Metadata API: Fix Metadata.sign() return value

We've been returning Signature objects since 49aa0fc.

Also add a test case that does something with the returned signature.

Signed-off-by: Jussi Kukkonen <[email protected]>

tests/test_api.py

@@ -183,12 +183,14 @@ def test_sign_verify(self):
 
         sslib_signer = SSlibSigner(self.keystore['snapshot'])
         # Append a new signature with the unrelated key and assert that ...
-        metadata_obj.sign(sslib_signer, append=True)
+        sig = metadata_obj.sign(sslib_signer, append=True)
         # ... there are now two signatures, and
         self.assertTrue(len(metadata_obj.signatures) == 2)
         # ... both are valid for the corresponding keys.
         targets_key.verify_signature(metadata_obj)
         snapshot_key.verify_signature(metadata_obj)
+        # ... the returned (appended) signature is for snapshot key
+        self.assertEqual(sig.keyid, snapshot_keyid)
 
         sslib_signer = SSlibSigner(self.keystore['timestamp'])
         # Create and assign (don't append) a new signature and assert that ...

tuf/api/metadata.py

@@ -211,7 +211,7 @@ def sign(
         signer: Signer,
         append: bool = False,
         signed_serializer: Optional[SignedSerializer] = None,
-    ) -> Dict[str, Any]:
+    ) -> Signature:
         """Creates signature over 'signed' and assigns it to 'signatures'.
 
         Arguments:
@@ -232,7 +232,7 @@ def sign(
                 Signing errors.
 
         Returns:
-            A securesystemslib-style signature object.
+            Securesystemslib Signature object that was added into signatures.
 
         """
         if signed_serializer is None: