Minor fixes for key expiry and loading an rsa key in a test module

2026-05-24 10:08:28 +00:00 · 2016-06-17 16:05:25 -04:00 · 2016-06-17 16:05:25 -04:00 · 80ade8f201
commit 80ade8f201
parent 13bf2de347
2 changed files with 13 additions and 13 deletions
--- a/tests/test_repository_lib.py
+++ b/tests/test_repository_lib.py
@ -655,7 +655,7 @@ def test_sign_metadata(self):

    root_private_keypath = os.path.join(keystore_path, 'root_key')
    root_private_key = \
-      repo_lib.import_ed25519_privatekey_from_file(root_private_keypath, 'password')
+      repo_lib.import_rsa_privatekey_from_file(root_private_keypath, 'password')
    
    # Sign with a valid, but not a threshold, key.
    targets_private_keypath = os.path.join(keystore_path, 'targets_key')
@ -834,9 +834,9 @@ def test__remove_invalid_and_duplicate_signatures(self):
    # Remove duplicate PSS signatures (same key generates valid, but different
    # signatures).  First load a valid signable (in this case, the root role).
    root_filepath = os.path.join('repository_data', 'repository',
-                                 'metadata', 'root.json')
+                                 'metadata', 'snapshot.json')
    root_signable = tuf.util.load_json_file(root_filepath)
-    key_filepath = os.path.join('repository_data', 'keystore', 'root_key')
+    key_filepath = os.path.join('repository_data', 'keystore', 'snapshot_key')
    root_rsa_key = repo_lib.import_ed25519_privatekey_from_file(key_filepath,
                                                            'password')

--- a/tuf/repository_tool.py
+++ b/tuf/repository_tool.py
@ -541,8 +541,7 @@ def add_verification_key(self, key, expires=None):
    <Exceptions>
      tuf.FormatError, if any of the arguments are improperly formatted.

-      tuf.Error, if the 'expires' datetime has already expired or the current
-      role's rolename is not recognized.
+      tuf.Error, if the 'expires' datetime has already expired.

    <Side Effects>
      The role's entries in 'tuf.keydb.py' and 'tuf.roledb.py' are updated.
@ -562,29 +561,30 @@ def add_verification_key(self, key, expires=None):
    # 1 year, 3 months, 1 week, and 1 day from the current time, respectively.
    if expires is None:
      if self.rolename == 'root':
-        expiration = \
+        expires = \
          tuf.formats.unix_timestamp_to_datetime(int(time.time() + ROOT_EXPIRATION))
      
      elif self.rolename == 'Targets':
-        expiration = \
+        expires = \
          tuf.formats.unix_timestamp_to_datetime(int(time.time() + TARGETS_EXPIRATION))
      
      elif self.rolename == 'Snapshot':
-        expiration = \
+        expires = \
          tuf.formats.unix_timestamp_to_datetime(int(time.time() + SNAPSHOT_EXPIRATION))
  
      elif self.rolename == 'Timestamp':
-        expiration = \
+        expires = \
          tuf.formats.unix_timestamp_to_datetime(int(time.time() + TIMESTAMP_EXPIRATION))

      else:
-        tuf.Error('The current role\'s rolename is not recognized.')
+        expires = \
+          tuf.formats.unix_timestamp_to_datetime(int(time.time() + TIMESTAMP_EXPIRATION))
    
-      expires = expiration.isoformat() + 'Z'
-     
    # Is 'expires' a datetime.datetime() object?
    # Raise 'tuf.FormatError' if not.
    if not isinstance(expires, datetime.datetime):
+      print('expires: ' + repr(expires))
+      print('rolename: ' + repr(self.rolename))
      raise tuf.FormatError(repr(expires) + ' is not a'
        ' datetime.datetime() object.') 

@ -600,7 +600,7 @@ def add_verification_key(self, key, expires=None):
      raise tuf.Error(repr(key) + ' has already expired.')
   
    # Update the key's 'expires' entry.
-    expires = datetime_object.isoformat() + 'Z'
+    expires = expires.isoformat() + 'Z'
    key['expires'] = expires 

    # Ensure 'key', which should contain the public portion, is added to