Merge branch 'main' into more-root-tests

conda_content_trust/__init__.py

@@ -1,3 +1,3 @@
 # Copyright (C) 2019 Anaconda, Inc
 # SPDX-License-Identifier: BSD-3-Clause
-from .__version__ import __version__
+from .__version__ import __version__  # noqa: F401

conda_content_trust/common.py

@@ -17,9 +17,7 @@
   x  is_hex_string
   x  is_hex_signature
   r  is_hex_key
-     is_hex_hash
   r  checkformat_hex_key
-     checkformat_hex_hash
   r  checkformat_list_of_hex_keys
   x  is_a_signable
   x  checkformat_byteslike
@@ -31,9 +29,7 @@
   x  checkformat_gpg_signature
      is_gpg_signature
      checkformat_any_signature
-     is_delegation
      checkformat_delegation
-     is_delegations
      checkformat_delegations
      checkformat_delegating_metadata
   x  iso8601_time_plus_delta
@@ -245,14 +241,6 @@ def from_bytes(cls, key_value_in_bytes):
         checkformat_byteslike(key_value_in_bytes)
         return super().from_private_bytes(key_value_in_bytes)
 
-    def public_key(self):  # Overrides ed25519.Ed25519PrivateKey's method
-        """
-        Return the public key corresponding to this private key.
-        """
-        public = super().public_key()
-        checkformat_key(public)
-        return public
-
 
 class PublicKey(MixinKey, ed25519.Ed25519PublicKey):
     """
@@ -377,19 +365,6 @@ def is_hex_key(key):
         return False
 
 
-def is_hex_hash(h):
-    """
-    Returns True if h is a hex string with no uppercase characters, no
-    spaces, no '0x' prefix(es), etc., and is 64 hexadecimal characters (the
-    correct length for a sha256 or sha512256 hash, 32 bytes of raw data
-    represented as 64 hexadecimal characters).
-    Else, returns False.
-
-    Indistinguishable from is_hex_key.
-    """
-    return is_hex_key(h)
-
-
 def is_a_signable(dictionary):
     """
     Returns True if the given dictionary is a signable dictionary as produced
@@ -466,18 +441,6 @@ def checkformat_hex_key(k):
         raise ValueError("Hex representations of keys must use only lowercase.")
 
 
-def checkformat_hex_hash(h):
-    checkformat_hex_string(h)
-
-    if 64 != len(h):
-        raise ValueError("Expected a 64-character hex string representing a hash.")
-
-    # Prevent multiple possible representations.  There are security
-    # implications.
-    if h.lower() != h:
-        raise ValueError("Hex representations of hashes must use only lowercase.")
-
-
 def checkformat_list_of_hex_keys(value):
     """
     Note that this rejects any list of keys that includes any exact duplicates.
@@ -548,40 +511,6 @@ def checkformat_gpg_fingerprint(fingerprint):
         )
 
 
-def checkformat_sslgpg_signature(signature_obj):
-    """
-    Raises a TypeError if the given object is not a dictionary representing a
-    signature in a format like that produced by
-    securesystemslib.gpg.functions.create_signature(), conforming to
-    securesystemslib.formats.GPG_SIGNATURE_SCHEMA.
-
-    We will generally use a slightly different format in order to include the
-    raw ed25519 public key value.
-    This is the format we
-    expect for Root signatures.
-
-    If the given object matches the format, returns silently.
-    """
-    if not (
-        isinstance(signature_obj, dict)
-        and "keyid" in signature_obj
-        and "other_headers" in signature_obj
-        and "signature" in signature_obj
-        and len(signature_obj) == 3
-        and is_hex_signature(signature_obj["signature"])
-        # TODO ✅: Determine if we can constrain "other_headers" beyond
-        #          limiting it to a hex string.  (No length constraint is
-        #          provided here, for example.)
-        and is_hex_string(signature_obj["other_headers"])
-    ):
-        raise TypeError(
-            "Expected a dictionary representing a GPG signature in the "
-            "securesystemslib.formats.GPG_SIGNATURE_SCHEMA format."
-        )
-
-    checkformat_gpg_fingerprint(signature_obj["keyid"])
-
-
 def is_gpg_signature(signature_obj):
     # TODO: ✅ docstring based on docstring from checkformat_gpg_signature
 
@@ -766,14 +695,6 @@ def checkformat_delegation(delegation):
     checkformat_natural_int(delegation["threshold"])
 
 
-def is_a_delegation(delegation):
-    try:
-        checkformat_delegation(delegation)
-        return True
-    except (ValueError, TypeError):
-        return False
-
-
 def checkformat_delegations(delegations):
     """
     A dictionary specifying a delegation for any number of role names.
@@ -797,14 +718,6 @@ def checkformat_delegations(delegations):
         checkformat_delegation(delegations[index])
 
 
-def is_delegations(delegations):
-    try:
-        checkformat_delegations(delegations)
-        return True
-    except (ValueError, TypeError):
-        return False
-
-
 def checkformat_delegating_metadata(metadata):
     """
     Validates argument "metadata" as delegating metadata.  Passes if it is,

news/72-test-remove-unreachable

@@ -0,0 +1,19 @@
+### Enhancements
+
+* <news item>
+
+### Bug fixes
+
+* <news item>
+
+### Deprecations
+
+* <news item>
+
+### Docs
+
+* <news item>
+
+### Other
+
+* Increase test coverage by removing unreachable/unused code (#74, #72)

tests/test_common.py

@@ -400,10 +400,7 @@ def test_checkformat_hex_string():
     checkformat_hex_string(SAMPLE_KEYVAL)
 
 
-# def test_checkformat_hex_key():
-#     raise NotImplementedError()
-
-# def test_checkformat_list_of_hex_keys():
+# test_checkformat_list_of_hex_keys():
 #     raise NotImplementedError()
 
 # def test_checkformat_byteslike():