Update documentation and lint fix

Updates documentation of verify method in Envelope, add a little more detail over returns section. Fix linting issue. Signed-off-by: Pradyumna Krishna <[email protected]>
secure-systems-lab · Mar 3, 2023 · c847f32 · c847f32
1 parent 1ecb06b
commit c847f32
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 7 deletions.
diff --git a/securesystemslib/dsse.py b/securesystemslib/dsse.py
@@ -5,7 +5,7 @@
 from typing import Any, Dict, List
 
 from securesystemslib import exceptions
-from securesystemslib._internal.utils import b64enc, b64dec
+from securesystemslib._internal.utils import b64dec, b64enc
 from securesystemslib.signer import Key, Signature, Signer
 
 logger = logging.getLogger(__name__)
@@ -103,6 +103,9 @@ def sign(self, signer: Signer) -> Signature:
     def verify(self, keys: List[Key], threshold: int) -> Dict[str, Key]:
         """Verify the payload with the provided Keys.
 
+        NOTE: This API is experimental and might change (see 
+        secure-systems-lab/dsse#55)
+
         Arguments:
             keys: A list of public keys to verify the signatures.
             threshold: Number of signatures needed to pass the verification.
@@ -118,7 +121,8 @@ def verify(self, keys: List[Key], threshold: int) -> Dict[str, Key]:
             compliant (Issue #416).
 
         Returns:
-            accepted_keys: A dict of unique public keys.
+            A dict of the threshold of unique public keys that verified a
+            signature.
         """
 
         accepted_keys = {}
@@ -143,10 +147,9 @@ def verify(self, keys: List[Key], threshold: int) -> Dict[str, Key]:
                     accepted_keys[key.keyid] = key
                     break
                 except exceptions.UnverifiedSignatureError:
-                    # TODO: Log, Raise or continue with error?
                     continue
 
-            # Break, if amount of recognized_signer are more than threshold.
+            # Break, if amount of accepted_keys are more than threshold.
             if len(accepted_keys) >= threshold:
                 break
 

diff --git a/securesystemslib/util.py b/securesystemslib/util.py
@@ -17,8 +17,6 @@
   that tries to import a working json module, load_json_* functions, etc.
 """
 
-import base64
-import binascii
 import json
 import logging
 import os

diff --git a/tests/test_dsse.py b/tests/test_dsse.py
@@ -6,12 +6,12 @@
 import unittest
 
 import securesystemslib.keys as KEYS
+from securesystemslib.dsse import Envelope
 from securesystemslib.exceptions import (
     FormatError,
     UnsupportedAlgorithmError,
     VerificationError,
 )
-from securesystemslib.dsse import Envelope
 from securesystemslib.signer import Signature, SSlibKey, SSlibSigner