)
self.assertRaises(tuf.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid, repository_name)
# Remove 'repository_name' from the key database to revert it back to its
# original, default state (i.e., only the 'default' repository exists).
@ -169,7 +169,7 @@ def test_get_key(self):
# Test condition using a 'keyid' that has not been added yet.
keyid3 = KEYS[2]['keyid']
self.assertRaises(securesystemslib.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid3)
self.assertRaises(tuf.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid3)
# Test condition for a key added to a non-default repository.
repository_name = 'example_repository'
@ -183,7 +183,7 @@ def test_get_key(self):
# Verify that 'rsakey3' is added to the expected repository name.
# If not supplied, the 'default' repository name is searched.
self.assertRaises(securesystemslib.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid3)
self.assertRaises(tuf.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid3)
self.assertEqual(rsakey3, tuf.keydb.get_key(keyid3, repository_name))
# Remove the 'example_repository' so that other test functions have access
@ -231,15 +231,15 @@ def test_add_key(self):
# Test conditions using keyids that have already been added.
tuf.keydb.add_key(rsakey, keyid)
tuf.keydb.add_key(rsakey2, keyid2)
self.assertRaises(securesystemslib.exceptions.KeyAlreadyExistsError, tuf.keydb.add_key, rsakey)
self.assertRaises(securesystemslib.exceptions.KeyAlreadyExistsError, tuf.keydb.add_key, rsakey2)
self.assertRaises(tuf.exceptions.KeyAlreadyExistsError, tuf.keydb.add_key, rsakey)
self.assertRaises(tuf.exceptions.KeyAlreadyExistsError, tuf.keydb.add_key, rsakey2)
# Test condition for key added to the keydb of a non-default repository.
repository_name = 'example_repository'
tuf.keydb.create_keydb(repository_name)
self.assertRaises(securesystemslib.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid3, repository_name)
self.assertRaises(tuf.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid3, repository_name)
tuf.keydb.add_key(rsakey3, keyid3, repository_name)
self.assertRaises(securesystemslib.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid3)
self.assertRaises(tuf.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid3)
self.assertEqual(rsakey3, tuf.keydb.get_key(keyid3, repository_name))
# Test condition for key added to the keydb of a non-existent repository.
@ -268,14 +268,14 @@ def test_remove_key(self):
self.assertEqual(None, tuf.keydb.remove_key(keyid2))
# Ensure the keys were actually removed.
self.assertRaises(securesystemslib.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid)
self.assertRaises(securesystemslib.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid2)
self.assertRaises(tuf.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid)
self.assertRaises(tuf.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid2)
# Test for 'keyid' not in keydb.
self.assertRaises(securesystemslib.exceptions.UnknownKeyError, tuf.keydb.remove_key, keyid)
self.assertRaises(tuf.exceptions.UnknownKeyError, tuf.keydb.remove_key, keyid)
# Test condition for unknown key argument.
self.assertRaises(securesystemslib.exceptions.UnknownKeyError, tuf.keydb.remove_key, '1')
self.assertRaises(tuf.exceptions.UnknownKeyError, tuf.keydb.remove_key, '1')
# Test condition for removal of keys from a non-default repository.
repository_name = 'example_repository'
@ -283,7 +283,7 @@ def test_remove_key(self):
tuf.keydb.add_key(rsakey, keyid, repository_name)
self.assertRaises(securesystemslib.exceptions.InvalidNameError, tuf.keydb.remove_key, keyid, 'non-existent')
tuf.keydb.remove_key(keyid, repository_name)
self.assertRaises(securesystemslib.exceptions.UnknownKeyError, tuf.keydb.remove_key, keyid, repository_name)
self.assertRaises(tuf.exceptions.UnknownKeyError, tuf.keydb.remove_key, keyid, repository_name)
# Reset the keydb so that subsequent tests have access to the original,
# default keydb.
@ -390,8 +390,8 @@ def test_create_keydb_from_root_metadata(self):
# Ensure only 'keyid2' was added to the keydb database. 'keyid' and
# 'keyid3' should not be stored.
self.assertEqual(rsakey2, tuf.keydb.get_key(keyid2))
self.assertRaises(securesystemslib.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid)
self.assertRaises(securesystemslib.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid3)
self.assertRaises(tuf.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid)
self.assertRaises(tuf.exceptions.UnknownKeyError, tuf.keydb.get_key, keyid3)
rsakey3['keytype'] = 'rsa'

View file

@ -240,7 +240,7 @@ def test_with_tuf(self):
self.repository_updater.targets_of_role('role1')
# Verify that the specific
# 'securesystemslib.exceptions.BadVersionNumberError' exception is raised by
# 'tuf.exceptions.BadVersionNumberError' exception is raised by
# each mirror.
except tuf.exceptions.NoWorkingMirrorError as exception:
for mirror_url, mirror_error in six.iteritems(exception.mirror_errors):
@ -249,8 +249,8 @@ def test_with_tuf(self):
# Verify that 'role1.json' is the culprit.
self.assertEqual(url_file.replace('\\', '/'), mirror_url)
self.assertTrue(isinstance(mirror_error,
securesystemslib.exceptions.BadVersionNumberError))
self.assertTrue(isinstance(
mirror_error, tuf.exceptions.BadVersionNumberError))
else:
self.fail('TUF did not prevent a mix-and-match attack.')

View file

@ -866,7 +866,7 @@ def test_create_tuf_client_directory(self):
# Test invalid argument (i.e., client directory already exists.)
self.assertRaises(securesystemslib.exceptions.RepositoryError,
self.assertRaises(tuf.exceptions.RepositoryError,
repo_lib.create_tuf_client_directory, repository_directory,
client_directory)
@ -882,7 +882,7 @@ def test_create_tuf_client_directory(self):
# Creation of the '/' directory is forbidden on all supported OSs. The '/'
# argument to create_tuf_client_directory should cause it to re-raise a
# non-errno.EEXIST exception.
self.assertRaises((OSError, securesystemslib.exceptions.RepositoryError),
self.assertRaises((OSError, tuf.exceptions.RepositoryError),
repo_lib.create_tuf_client_directory, repository_directory, '/')
# Restore the metadata directory name in repo_lib.
@ -1035,7 +1035,7 @@ def test__load_top_level_metadata(self):
# Remove the required Root file and verify that an exception is raised.
os.remove(os.path.join(metadata_directory, 'root.json'))
self.assertRaises(securesystemslib.exceptions.RepositoryError,
self.assertRaises(tuf.exceptions.RepositoryError,
repo_lib._load_top_level_metadata, repository, filenames,
repository_name)

View file

@ -250,7 +250,7 @@ def test_writeall(self):
repository.status()
# Verify that status() does not raise
# 'securesystemslib.exceptions.InsufficientKeysError' if a top-level role
# 'tuf.exceptions.InsufficientKeysError' if a top-level role
# does not contain a threshold of keys.
targets_roleinfo = tuf.roledb.get_roleinfo('targets', repository_name)
old_threshold = targets_roleinfo['threshold']
@ -266,7 +266,7 @@ def test_writeall(self):
repository_name=repository_name)
# Verify that status() does not raise
# 'securesystemslib.exceptions.InsufficientKeysError' if a delegated role
# 'tuf.exceptions.InsufficientKeysError' if a delegated role
# does not contain a threshold of keys.
role1_roleinfo = tuf.roledb.get_roleinfo('role1', repository_name)
old_role1_threshold = role1_roleinfo['threshold']
@ -971,7 +971,7 @@ def test_call(self):
self.assertTrue(isinstance(targets_object('role1'), repo_tool.Targets))
# Test invalid (i.e., non-delegated) rolename argument.
self.assertRaises(securesystemslib.exceptions.UnknownRoleError, targets_object, 'unknown_role')
self.assertRaises(tuf.exceptions.UnknownRoleError, targets_object, 'unknown_role')
# Test improperly formatted argument.
self.assertRaises(securesystemslib.exceptions.FormatError, targets_object, 1)
@ -1741,7 +1741,7 @@ def test_load_repository(self):
root_filepath = os.path.join(repository_directory,
repo_tool.METADATA_STAGED_DIRECTORY_NAME, 'root.json')
os.remove(root_filepath)
self.assertRaises(securesystemslib.exceptions.RepositoryError,
self.assertRaises(tuf.exceptions.RepositoryError,
repo_tool.load_repository, repository_directory)

View file

@ -719,7 +719,7 @@ def test_3__update_metadata(self):
except tuf.exceptions.NoWorkingMirrorError as e:
for mirror_error in six.itervalues(e.mirror_errors):
assert isinstance(mirror_error, securesystemslib.exceptions.BadVersionNumberError)
assert isinstance(mirror_error, tuf.exceptions.BadVersionNumberError)
else:
self.fail(
@ -727,7 +727,7 @@ def test_3__update_metadata(self):
# Verify that the specific exception raised is correct for the previous
# case. The version number is checked, so the specific error in
# this case should be 'securesystemslib.exceptions.BadVersionNumberError'.
# this case should be 'tuf.exceptions.BadVersionNumberError'.
try:
self.repository_updater._update_metadata('targets',
DEFAULT_TARGETS_FILELENGTH,
@ -735,7 +735,7 @@ def test_3__update_metadata(self):
except tuf.exceptions.NoWorkingMirrorError as e:
for mirror_error in six.itervalues(e.mirror_errors):
assert isinstance(mirror_error, securesystemslib.exceptions.BadVersionNumberError)
assert isinstance(mirror_error, tuf.exceptions.BadVersionNumberError)
else:
self.fail(

View file

@ -963,7 +963,7 @@ def _import_delegations(self, parent_role):
key['keyid'] = key_id
tuf.keydb.add_key(key, keyid=None, repository_name=self.repository_name)
except securesystemslib.exceptions.KeyAlreadyExistsError:
except tuf.exceptions.KeyAlreadyExistsError:
pass
except (securesystemslib.exceptions.FormatError, securesystemslib.exceptions.Error):
@ -1530,7 +1530,7 @@ def _get_metadata_file(self, metadata_role, remote_filename,
# Verify that the downloaded version matches the version expected by
# the caller.
if version_downloaded != expected_version:
raise securesystemslib.exceptions.BadVersionNumberError('Downloaded'
raise tuf.exceptions.BadVersionNumberError('Downloaded'
' version number: ' + repr(version_downloaded) + '. Version'
' number MUST be: ' + repr(expected_version))

View file

@ -351,7 +351,7 @@ def status(self):
try:
_check_role_keys(delegated_role, self.repository_name)
except securesystemslib.exceptions.InsufficientKeysError:
except tuf.exceptions.InsufficientKeysError:
insufficient_keys.append(delegated_role)
continue
@ -380,7 +380,7 @@ def status(self):
try:
_check_role_keys(self.rolename, self.repository_name)
except securesystemslib.exceptions.InsufficientKeysError as e:
except tuf.exceptions.InsufficientKeysError as e:
logger.info(str(e))
return
@ -944,7 +944,7 @@ def load_project(project_directory, prefix='', new_targets_location=None,
try:
tuf.keydb.add_key(key_object, repository_name=repository_name)
except securesystemslib.exceptions.KeyAlreadyExistsError:
except tuf.exceptions.KeyAlreadyExistsError:
pass
for role in metadata_object['delegations']['roles']:

View file

@ -141,7 +141,7 @@ def create_keydb_from_root_metadata(root_metadata, repository_name='default'):
# Although keyid duplicates should *not* occur (unique dict keys), log a
# warning and continue. Howerver, 'key_dict' may have already been
# adding to the keydb elsewhere.
except securesystemslib.exceptions.KeyAlreadyExistsError as e: # pragma: no cover
except tuf.exceptions.KeyAlreadyExistsError as e: # pragma: no cover
logger.warning(e)
continue
@ -256,7 +256,7 @@ def add_key(key_dict, keyid=None, repository_name='default'):
securesystemslib.exceptions.Error, if 'keyid' does not match the keyid for 'rsakey_dict'.
securesystemslib.exceptions.KeyAlreadyExistsError, if 'rsakey_dict' is found in the key database.
tuf.exceptions.KeyAlreadyExistsError, if 'rsakey_dict' is found in the key database.
securesystemslib.exceptions.InvalidNameError, if 'repository_name' does not exist in the key
database.
@ -295,7 +295,7 @@ def add_key(key_dict, keyid=None, repository_name='default'):
# available in the key database before returning.
keyid = key_dict['keyid']
if keyid in _keydb_dict[repository_name]:
raise securesystemslib.exceptions.KeyAlreadyExistsError('Key: ' + keyid)
raise tuf.exceptions.KeyAlreadyExistsError('Key: ' + keyid)
_keydb_dict[repository_name][keyid] = copy.deepcopy(key_dict)
@ -320,7 +320,7 @@ def get_key(keyid, repository_name='default'):
<Exceptions>
securesystemslib.exceptions.FormatError, if the arguments do not have the correct format.
securesystemslib.exceptions.UnknownKeyError, if 'keyid' is not found in the keydb database.
tuf.exceptions.UnknownKeyError, if 'keyid' is not found in the keydb database.
securesystemslib.exceptions.InvalidNameError, if 'repository_name' does not exist in the key
database.
@ -351,7 +351,7 @@ def get_key(keyid, repository_name='default'):
return copy.deepcopy(_keydb_dict[repository_name][keyid])
except KeyError:
raise securesystemslib.exceptions.UnknownKeyError('Key: ' + keyid)
raise tuf.exceptions.UnknownKeyError('Key: ' + keyid)
@ -374,7 +374,7 @@ def remove_key(keyid, repository_name='default'):
<Exceptions>
securesystemslib.exceptions.FormatError, if the arguments do not have the correct format.
securesystemslib.exceptions.UnknownKeyError, if 'keyid' is not found in key database.
tuf.exceptions.UnknownKeyError, if 'keyid' is not found in key database.
securesystemslib.exceptions.InvalidNameError, if 'repository_name' does not exist in the key
database.
@ -404,7 +404,7 @@ def remove_key(keyid, repository_name='default'):
del _keydb_dict[repository_name][keyid]
else:
raise securesystemslib.exceptions.UnknownKeyError('Key: ' + keyid)
raise tuf.exceptions.UnknownKeyError('Key: ' + keyid)

View file

@ -333,12 +333,12 @@ def _check_role_keys(rolename, repository_name):
# Raise an exception for an invalid threshold of public keys.
if total_keyids < threshold:
raise securesystemslib.exceptions.InsufficientKeysError(repr(rolename) + ' role contains'
raise tuf.exceptions.InsufficientKeysError(repr(rolename) + ' role contains'
' ' + repr(total_keyids) + ' / ' + repr(threshold) + ' public keys.')
# Raise an exception for an invalid threshold of signing keys.
if total_signatures == 0 and total_signing_keys < threshold:
raise securesystemslib.exceptions.InsufficientKeysError(repr(rolename) + ' role contains'
raise tuf.exceptions.InsufficientKeysError(repr(rolename) + ' role contains'
' ' + repr(total_signing_keys) + ' / ' + repr(threshold) + ' signing keys.')
@ -369,7 +369,7 @@ def _remove_invalid_and_duplicate_signatures(signable, repository_name):
try:
key = tuf.keydb.get_key(keyid, repository_name=repository_name)
except securesystemslib.exceptions.UnknownKeyError:
except tuf.exceptions.UnknownKeyError:
signable['signatures'].remove(signature)
continue
@ -580,7 +580,7 @@ def _load_top_level_metadata(repository, top_level_filenames, repository_name):
consistent_snapshot = root_metadata['consistent_snapshot']
else:
raise securesystemslib.exceptions.RepositoryError('Cannot load the required'
raise tuf.exceptions.RepositoryError('Cannot load the required'
' root file: ' + repr(root_filename))
# Load 'timestamp.json'. A Timestamp role file without a version number is
@ -708,7 +708,7 @@ def _load_top_level_metadata(repository, top_level_filenames, repository_name):
tuf.keydb.add_key(key_object, keyid=None,
repository_name=repository_name)
except securesystemslib.exceptions.KeyAlreadyExistsError:
except tuf.exceptions.KeyAlreadyExistsError:
pass
else:
@ -1141,7 +1141,7 @@ def get_metadata_versioninfo(rolename, repository_name):
<Arguments>
rolename:
The metadata role whose versioninfo is needed. It must exist, otherwise
a 'securesystemslib.exceptions.UnknownRoleError' exception is raised.
a 'tuf.exceptions.UnknownRoleError' exception is raised.
repository_name:
The name of the repository. If not supplied, 'rolename' is added to the
@ -1151,7 +1151,7 @@ def get_metadata_versioninfo(rolename, repository_name):
securesystemslib.exceptions.FormatError, if 'rolename' is improperly
formatted.
securesystemslib.exceptions.UnknownRoleError, if 'rolename' does not exist.
tuf.exceptions.UnknownRoleError, if 'rolename' does not exist.
<Side Effects>
None.
@ -1955,7 +1955,7 @@ def _log_status_of_top_level_roles(targets_directory, metadata_directory,
try:
_check_role_keys(rolename, repository_name)
except securesystemslib.exceptions.InsufficientKeysError as e:
except tuf.exceptions.InsufficientKeysError as e:
logger.info(str(e))
# Do the top-level roles contain a valid threshold of signatures? Top-level
@ -2112,7 +2112,7 @@ def create_tuf_client_directory(repository_directory, client_directory):
securesystemslib.exceptions.FormatError, if the arguments are improperly
formatted.
securesystemslib.exceptions.RepositoryError, if the metadata directory in
tuf.exceptions.RepositoryError, if the metadata directory in
'client_directory' already exists.
<Side Effects>
@ -2153,7 +2153,7 @@ def create_tuf_client_directory(repository_directory, client_directory):
if e.errno == errno.EEXIST:
message = 'Cannot create a fresh client metadata directory: ' +\
repr(client_metadata_directory) + '. Already exists.'
raise securesystemslib.exceptions.RepositoryError(message)
raise tuf.exceptions.RepositoryError(message)
# Testing of non-errno.EEXIST exceptions have been verified on all
# supported OSs. An unexpected exception (the '/' directory exists, rather

View file

@ -665,7 +665,7 @@ def add_verification_key(self, key, expires=None):
try:
tuf.keydb.add_key(key, repository_name=self._repository_name)
except securesystemslib.exceptions.KeyAlreadyExistsError:
except tuf.exceptions.KeyAlreadyExistsError:
logger.warning('Adding a verification key that has already been used.')
keyid = key['keyid']
@ -783,7 +783,7 @@ def load_signing_key(self, key):
try:
tuf.keydb.add_key(key, repository_name=self._repository_name)
except securesystemslib.exceptions.KeyAlreadyExistsError:
except tuf.exceptions.KeyAlreadyExistsError:
tuf.keydb.remove_key(key['keyid'], self._repository_name)
tuf.keydb.add_key(key, repository_name=self._repository_name)
@ -1635,7 +1635,7 @@ def __call__(self, rolename):
securesystemslib.exceptions.FormatError, if the arguments are improperly
formatted.
securesystemslib.exceptions.UnknownRoleError, if 'rolename' has not been
tuf.exceptions.UnknownRoleError, if 'rolename' has not been
delegated by this Targets object.
<Side Effects>
@ -1655,7 +1655,7 @@ def __call__(self, rolename):
return self._delegated_roles[rolename]
else:
raise securesystemslib.exceptions.UnknownRoleError(repr(rolename) + ' has'
raise tuf.exceptions.UnknownRoleError(repr(rolename) + ' has'
' not been delegated by ' + repr(self.rolename))
@ -2168,11 +2168,11 @@ def delegate(self, rolename, public_keys, paths, threshold=1,
continue searching for targets (target files it is trusted to list but
has not yet specified) in other delegations. If 'terminating' is True
and 'updater.target()' does not find 'example_target.tar.gz' in this
role, a 'securesystemslib.exceptions.UnknownTargetError' exception
should be raised. If 'terminating' is False (default), and
'target/other_role' is also trusted with 'example_target.tar.gz' and
has listed it, updater.target() should backtrack and return the target
file specified by 'target/other_role'.
role, a 'tuf.exceptions.UnknownTargetError' exception should be raised.
If 'terminating' is False (default), and 'target/other_role' is also
trusted with 'example_target.tar.gz' and has listed it,
updater.target() should backtrack and return the target file specified
by 'target/other_role'.
list_of_targets:
A list of target filepaths that are added to 'rolename'.
@ -2754,7 +2754,7 @@ def delegations(self):
None.
<Exceptions>
securesystemslib.exceptions.UnknownRoleError, if this Targets' rolename
tuf.exceptions.UnknownRoleError, if this Targets' rolename
does not exist in 'tuf.roledb'.
<Side Effects>
@ -2893,7 +2893,7 @@ def load_repository(repository_directory, repository_name='default'):
securesystemslib.exceptions.FormatError, if 'repository_directory' or any of
the metadata files are improperly formatted.
securesystemslib.exceptions.RepositoryError, if the Root role cannot be
tuf.exceptions.RepositoryError, if the Root role cannot be
found. At a minimum, a repository must contain 'root.json'
<Side Effects>
@ -3037,7 +3037,7 @@ def load_repository(repository_directory, repository_name='default'):
tuf.keydb.add_key(key_object, keyid=None,
repository_name=repository_name)
except securesystemslib.exceptions.KeyAlreadyExistsError:
except tuf.exceptions.KeyAlreadyExistsError:
pass
return repository

View file

@ -359,7 +359,7 @@ def update_roleinfo(rolename, roleinfo, mark_role_as_dirty=True, repository_name
securesystemslib.exceptions.FormatError, if 'rolename' or 'roleinfo' does
not have the correct object format.
securesystemslib.exceptions.UnknownRoleError, if 'rolename' cannot be found
tuf.exceptions.UnknownRoleError, if 'rolename' cannot be found
in the role database.
securesystemslib.exceptions.InvalidNameError, if 'rolename' is improperly
@ -606,7 +606,7 @@ def remove_role(rolename, repository_name='default'):
securesystemslib.exceptions.FormatError, if 'rolename' does not have the
correct object format.
securesystemslib.exceptions.UnknownRoleError, if 'rolename' cannot be found
tuf.exceptions.UnknownRoleError, if 'rolename' cannot be found
in the role database.
securesystemslib.exceptions.InvalidNameError, if 'rolename' is incorrectly
@ -624,7 +624,7 @@ def remove_role(rolename, repository_name='default'):
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
# Raises securesystemslib.exceptions.FormatError,
# securesystemslib.exceptions.UnknownRoleError, or
# tuf.exceptions.UnknownRoleError, or
# securesystemslib.exceptions.InvalidNameError.
_check_rolename(rolename, repository_name)
@ -708,7 +708,7 @@ def get_roleinfo(rolename, repository_name='default'):
securesystemslib.exceptions.FormatError, if the arguments are improperly
formatted.
securesystemslib.exceptions.UnknownRoleError, if 'rolename' does not exist.
tuf.exceptions.UnknownRoleError, if 'rolename' does not exist.
securesystemslib.exceptions.InvalidNameError, if 'rolename' is incorrectly
formatted, or 'repository_name' does not exist in the role database.
@ -726,7 +726,7 @@ def get_roleinfo(rolename, repository_name='default'):
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
# Raises securesystemslib.exceptions.FormatError,
# securesystemslib.exceptions.UnknownRoleError, or
# tuf.exceptions.UnknownRoleError, or
# securesystemslib.exceptions.InvalidNameError.
_check_rolename(rolename, repository_name)
@ -761,7 +761,7 @@ def get_role_keyids(rolename, repository_name='default'):
securesystemslib.exceptions.FormatError, if the arguments do not have the
correct object format.
securesystemslib.exceptions.UnknownRoleError, if 'rolename' cannot be found
tuf.exceptions.UnknownRoleError, if 'rolename' cannot be found
in the role database.
securesystemslib.exceptions.InvalidNameError, if 'rolename' is incorrectly
@ -779,7 +779,7 @@ def get_role_keyids(rolename, repository_name='default'):
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
# Raises securesystemslib.exceptions.FormatError,
# securesystemslib.exceptions.UnknownRoleError, or
# tuf.exceptions.UnknownRoleError, or
# securesystemslib.exceptions.InvalidNameError.
_check_rolename(rolename, repository_name)
@ -831,7 +831,7 @@ def get_role_threshold(rolename, repository_name='default'):
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
# Raises securesystemslib.exceptions.FormatError,
# securesystemslib.exceptions.UnknownRoleError, or
# tuf.exceptions.UnknownRoleError, or
# securesystemslib.exceptions.InvalidNameError.
_check_rolename(rolename, repository_name)
@ -864,7 +864,7 @@ def get_role_paths(rolename, repository_name='default'):
securesystemslib.exceptions.FormatError, if the arguments do not have the
correct object format.
securesystemslib.exceptions.UnknownRoleError, if 'rolename' cannot be found
tuf.exceptions.UnknownRoleError, if 'rolename' cannot be found
in the role database.
securesystemslib.exceptions.InvalidNameError, if 'rolename' is incorrectly
@ -882,7 +882,7 @@ def get_role_paths(rolename, repository_name='default'):
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
# Raises securesystemslib.exceptions.FormatError,
# securesystemslib.exceptions.UnknownRoleError, or
# tuf.exceptions.UnknownRoleError, or
# securesystemslib.exceptions.InvalidNameError.
_check_rolename(rolename, repository_name)
@ -922,7 +922,7 @@ def get_delegated_rolenames(rolename, repository_name='default'):
securesystemslib.exceptions.FormatError, if the arguments do not have the
correct object format.
securesystemslib.exceptions.UnknownRoleError, if 'rolename' cannot be found
tuf.exceptions.UnknownRoleError, if 'rolename' cannot be found
in the role database.
securesystemslib.exceptions.InvalidNameError, if 'rolename' is incorrectly
@ -942,7 +942,7 @@ def get_delegated_rolenames(rolename, repository_name='default'):
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
# Raises securesystemslib.exceptions.FormatError,
# securesystemslib.exceptions.UnknownRoleError, or
# tuf.exceptions.UnknownRoleError, or
# securesystemslib.exceptions.InvalidNameError.
_check_rolename(rolename, repository_name)
@ -1019,7 +1019,7 @@ def clear_roledb(repository_name='default', clear_all=False):
def _check_rolename(rolename, repository_name='default'):
""" Raise securesystemslib.exceptions.FormatError if 'rolename' does not match
'tuf.formats.ROLENAME_SCHEMA',
securesystemslib.exceptions.UnknownRoleError if 'rolename' is not found in the
tuf.exceptions.UnknownRoleError if 'rolename' is not found in the
role database, or securesystemslib.exceptions.InvalidNameError if
'repository_name' does not exist in the role database.
"""

View file

@ -169,7 +169,7 @@ def get_signature_status(signable, role=None, repository_name='default',
try:
key = tuf.keydb.get_key(keyid, repository_name)
except securesystemslib.exceptions.UnknownKeyError:
except tuf.exceptions.UnknownKeyError:
unknown_sigs.append(keyid)
continue
@ -208,8 +208,7 @@ def get_signature_status(signable, role=None, repository_name='default',
bad_sigs.append(keyid)
# Retrieve the threshold value for 'role'. Raise
# securesystemslib.exceptions.UnknownRoleError if we were given an invalid
# role.
# tuf.exceptions.UnknownRoleError if we were given an invalid role.
if role is not None:
if threshold is None:
# Note that if the role is not known, tuf.exceptions.UnknownRoleError is
@ -267,7 +266,7 @@ def verify(signable, role, repository_name='default', threshold=None,
in tuf.roledb.py for 'role'.
<Exceptions>
securesystemslib.exceptions.UnknownRoleError, if 'role' is not recognized.
tuf.exceptions.UnknownRoleError, if 'role' is not recognized.
securesystemslib.exceptions.FormatError, if 'signable' is not formatted
correctly.
@ -288,7 +287,7 @@ def verify(signable, role, repository_name='default', threshold=None,
securesystemslib.formats.NAME_SCHEMA.check_match(repository_name)
# Retrieve the signature status. tuf.sig.get_signature_status() raises:
# securesystemslib.exceptions.UnknownRoleError
# tuf.exceptions.UnknownRoleError
# securesystemslib.exceptions.FormatError. 'threshold' and 'keyids' are also
# validated.
status = get_signature_status(signable, role, repository_name, threshold, keyids)