Move nonunique sigs test to serialization tests

Move the duplicating signatures tests from test_metadata_base function in test_api.py into test_metadata_serialization.py. This is a more logical place to store this test case as test_metadata_base is actually focused on testing Metadata.signed.is_expired. That also is the reason why I renamed test_metadata_base to test_metadata_signed_is_expired. Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2026-05-24 10:08:28 +00:00 · 2022-01-28 20:03:20 +02:00 · 2022-01-28 20:03:20 +02:00 · cd34793b0a
commit cd34793b0a
parent d2a840f8e1
2 changed files with 7 additions and 10 deletions
--- a/tests/test_api.py
+++ b/tests/test_api.py
@ -276,7 +276,7 @@ def test_verify_failures(self) -> None:
            timestamp_key.verify_signature(md_obj)
        sig.signature = correct_sig

-    def test_metadata_base(self) -> None:
+    def test_metadata_signed_is_expired(self) -> None:
        # Use of Snapshot is arbitrary, we're just testing the base class
        # features with real data
        snapshot_path = os.path.join(self.repo_dir, "metadata", "snapshot.json")
@ -303,14 +303,6 @@ def test_metadata_base(self) -> None:
        self.assertFalse(is_expired)
        md.signed.expires = expires

-        # Test deserializing metadata with non-unique signatures:
-        data = md.to_dict()
-        data["signatures"].append(
-            {"keyid": data["signatures"][0]["keyid"], "sig": "foo"}
-        )
-        with self.assertRaises(ValueError):
-            Metadata.from_dict(data)
-
    def test_metadata_verify_delegate(self) -> None:
        root_path = os.path.join(self.repo_dir, "metadata", "root.json")
        root = Metadata[Root].from_file(root_path)
--- a/tests/test_metadata_serialization.py
+++ b/tests/test_metadata_serialization.py
@ -42,11 +42,16 @@ class TestSerialization(unittest.TestCase):
            { "_type": "timestamp", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \
            "meta": {"snapshot.json": {"hashes": {"sha256" : "abc"}, "version": 1}}} \
        }',
+        "non unique duplicating signatures": b'{"signed": \
+                { "_type": "timestamp", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \
+                "meta": {"snapshot.json": {"hashes": {"sha256" : "abc"}, "version": 1}}}, \
+            "signatures": [{"keyid": "id", "sig": "b"}, {"keyid": "id", "sig": "b"}] \
+        }',
    }

    @utils.run_sub_tests_with_dataset(invalid_metadata)
    def test_invalid_metadata_serialization(self, test_data: bytes) -> None:
-        # We expect a DeserializationError reraised from KeyError.
+        # We expect a DeserializationError reraised from ValueError or KeyError.
        with self.assertRaises(DeserializationError):
            Metadata.from_bytes(test_data)