From e1debf8ea9a90141224f0dbc6ceea86f22b66479 Mon Sep 17 00:00:00 2001 From: Vladimir Diaz Date: Wed, 21 Sep 2016 09:17:37 -0400 Subject: [PATCH] Improve code coverage for repository_tool.py --- tests/test_repository_tool.py | 54 +++++++++++++++++++++++++++++++++-- tuf/repository_tool.py | 3 ++ 2 files changed, 55 insertions(+), 2 deletions(-) diff --git a/tests/test_repository_tool.py b/tests/test_repository_tool.py index 7cce836c..98ab0500 100755 --- a/tests/test_repository_tool.py +++ b/tests/test_repository_tool.py @@ -554,7 +554,7 @@ def test_compressions(self): def test_add_verification_key(self): - # Add verification key and verify with keys() that it was added. + # Add verification key and verify that it was added via (role).keys. key_path = os.path.join('repository_data', 'keystore', 'snapshot_key.pub') key_object = repo_tool.import_ed25519_publickey_from_file(key_path) @@ -562,10 +562,42 @@ def test_add_verification_key(self): keyid = key_object['keyid'] self.assertEqual([keyid], self.metadata.keys) + + expiration = \ + tuf.formats.unix_timestamp_to_datetime(int(time.time() + 86400)) + expiration = expiration.isoformat() + 'Z' + roleinfo = {'keyids': [], 'signing_keyids': [], 'threshold': 1, + 'signatures': [], 'version': 0, + 'consistent_snapshot': False, + 'compressions': [''], 'expires': expiration, + 'partial_loaded': False} + + tuf.roledb.add_role('Root', roleinfo) + tuf.roledb.add_role('Targets', roleinfo) + tuf.roledb.add_role('Snapshot', roleinfo) + tuf.roledb.add_role('Timestamp', roleinfo) + + # Test for different top-level role names. + self.metadata._rolename = 'Targets' + self.metadata.add_verification_key(key_object) + self.metadata._rolename = 'Snapshot' + self.metadata.add_verification_key(key_object) + self.metadata._rolename = 'Timestamp' + self.metadata.add_verification_key(key_object) + # Test for a given 'expires' argument. + expires = datetime.datetime(2030, 1, 1, 12, 0) + self.metadata.add_verification_key(key_object, expires) + + # Test for an expired 'expires'. + expired = datetime.datetime(1984, 1, 1, 12, 0) + self.assertRaises(tuf.Error, + self.metadata.add_verification_key, key_object, expired) + # Test improperly formatted key argument. self.assertRaises(tuf.FormatError, self.metadata.add_verification_key, 3) + self.assertRaises(tuf.FormatError, self.metadata.add_verification_key, key_object, 3) @@ -662,13 +694,22 @@ def test_add_signature(self): root_signable = tuf.util.load_json_file(root_filepath) signatures = root_signable['signatures'] - # Add the first signature from the list, as only need one is needed. + # Add the first signature from the list, as only one is needed. self.metadata.add_signature(signatures[0]) self.assertEqual(signatures, self.metadata.signatures) + # Verify that a signature is added if a 'signatures' entry is not present. + tuf.roledb.create_roledb_from_root_metadata(root_signable['signed']) + del tuf.roledb._roledb_dict['default']['root']['signatures'] + self.metadata._rolename = 'root' + self.metadata.add_signature(signatures[0]) + + # Add a duplicate signature. + self.metadata.add_signature(signatures[0]) # Test improperly formatted signature argument. self.assertRaises(tuf.FormatError, self.metadata.add_signature, 3) + self.assertRaises(tuf.FormatError, self.metadata.add_signature, signatures[0], 3) @@ -1536,6 +1577,15 @@ def test_load_repository(self): + def test_dirty_roles(self): + original_repository_directory = os.path.join('repository_data', + 'repository') + repository = repo_tool.load_repository(original_repository_directory) + + # dirty_roles() only logs the list of dirty roles. + repository.dirty_roles() + + # Run the test cases. if __name__ == '__main__': unittest.main() diff --git a/tuf/repository_tool.py b/tuf/repository_tool.py index 2f7289d9..61cb8a57 100755 --- a/tuf/repository_tool.py +++ b/tuf/repository_tool.py @@ -897,6 +897,9 @@ def add_signature(self, signature, mark_role_as_dirty=True): roleinfo['signatures'].append(signature) tuf.roledb.update_roleinfo(self.rolename, roleinfo, mark_role_as_dirty) + else: + logger.debug('Signature already exists for role: ' + repr(self.rolename)) + def remove_signature(self, signature):