Merge pull request #295 from joshuagl/joshuagl/thanks-flake8

More cosmetic changes – remove unused variables, unused imports and change comparisons to None

securesystemslib/ecdsa_keys.py

@@ -490,8 +490,6 @@ def create_ecdsa_encrypted_pem(private_pem, passphrase):
   # Does 'passphrase' have the correct format?
   securesystemslib.formats.PASSWORD_SCHEMA.check_match(passphrase)
 
-  encrypted_pem = None
-
   private = load_pem_private_key(private_pem.encode('utf-8'), password=None,
     backend=default_backend())
 

securesystemslib/ed25519_keys.py

@@ -326,7 +326,7 @@ def verify_signature(public_key, scheme, signature, data):
     if NACL:
       try:
         nacl_verify_key = nacl.signing.VerifyKey(public)
-        nacl_message = nacl_verify_key.verify(data, signature)
+        nacl_verify_key.verify(data, signature)
         valid_signature = True
 
       except nacl.exceptions.BadSignatureError:
@@ -341,7 +341,7 @@ def verify_signature(public_key, scheme, signature, data):
 
       # The pure Python implementation raises 'Exception' if 'signature' is
       # invalid.
-      except Exception as e:
+      except Exception:
         pass
 
   # This is a defensive check for a valid 'scheme', which should have already

securesystemslib/gpg/common.py

@@ -354,7 +354,7 @@ def _assign_certified_key_info(bundle):
           signature["info"]["subpackets"].get(KEY_EXPIRATION_SUBPACKET)
 
       # No key expiration time, go to next certificate
-      if tmp_validity_period == None:
+      if tmp_validity_period is None:
         continue
 
       # Create shortcut to mandatory pre-parsed creation time subpacket
@@ -363,7 +363,7 @@ def _assign_certified_key_info(bundle):
       tmp_is_primary_user = \
           signature["info"]["subpackets"].get(PRIMARY_USERID_SUBPACKET)
 
-      if tmp_is_primary_user != None:
+      if tmp_is_primary_user is not None:
         tmp_is_primary_user = bool(tmp_is_primary_user[0])
 
       # If we already have a primary user certified expiration date and this
@@ -382,7 +382,7 @@ def _assign_certified_key_info(bundle):
         is_primary_user = tmp_is_primary_user
         sig_creation_time = tmp_sig_creation_time
 
-  if validity_period != None:
+  if validity_period is not None:
     bundle[PACKET_TYPE_PRIMARY_KEY]["key"]["validity_period"] = validity_period
 
   return bundle[PACKET_TYPE_PRIMARY_KEY]["key"]
@@ -477,7 +477,7 @@ def _get_verified_subkeys(bundle):
     # subkey here
     validity_period = \
         signature["info"]["subpackets"].get(KEY_EXPIRATION_SUBPACKET)
-    if validity_period != None:
+    if validity_period is not None:
       subkey["validity_period"] = struct.unpack(">I", validity_period)[0]
 
     verified_subkeys[subkey["keyid"]] = subkey

securesystemslib/gpg/eddsa.py

@@ -17,17 +17,13 @@
 
 """
 import binascii
-import struct
 import securesystemslib.exceptions
 import securesystemslib.gpg.util
 
 CRYPTO = True
 NO_CRYPTO_MSG = 'EdDSA key support for GPG requires the cryptography library'
 try:
-  import cryptography.hazmat.primitives.asymmetric.utils as pyca_utils
   import cryptography.hazmat.primitives.asymmetric.ed25519 as pyca_ed25519
-  import cryptography.hazmat.backends as pyca_backends
-  import cryptography.hazmat.primitives.hashes as pyca_hashing
   import cryptography.exceptions
 except ImportError:
   CRYPTO = False

securesystemslib/gpg/functions.py

@@ -21,8 +21,8 @@
 import securesystemslib.exceptions
 import securesystemslib.gpg.common
 import securesystemslib.gpg.exceptions
-from securesystemslib.gpg.constants import (GPG_EXPORT_PUBKEY_COMMAND,
-    GPG_SIGN_COMMAND, SIGNATURE_HANDLERS, FULLY_SUPPORTED_MIN_VERSION, SHA256,
+from securesystemslib.gpg.constants import (GPG_SIGN_COMMAND,
+    SIGNATURE_HANDLERS, FULLY_SUPPORTED_MIN_VERSION, SHA256,
     HAVE_GPG, NO_GPG_MSG)
 
 import securesystemslib.process

securesystemslib/gpg/util.py

@@ -198,12 +198,12 @@ def parse_packet_header(data, expected_type=None):
       raise securesystemslib.gpg.exceptions.PacketParsingError("Invalid old "
           "length")
 
-  if header_len == None or body_len == None: # pragma: no cover
+  if header_len is None or body_len is None: # pragma: no cover
     # Unreachable: One of above must have assigned lengths or raised error
     raise securesystemslib.gpg.exceptions.PacketParsingError("Could not "
         "determine packet length")
 
-  if expected_type != None and packet_type != expected_type:
+  if expected_type is not None and packet_type != expected_type:
     raise securesystemslib.gpg.exceptions.PacketParsingError("Expected packet "
         "{}, but got {} instead!".format(expected_type, packet_type))
 

securesystemslib/keys.py

@@ -1114,7 +1114,6 @@ def import_rsakey_from_pem(pem, scheme='rsassa-pss-sha256'):
   securesystemslib.formats.RSA_SCHEME_SCHEMA.check_match(scheme)
 
   public_pem = ''
-  private_pem = ''
 
   # Ensure the PEM string has a public or private header and footer.  Although
   # a simple validation of 'pem' is performed here, a fully valid PEM string is
@@ -1862,7 +1861,6 @@ def import_ecdsakey_from_pem(pem, scheme='ecdsa-sha2-nistp256'):
   securesystemslib.formats.ECDSA_SCHEME_SCHEMA.check_match(scheme)
 
   public_pem = ''
-  private_pem = ''
 
   # Ensure the PEM string has a public or private header and footer.  Although
   # a simple validation of 'pem' is performed here, a fully valid PEM string is

securesystemslib/rsa_keys.py

@@ -454,11 +454,6 @@ def verify_rsa_signature(signature, signature_scheme, public_key, data):
   # What about 'data'?
   securesystemslib.formats.DATA_SCHEMA.check_match(data)
 
-  # Verify whether the private key of 'public_key' produced 'signature'.
-  # Before returning the 'valid_signature' Boolean result, ensure 'RSASSA-PSS'
-  # was used as the signature scheme.
-  valid_signature = False
-
   # Verify the RSASSA-PSS signature with pyca/cryptography.
   try:
     public_key_object = serialization.load_pem_public_key(

securesystemslib/schema.py

@@ -806,7 +806,6 @@ def check_match(self, object):
       except KeyError:
         # If not an Optional schema, raise an exception.
         if not isinstance(schema, Optional):
-          message = 'Missing key ' + repr(key) + ' in ' + repr(self._object_name)
           raise securesystemslib.exceptions.FormatError(
               'Missing key ' + repr(key) + ' in ' + repr(self._object_name))
 

securesystemslib/unittest_toolbox.py

@@ -26,7 +26,6 @@
 from __future__ import unicode_literals
 
 import os
-import sys
 import shutil
 import unittest
 import tempfile