Commits on Mar 31, 2023

1. signer: move _get_keyid staticmethod to Signer …

   This method can be used prior to creating a Key instance, in order
   to generate a default keyid, which is a required Key argument.
   Since this currently mostly happens in the import_ methods of
   different Signer implementations, it feels right to implement this
   on the Signer base class. But other places would be okay too.
   
   Note that the computed keyids are different from
   ``securesystemslib.keys._get_keyid()``, which includes a legacy
   field when producing the hash.
   
   Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>

   

   lukpueh committed Mar 31, 2023
   Configuration menu

   • View commit details
   • Copy full SHA for 6c29cae
   • Browse repository at this point

   Copy the full SHA

   6c29cae View commit details

   Browse the repository at this point in the history

2. signer: use new _get_keyid in gcp and hsm signers …

   The import_ method of GCPSigner and HSMSigner used to assign
   a default keyid to the imported key, computed with the legacy
   _get_keyid function, which does overly complicated and
   intransparent mangling of the input data.
   
   This commit uses a new simple _get_keyid helper on the Signer base
   class.
   
   NOTE: keyid computation is not public API, and verification of
   existing signatures with existing keys is not affected. If this
   does disrupt existing users, who expect a certain value of a given
   key, I'd rather annoy them now, where the signer API is still
   experimental.
   
   Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>

   

   lukpueh committed Mar 31, 2023
   Configuration menu

   • View commit details
   • Copy full SHA for 7400ed7
   • Browse repository at this point

   Copy the full SHA

   7400ed7 View commit details

   Browse the repository at this point in the history