Refactor repository and developer tool API

Import some API functions from repository_lib and securesystemslib
directly into repository_tool and developer_tool, instead of
providing them via wrapper.

Also short-circuit some functions that used to point to
securesystemslib through repository_lib.

This reverts parts of 6f7ba76,
which introduced some of the wrappers to appease the linter.
Here we just disable that specific linter check (unused-import).

The advantage of importing over wrapping is:
- no duplication of hardcoded defaults for keyword arguments
- no duplication of docstrings
- less code --> easier maintenance

This should also pave the way for more serious refactoring
of the repository- and developer-tools:
#840

Signed-off-by: Lukas Puehringer <[email protected]>

tuf/developer_tool.py

@@ -53,15 +53,35 @@
 
 import six
 
-# These imports provide the interface for 'developer_tool.py', since the
-# imports are made there.
-from securesystemslib.keys import format_keyval_to_metadata
-
 from tuf.repository_tool import Targets
 from tuf.repository_lib import _check_role_keys
-from tuf.repository_lib import generate_targets_metadata
 from tuf.repository_lib import _metadata_is_partially_loaded
 
+
+# Copy API
+# pylint: disable=unused-import
+
+# Copy generic repository API functions to be used via `developer_tool`
+from tuf.repository_lib import (
+    generate_targets_metadata,
+    create_tuf_client_directory,
+    disable_console_log_messages)
+
+# Copy key-related API functions to be used via `developer_tool`
+from tuf.repository_lib import (
+    import_rsa_privatekey_from_file)
+
+from securesystemslib.keys import (
+    format_keyval_to_metadata)
+
+from securesystemslib.interface import (
+    generate_and_write_rsa_keypair,
+    generate_and_write_ed25519_keypair,
+    import_rsa_publickey_from_file,
+    import_ed25519_publickey_from_file,
+    import_ed25519_privatekey_from_file)
+
+
 # See 'log.py' to learn how logging is handled in TUF.
 logger = logging.getLogger('tuf.developer_tool')
 
@@ -986,35 +1006,6 @@ def _strip_prefix_from_targets_metadata(targets_metadata, prefix):
 
 
 
-# Wrapper functions that we wish to make available here from repository_lib.py.
-# Users are expected to call functions provided by repository_tool.py.  We opt
-# for this approach, as opposed to using import statements to achieve the
-# equivalent, to avoid linter warnings for unused imports.
-def generate_and_write_rsa_keypair(filepath, bits, password):
-  return repo_lib.generate_and_write_rsa_keypair(filepath, bits, password)
-
-def generate_and_write_ed25519_keypair(filepath, password):
-  return repo_lib.generate_and_write_ed25519_keypair(filepath, password)
-
-def import_rsa_publickey_from_file(filepath):
-  return repo_lib.import_rsa_publickey_from_file(filepath)
-
-def import_ed25519_publickey_from_file(filepath):
-  return repo_lib.import_ed25519_publickey_from_file(filepath)
-
-def import_rsa_privatekey_from_file(filepath, password):
-  return repo_lib.import_rsa_privatekey_from_file(filepath, password)
-
-def import_ed25519_privatekey_from_file(filepath, password):
-  return repo_lib.import_ed25519_privatekey_from_file(filepath, password)
-
-def create_tuf_client_directory(repository_directory, client_directory):
-  return repo_lib.create_tuf_client_directory(repository_directory, client_directory)
-
-def disable_console_log_messages():
-  return repo_lib.disable_console_log_messages()
-
-
 
 
 if __name__ == '__main__':

tuf/repository_tool.py

@@ -54,6 +54,37 @@
 import six
 
 
+# Copy API
+# pylint: disable=unused-import
+
+# Copy generic repository API functions to be used via `repository_tool`
+from tuf.repository_lib import (
+    create_tuf_client_directory,
+    disable_console_log_messages)
+
+
+# Copy key-related API functions to be used via `repository_tool`
+from tuf.repository_lib import (
+    import_rsa_privatekey_from_file,
+    import_ed25519_privatekey_from_file)
+
+from securesystemslib.interface import (
+    generate_and_write_rsa_keypair,
+    generate_and_write_ecdsa_keypair,
+    generate_and_write_ed25519_keypair,
+    import_rsa_publickey_from_file,
+    import_ecdsa_publickey_from_file,
+    import_ed25519_publickey_from_file,
+    import_ecdsa_privatekey_from_file)
+
+from securesystemslib.keys import (
+    generate_rsa_key,
+    generate_ecdsa_key,
+    generate_ed25519_key,
+    import_rsakey_from_pem,
+    import_ecdsakey_from_pem)
+
+
 # See 'log.py' to learn how logging is handled in TUF.
 logger = logging.getLogger('tuf.repository_tool')
 
@@ -3153,63 +3184,6 @@ def append_signature(signature, metadata_filepath):
   file_object.move(metadata_filepath)
 
 
-# Wrapper functions that we wish to make available here from securesystemslib.
-# Users are expected to call functions provided by repository_tool.py.  We opt
-# for wrapper functions, instead of using the import statements to achieve the
-# equivalent, to avoid linter warnings for unused imports.
-def generate_and_write_ed25519_keypair(filepath=None, password=None):
-  return repo_lib.generate_and_write_ed25519_keypair(filepath, password)
-
-def generate_ed25519_key(scheme='ed25519'):
-  return securesystemslib.keys.generate_ed25519_key(scheme)
-
-def import_ed25519_publickey_from_file(filepath):
-  return repo_lib.import_ed25519_publickey_from_file(filepath)
-
-def import_ed25519_privatekey_from_file(filepath, password=None):
-  return repo_lib.import_ed25519_privatekey_from_file(filepath, password)
-
-# NOTE: securesystemslib cannot presently import an Ed25519 key from PEM.
-
-def generate_and_write_rsa_keypair(filepath=None,
-    bits=repo_lib.DEFAULT_RSA_KEY_BITS, password=None):
-  return repo_lib.generate_and_write_rsa_keypair(filepath, bits, password)
-
-def generate_rsa_key(bits=DEFAULT_RSA_KEY_BITS, scheme='rsassa-pss-sha256'):
-  return securesystemslib.keys.generate_rsa_key(bits, scheme)
-
-def import_rsa_publickey_from_file(filepath):
-  return repo_lib.import_rsa_publickey_from_file(filepath)
-
-def import_rsa_privatekey_from_file(filepath, password=None):
-  return repo_lib.import_rsa_privatekey_from_file(filepath, password)
-
-def import_rsakey_from_pem(pem, scheme='rsassa-pss-sha256'):
-  return securesystemslib.keys.import_rsakey_from_pem(pem, scheme)
-
-def generate_and_write_ecdsa_keypair(filepath=None, password=None):
-  return securesystemslib.interface.generate_and_write_ecdsa_keypair(
-      filepath, password)
-
-def generate_ecdsa_key(scheme='ecdsa-sha2-nistp256'):
-  return securesystemslib.keys.generate_ecdsa_key(scheme)
-
-def import_ecdsa_privatekey_from_file(filepath, password=None):
-  return securesystemslib.interface.import_ecdsa_privatekey_from_file(
-      filepath, password)
-
-def import_ecdsa_publickey_from_file(filepath):
-  return securesystemslib.interface.import_ecdsa_publickey_from_file(filepath)
-
-def import_ecdsakey_from_pem(pem, scheme='ecdsa-sha2-nistp256'):
-  return securesystemslib.keys.import_ecdsakey_from_pem(pem, scheme)
-
-def create_tuf_client_directory(repository_directory, client_directory):
-  return repo_lib.create_tuf_client_directory(
-      repository_directory, client_directory)
-
-def disable_console_log_messages():
-  return repo_lib.disable_console_log_messages()