From 83ac7be525b733f79a7e9bc573ec580ec835f179 Mon Sep 17 00:00:00 2001
From: Joshua Lock <jlock@vmware.com>
Date: Mon, 23 Nov 2020 16:13:51 +0000
Subject: [PATCH] client: new root sigs only counted once per keyid

When verifying newly downloaded root metadata with the keys listed in the
root metadata being verified, multiple signatures with the same keyid
should not be counted towards the threshold. A keyid should only count
once towards the threshold.

This fixes the _verify_root_self_signed() method introduced in PR #1101 to
ensure that keyids are only counted once when verifying a threshold of new
root signatures.

Signed-off-by: Joshua Lock <jlock@vmware.com>
---
 tuf/client/updater.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tuf/client/updater.py b/tuf/client/updater.py
index ccab75305b..9babe132eb 100755
--- a/tuf/client/updater.py
+++ b/tuf/client/updater.py
@@ -1385,7 +1385,7 @@ def _verify_root_self_signed(self, signable):
     signatures = signable['signatures']
     signed = securesystemslib.formats.encode_canonical(
         signable['signed']).encode('utf-8')
-    validated = 0
+    verified_sig_keyids = set()
 
     for signature in signatures:
       keyid = signature['keyid']
@@ -1403,9 +1403,9 @@ def _verify_root_self_signed(self, signable):
       valid_sig = securesystemslib.keys.verify_signature(key, signature, signed)
 
       if valid_sig:
-        validated = validated + 1
+        verified_sig_keyids.add(keyid)
 
-    if validated >= threshold:
+    if len(verified_sig_keyids) >= threshold:
       return True
     return False