diff --git a/securesystemslib/keys.py b/securesystemslib/keys.py index 9effb5de..1e7f11a9 100755 --- a/securesystemslib/keys.py +++ b/securesystemslib/keys.py @@ -798,11 +798,9 @@ def create_signature(key_dict, data): public, private, data, scheme) elif keytype == 'spx': - public = binascii.unhexlify(public.encode('utf-8')) private = binascii.unhexlify(private.encode('utf-8')) - sig, scheme = securesystemslib.spx_keys.create_signature(public, - private, data.encode('utf-8'), scheme) - + sig, scheme = securesystemslib.spx_keys.create_signature(private, + data.encode('utf-8'), scheme) elif keytype == 'ecdsa-sha2-nistp256': sig, scheme = securesystemslib.ecdsa_keys.create_signature( diff --git a/securesystemslib/spx_keys.py b/securesystemslib/spx_keys.py index 66c02272..f8695d9a 100755 --- a/securesystemslib/spx_keys.py +++ b/securesystemslib/spx_keys.py @@ -114,7 +114,7 @@ def generate_public_and_private(): -def create_signature(public_key, private_key, data, scheme): +def create_signature(private_key, data, scheme): """ Return a (signature, scheme) tuple, where the signature scheme is 'spx' @@ -125,22 +125,19 @@ def create_signature(public_key, private_key, data, scheme): >>> data = b'The quick brown fox jumps over the lazy dog' >>> scheme = 'spx' >>> signature, scheme = \ - create_signature(public, private, data, scheme) + create_signature(private, data, scheme) >>> SPX_SIG_BYTES_SCHEMA.matches(signature) True >>> scheme == 'spx' True >>> signature, scheme = \ - create_signature(public, private, data, scheme) + create_signature(private, data, scheme) >>> SPX_SIG_BYTES_SCHEMA.matches(signature) True >>> scheme == 'spx' True - public: - The spx public key, a simple byte string - private: The spx private key, a simple byte string @@ -163,13 +160,9 @@ def create_signature(public_key, private_key, data, scheme): A signature dictionary conformat to 'securesystemslib.format.SIGNATURE_SCHEMA'. """ # Validate arguments - SPX_PUBLIC_BYTES_SCHEMA.check_match(public_key) SPX_PRIVATE_BYTES_SCHEMA.check_match(private_key) securesystemslib.formats.SPX_SIG_SCHEMA.check_match(scheme) - # Signing the 'data' object requires a seed and public key. - # spx.signing.SigningKey.sign() generates the signature. - public = public_key private = private_key signature = None diff --git a/tests/test_spx_keys.py b/tests/test_spx_keys.py index 9f89111e..f0893738 100755 --- a/tests/test_spx_keys.py +++ b/tests/test_spx_keys.py @@ -54,11 +54,10 @@ def test_generate_public_and_private(self): def test_create_signature(self): - global public global private data = b'The quick brown fox jumps over the lazy dog' scheme = 'spx' - signature, scheme = securesystemslib.spx_keys.create_signature(public, + signature, scheme = securesystemslib.spx_keys.create_signature( private, data, scheme) # Verify format of returned values. @@ -70,16 +69,12 @@ def test_create_signature(self): # Check for improperly formatted argument. self.assertRaises(securesystemslib.exceptions.FormatError, - securesystemslib.spx_keys.create_signature, 123, private, data, - scheme) - - self.assertRaises(securesystemslib.exceptions.FormatError, - securesystemslib.spx_keys.create_signature, public, 123, data, + securesystemslib.spx_keys.create_signature, 123, data, scheme) # Check for invalid 'data'. self.assertRaises(securesystemslib.exceptions.CryptoError, - securesystemslib.spx_keys.create_signature, public, private, 123, + securesystemslib.spx_keys.create_signature, private, 123, scheme) @@ -88,8 +83,8 @@ def test_verify_signature(self): global private data = b'The quick brown fox jumps over the lazy dog' scheme = 'spx' - signature, scheme = securesystemslib.spx_keys.create_signature(public, - private, data, scheme) + signature, scheme = securesystemslib.spx_keys.create_signature(private, + data, scheme) valid_signature = securesystemslib.spx_keys.verify_signature(public, scheme, signature, data) @@ -132,7 +127,7 @@ def test_verify_signature(self): # Generated signature created with different data. new_signature, scheme = securesystemslib.spx_keys.create_signature( - public, private, b'mismatched data', scheme) + private, b'mismatched data', scheme) self.assertEqual(False, securesystemslib.spx_keys.verify_signature( public, scheme, new_signature, data))