Skip to content

Commit

Permalink
test: minor test fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@renatav
renatav committed Jan 29, 2025
1 parent f56d466 commit 00d8f34
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 9 deletions.
4 changes: 2 additions & 2 deletions taf/tests/test_updater/conftest.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -748,11 +748,11 @@ def update_role_metadata_without_signing(


def update_target_repo_without_committing(
pin_manager, target_repos: list, target_name: str
target_repos: list, target_name: str
):
for target_repo in target_repos:
if target_name in target_repo.name:
update_target_repository(pin_manager, target_repo)
update_target_repository(target_repo, "Update target files")


def update_timestamp_metadata_invalid_signature(
Expand Down
11 changes: 8 additions & 3 deletions taf/tests/tuf/test_keys/test_yk.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,13 +38,18 @@ def is_yubikey_manager_installed():
)
def test_fake_yk(mocker):
"""Test public key export and signing with fake Yubikey."""
mocker.patch("taf.yubikey.export_piv_pub_key", return_value=_PUB)
mocker.patch("taf.yubikey.sign_piv_rsa_pkcs1v15", return_value=_SIG)
mocker.patch("taf.yubikey.yubikey.export_piv_pub_key", return_value=_PUB)
mocker.patch("taf.yubikey.yubikey.sign_piv_rsa_pkcs1v15", return_value=_SIG)
mocker.patch("taf.yubikey.yubikey.verify_yk_inserted", return_value=True)

from taf.tuf.keys import YkSigner

key = YkSigner.import_()
signer = YkSigner(key, lambda sec: None)

def _secrets_handler(key_name):
return "123456"

signer = YkSigner(key, "1234", _secrets_handler, "test")

sig = signer.sign(_DATA)
key.verify_signature(sig, _DATA)
Expand Down
5 changes: 3 additions & 2 deletions taf/tests/tuf/test_query_repo/test_query_repo.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -219,7 +219,8 @@ def test_get_key_length_and_scheme_from_metadata(tuf_repo_with_delegations):
actual = tuf_repo_with_delegations.get_key_length_and_scheme_from_metadata(
"root", keyid
)
key, scheme = actual
pem, key, scheme = actual
assert pem is not None
assert key is not None
assert scheme == "rsa-pkcs1v15-sha256"

Expand Down Expand Up @@ -264,7 +265,7 @@ def test_generate_roles_description(tuf_repo_with_delegations):
def test_sort_roles_targets_for_filenames(tuf_repo_with_delegations):
actual = tuf_repo_with_delegations.sort_roles_targets_for_filenames()
assert actual["targets"] == ["test1", "test2"]
assert actual["delegated_role"] == ["dir1/path1", "dir2/path1"]
assert set(actual["delegated_role"]) == set(["dir1/path1", "dir2/path1"])
assert actual["inner_role"] == ["dir2/path2"]


Expand Down
11 changes: 9 additions & 2 deletions taf/tuf/keys.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -221,8 +221,15 @@ def import_(cls) -> SSlibKey:
See e.g. `self.from_priv_key_uri` and other `import_` methods on
securesystemslib signers, e.g. `HSMSigner.import_`.
"""
# if multiple keys are inserted, we need to know from which one the key should be imported
raise NotImplementedError
# if multiple keys are inserted, we need to know from which key should be imported
# TODO
# only used for testing purposes now
from taf.yubikey.yubikey import export_piv_pub_key

pem = export_piv_pub_key()
pub = load_pem_public_key(pem)
return _from_crypto(pub)


def sign(self, payload: bytes) -> Signature:
pin = self._pin_handler(self._SECRET_PROMPT)
Expand Down

0 comments on commit 00d8f34

Please sign in to comment.