mirror of
https://github.com/theupdateframework/python-tuf
synced 2026-05-24 10:08:28 +00:00
Improve code coverage for repository_lib.py
This commit is contained in:
parent
3293745d05
commit
75eb79534c
2 changed files with 18 additions and 3 deletions
|
|
@ -649,13 +649,25 @@ def test_sign_metadata(self):
|
|||
root_private_key = \
|
||||
repo_lib.import_rsa_privatekey_from_file(root_private_keypath, 'password')
|
||||
|
||||
# Sign with a valid, but not a threshold, key.
|
||||
targets_private_keypath = os.path.join(keystore_path, 'targets_key')
|
||||
targets_private_key = \
|
||||
repo_lib.import_rsa_privatekey_from_file(targets_private_keypath,
|
||||
'password')
|
||||
|
||||
# sign_metadata() expects the private key 'root_metadata' to be in
|
||||
# 'tuf.keydb'. Remove any public keys that may be loaded before
|
||||
# adding private key, otherwise a 'tuf.KeyAlreadyExists' exception is
|
||||
# raised.
|
||||
tuf.keydb.remove_key(root_private_key['keyid'])
|
||||
tuf.keydb.add_key(root_private_key)
|
||||
|
||||
tuf.keydb.remove_key(targets_private_key['keyid'])
|
||||
tuf.keydb.add_key(targets_private_key)
|
||||
|
||||
root_keyids.extend(tuf.roledb.get_role_keyids('targets'))
|
||||
# Add the snapshot's public key (to test whether non-private keys are
|
||||
# ignored by sign_metadata()).
|
||||
root_keyids.extend(tuf.roledb.get_role_keyids('snapshot'))
|
||||
root_signable = repo_lib.sign_metadata(root_metadata, root_keyids,
|
||||
root_filename)
|
||||
self.assertTrue(tuf.formats.SIGNABLE_SCHEMA.matches(root_signable))
|
||||
|
|
@ -669,7 +681,7 @@ def test_sign_metadata(self):
|
|||
self.assertRaises(tuf.FormatError, repo_lib.sign_metadata, root_metadata,
|
||||
root_keyids, 3)
|
||||
|
||||
# Test
|
||||
# Test for a key that does not contain the private portion.
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1795,11 +1795,14 @@ def sign_metadata(metadata_object, keyids, filename):
|
|||
for signature in signable['signatures']:
|
||||
if not keyid == signature['keyid']:
|
||||
signatures.append(signature)
|
||||
|
||||
else:
|
||||
continue
|
||||
signable['signatures'] = signatures
|
||||
|
||||
# Generate the signature using the appropriate signing method.
|
||||
if key['keytype'] in SUPPORTED_KEY_TYPES:
|
||||
if len(key['keyval']['private']):
|
||||
if 'private' in key['keyval']:
|
||||
signed = signable['signed']
|
||||
signature = tuf.keys.create_signature(key, signed)
|
||||
signable['signatures'].append(signature)
|
||||
|
|
|
|||
Loading…
Reference in a new issue