From d45d65521b507e5a015494eae4db3d0d4f3222fe Mon Sep 17 00:00:00 2001 From: Lukas Puehringer Date: Wed, 16 Aug 2023 16:36:27 +0200 Subject: [PATCH] tests: adopt sslib changes in test_sign_failures fixes #2444 SSlibSigner was changed recently (secure-stystems-lab/securesystemslib#604) to fail on bad input data (keydict) at init instead of when signing. The patched test used to trigger expects a Signer.sign error from an SSlibSigner, which is no longer possible. To still get the desired error, the test uses a custom signer, which does raise on sign. Signed-off-by: Lukas Puehringer --- tests/test_api.py | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/tests/test_api.py b/tests/test_api.py index 14ae12c973..5e1a99e3dc 100755 --- a/tests/test_api.py +++ b/tests/test_api.py @@ -15,7 +15,7 @@ import unittest from copy import copy from datetime import datetime, timedelta -from typing import Any, ClassVar, Dict +from typing import Any, ClassVar, Dict, Optional from securesystemslib import exceptions as sslib_exceptions from securesystemslib import hash as sslib_hash @@ -24,7 +24,12 @@ import_ed25519_publickey_from_file, ) from securesystemslib.keys import generate_ed25519_key -from securesystemslib.signer import SSlibKey, SSlibSigner +from securesystemslib.signer import ( + SecretsHandler, + Signer, + SSlibKey, + SSlibSigner, +) from tests import utils from tuf.api import exceptions @@ -234,16 +239,27 @@ def test_sign_verify(self) -> None: def test_sign_failures(self) -> None: # Test throwing UnsignedMetadataError because of signing problems - # related to bad information in the signer. md = Metadata.from_file( os.path.join(self.repo_dir, "metadata", "snapshot.json") ) - key_dict = copy(self.keystore[Snapshot.type]) - key_dict["keytype"] = "rsa" - key_dict["scheme"] = "bad_scheme" - sslib_signer = SSlibSigner(key_dict) + + class FailingSigner(Signer): # pylint: disable=missing-class-docstring + @classmethod + def from_priv_key_uri( + cls, + priv_key_uri: str, + public_key: Key, + secrets_handler: Optional[SecretsHandler] = None, + ) -> "Signer": + pass + + def sign(self, payload: bytes) -> Signature: + raise RuntimeError("signing failed") + + failing_signer = FailingSigner() + with self.assertRaises(exceptions.UnsignedMetadataError): - md.sign(sslib_signer) + md.sign(failing_signer) def test_key_verify_failures(self) -> None: root_path = os.path.join(self.repo_dir, "metadata", "root.json")