diff --git a/securesystemslib/__init__.py b/securesystemslib/__init__.py index a8daf5ba..61744dab 100755 --- a/securesystemslib/__init__.py +++ b/securesystemslib/__init__.py @@ -12,10 +12,3 @@ logger = logging.getLogger(__name__) logger.setLevel(logging.WARNING) logger.addHandler(logging.StreamHandler()) - - -# Global constants -# TODO: Replace hard-coded key types with these constants (and add more) -KEY_TYPE_RSA = "rsa" -KEY_TYPE_ED25519 = "ed25519" -KEY_TYPE_ECDSA = "ecdsa" diff --git a/securesystemslib/signer/_hsm_signer.py b/securesystemslib/signer/_hsm_signer.py index 7c3b52ec..9318840a 100644 --- a/securesystemslib/signer/_hsm_signer.py +++ b/securesystemslib/signer/_hsm_signer.py @@ -10,7 +10,6 @@ from typing import Dict, Iterator, List, Optional, Tuple from urllib import parse -from securesystemslib import KEY_TYPE_ECDSA from securesystemslib.exceptions import UnsupportedLibraryError from securesystemslib.hash import digest from securesystemslib.signer._key import Key, SSlibKey @@ -18,6 +17,8 @@ from securesystemslib.signer._signer import SecretsHandler, Signer from securesystemslib.signer._utils import compute_default_keyid +_KEY_TYPE_ECDSA = "ecdsa" + # pylint: disable=wrong-import-position CRYPTO_IMPORT_ERROR = None try: @@ -217,11 +218,13 @@ def _find_key( ] ) if not keys: - raise ValueError(f"could not find {KEY_TYPE_ECDSA} key for {keyid}") + raise ValueError( + f"could not find {_KEY_TYPE_ECDSA} key for {keyid}" + ) if len(keys) > 1: raise ValueError( - f"found more than one {KEY_TYPE_ECDSA} key for {keyid}" + f"found more than one {_KEY_TYPE_ECDSA} key for {keyid}" ) return keys[0] @@ -327,8 +330,8 @@ def import_( keyval = {"public": public_pem} scheme = _SCHEME_FOR_CURVE[curve] - keyid = compute_default_keyid(KEY_TYPE_ECDSA, scheme, keyval) - key = SSlibKey(keyid, KEY_TYPE_ECDSA, scheme, keyval) + keyid = compute_default_keyid(_KEY_TYPE_ECDSA, scheme, keyval) + key = SSlibKey(keyid, _KEY_TYPE_ECDSA, scheme, keyval) return uri, key