Merge pull request #1449 from MVrachev/key-validation

Metadata API: Add Key attributes types validation
2026-05-24 10:08:28 +00:00 · 2021-06-16 19:55:34 +03:00 · 2021-06-16 19:55:34 +03:00 · fa2268df5a
commit fa2268df5a
parent 25e5f304ee a9dc24adea
2 changed files with 6 additions and 3 deletions
--- a/tests/test_api.py
+++ b/tests/test_api.py
@ -382,7 +382,7 @@ def test_key_class(self):
                    Key.from_dict("id", test_key_dict)
            # Test creating a Key instance with wrong keyval format.
            key_dict["keyval"] = {}
-            with self.assertRaises(ValueError):
+            with self.assertRaises(KeyError):
                Key.from_dict("id", key_dict)


--- a/tuf/api/metadata.py
+++ b/tuf/api/metadata.py
@ -394,6 +394,8 @@ def bump_version(self) -> None:

 class Key:
    """A container class representing the public portion of a Key.
+    Please note that "Key" instances are not semanticly validated during
+    initialization. We consider this as responsibility of securesystemslib.

    Attributes:
        keyid: An identifier string that must uniquely identify a key within
@ -416,8 +418,9 @@ def __init__(
        keyval: Dict[str, str],
        unrecognized_fields: Optional[Mapping[str, Any]] = None,
    ) -> None:
-        if not keyval.get("public"):
-            raise ValueError("keyval doesn't follow the specification format!")
+        val = keyval["public"]
+        if not all(isinstance(at, str) for at in [keyid, keytype, scheme, val]):
+            raise ValueError("Unexpected Key attributes types!")
        self.keyid = keyid
        self.keytype = keytype
        self.scheme = scheme