diff --git a/tuf/developer_tool.py b/tuf/developer_tool.py index 613906fc4c..d0e55d2820 100755 --- a/tuf/developer_tool.py +++ b/tuf/developer_tool.py @@ -989,18 +989,6 @@ def _strip_prefix_from_targets_metadata(targets_metadata, prefix): # Users are expected to call functions provided by repository_tool.py. We opt # for this approach, as opposed to using import statements to achieve the # equivalent, to avoid linter warnings for unused imports. -def generate_and_write_rsa_keypair(filepath, bits, password): - return repo_lib.generate_and_write_rsa_keypair(filepath, bits, password) - -def generate_and_write_ed25519_keypair(filepath, password): - return repo_lib.generate_and_write_ed25519_keypair(filepath, password) - -def import_rsa_publickey_from_file(filepath): - return repo_lib.import_rsa_publickey_from_file(filepath) - -def import_ed25519_publickey_from_file(filepath): - return repo_lib.import_ed25519_publickey_from_file(filepath) - def import_rsa_privatekey_from_file(filepath, password): return repo_lib.import_rsa_privatekey_from_file(filepath, password) diff --git a/tuf/repository_tool.py b/tuf/repository_tool.py index 8bef8bb699..de3e1a90c0 100755 --- a/tuf/repository_tool.py +++ b/tuf/repository_tool.py @@ -3157,9 +3157,6 @@ def append_signature(signature, metadata_filepath): # Users are expected to call functions provided by repository_tool.py. We opt # for wrapper functions, instead of using the import statements to achieve the # equivalent, to avoid linter warnings for unused imports. -def generate_and_write_ed25519_keypair(filepath=None, password=None): - return repo_lib.generate_and_write_ed25519_keypair(filepath, password) - def generate_ed25519_key(scheme='ed25519'): return securesystemslib.keys.generate_ed25519_key(scheme) @@ -3171,10 +3168,6 @@ def import_ed25519_privatekey_from_file(filepath, password=None): # NOTE: securesystemslib cannot presently import an Ed25519 key from PEM. -def generate_and_write_rsa_keypair(filepath=None, - bits=repo_lib.DEFAULT_RSA_KEY_BITS, password=None): - return repo_lib.generate_and_write_rsa_keypair(filepath, bits, password) - def generate_rsa_key(bits=DEFAULT_RSA_KEY_BITS, scheme='rsassa-pss-sha256'): return securesystemslib.keys.generate_rsa_key(bits, scheme) diff --git a/tuf/scripts/repo.py b/tuf/scripts/repo.py index 6689a42b98..67c438d96c 100755 --- a/tuf/scripts/repo.py +++ b/tuf/scripts/repo.py @@ -48,85 +48,85 @@ [--role --sign ] $ repo.py --verbose <0-5> $ repo.py --clean [--path] - + --init: Create new TUF repository in current working or specified directory. - + --consistent: Enable consistent snapshots for newly created TUF repository. - + --bare: Specify creation of bare TUF repository with no key created or set. - + --path: Choose specified path location of a TUF repository or key(s). - + --role: Specify top-level role(s) affected by the main command-line option. - + --pubkeys: Indicate location of key(s) affected by the main command-line option. - + --root_pw: Set password for encrypting top-level key file of root role. - + --targets_pw: Set password for encrypting top-level key file of targets role. - + --snapshot_pw: Set password for encrypting top-level key file of snapshot role. - + --timestamp_pw: Set password for encrypting top-level key file of timestamp role. - + --add: Add file specified by to the Targets metadata. - + --recursive: Include files in subdirectories of specified directory . - + --remove: Remove target files from Targets metadata matching . - + --distrust: Discontinue trust of keys located in directory of a role. - + --trust: Indicate trusted keys located in directory of a role. - - --sign: + + --sign: Sign metadata of target role(s) with keys in specified directory. - + --key: Generate cryptographic key of specified type (default: Ed25519). - + --filename: Specify filename associated with generated top-level key. - + --pw: Set password for the generated key of specified type . - + --delegate: Delegate trust of target files from Targets role (or specified in --role) to --delegatee role with specified . - + --delegatee: Specify role that is targetted by delegator in --role to sign for target files matching delegated or in revocation of trust. - + --terminating: Mark delegation to --delegatee role from delegator as a terminating one. - + --threshold: Specify signature threshold of --delegatee role as the value . - + --revoke: Revoke trust of target files from delegated role (--delegatee) - + --verbose: Set the verbosity level of logging messages. Accepts values 1-5. - + --clean: Delete repo in current working or specified directory. """ @@ -899,16 +899,16 @@ def set_top_level_keys(repository, parsed_arguments): parsed_arguments.pw = securesystemslib.interface.get_password( prompt='Enter a password for the top-level role keys: ', confirm=True) - repo_tool.generate_and_write_ed25519_keypair( + securesystemslib.interface.generate_and_write_ed25519_keypair( os.path.join(parsed_arguments.path, KEYSTORE_DIR, ROOT_KEY_NAME), password=parsed_arguments.root_pw) - repo_tool.generate_and_write_ed25519_keypair( + securesystemslib.interface.generate_and_write_ed25519_keypair( os.path.join(parsed_arguments.path, KEYSTORE_DIR, TARGETS_KEY_NAME), password=parsed_arguments.targets_pw) - repo_tool.generate_and_write_ed25519_keypair( + securesystemslib.interface.generate_and_write_ed25519_keypair( os.path.join(parsed_arguments.path, KEYSTORE_DIR, SNAPSHOT_KEY_NAME), password=parsed_arguments.snapshot_pw) - repo_tool.generate_and_write_ed25519_keypair( + securesystemslib.interface.generate_and_write_ed25519_keypair( os.path.join(parsed_arguments.path, KEYSTORE_DIR, TIMESTAMP_KEY_NAME), password=parsed_arguments.timestamp_pw)