Merge pull request #292 from joshuagl/joshuagl/minor_style_changes

Minor changes

securesystemslib/ecdsa_keys.py

@@ -36,10 +36,6 @@
 from __future__ import division
 from __future__ import unicode_literals
 
-# 'binascii' required for hexadecimal conversions.  Signatures and
-# public/private keys are hexlified.
-import binascii
-
 import logging
 
 # Import cryptography modules to support ecdsa keys and signatures.
@@ -51,7 +47,6 @@
   from cryptography.hazmat.primitives.asymmetric import ec
 
   from cryptography.hazmat.primitives import serialization
-  from cryptography.hazmat.backends.interfaces import PEMSerializationBackend
 
   from cryptography.hazmat.primitives.serialization import load_pem_public_key
   from cryptography.hazmat.primitives.serialization import load_pem_private_key

securesystemslib/ed25519_keys.py

@@ -51,18 +51,6 @@
 from __future__ import division
 from __future__ import unicode_literals
 
-# 'binascii' required for hexadecimal conversions.  Signatures and
-# public/private keys are hexlified.
-import binascii
-
-# TODO:  The 'warnings' module needed to temporarily suppress user warnings
-# raised by 'pynacl' (as of version 0.2.3).  Warnings temporarily suppressed
-# here to avoid confusing users with an unexpected error message that gives
-# no indication of its source.  These warnings are printed when using
-# the repository tools, including for clients that request an update.
-# http://docs.python.org/2/library/warnings.html#temporarily-suppressing-warnings
-import warnings
-
 # 'os' required to generate OS-specific randomness (os.urandom) suitable for
 # cryptographic use.
 # http://docs.python.org/2/library/os.html#miscellaneous-functions
@@ -241,17 +229,14 @@ def create_signature(public_key, private_key, data, scheme):
 
   # Signing the 'data' object requires a seed and public key.
   # nacl.signing.SigningKey.sign() generates the signature.
-  public = public_key
-  private = private_key
-
   signature = None
 
   # An if-clause is not strictly needed here, since 'ed25519' is the only
   # currently supported scheme.  Nevertheless, include the conditional
   # statement to accommodate schemes that might be added in the future.
   if scheme == 'ed25519':
     try:
-      nacl_key = nacl.signing.SigningKey(private)
+      nacl_key = nacl.signing.SigningKey(private_key)
       nacl_sig = nacl_key.sign(data)
       signature = nacl_sig.signature
 

securesystemslib/exceptions.py

@@ -25,8 +25,6 @@
 from __future__ import division
 from __future__ import unicode_literals
 
-import six
-
 
 
 class Error(Exception):

securesystemslib/formats.py

@@ -74,7 +74,6 @@
 import binascii
 import calendar
 import re
-import string
 import datetime
 import time
 import six
@@ -411,7 +410,7 @@ def _create_gpg_pubkey_with_subkey_schema(pubkey_schema):
   key_schema = KEYID_SCHEMA,
   value_schema = KEY_SCHEMA)
 
-ANY_SIGNATURE_SCHEMA = securesystemslib.schema.OneOf([SIGNATURE_SCHEMA,
+ANY_SIGNATURE_SCHEMA = SCHEMA.OneOf([SIGNATURE_SCHEMA,
     GPG_SIGNATURE_SCHEMA])
 
 # List of ANY_SIGNATURE_SCHEMA.
@@ -515,7 +514,7 @@ def unix_timestamp_to_datetime(unix_timestamp):
 
   # Is 'unix_timestamp' properly formatted?
   # Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
-  securesystemslib.formats.UNIX_TIMESTAMP_SCHEMA.check_match(unix_timestamp)
+  UNIX_TIMESTAMP_SCHEMA.check_match(unix_timestamp)
 
   # Convert 'unix_timestamp' to a 'time.struct_time',  in UTC.  The Daylight
   # Savings Time (DST) flag is set to zero.  datetime.fromtimestamp() is not

securesystemslib/interface.py

@@ -29,17 +29,11 @@
 from __future__ import unicode_literals
 
 import os
-import errno
 import sys
-import time
-import datetime
 import getpass
 import logging
 import tempfile
-import shutil
 import json
-import gzip
-import random
 
 import securesystemslib.formats
 import securesystemslib.settings
@@ -49,8 +43,6 @@
 
 from securesystemslib import KEY_TYPE_RSA, KEY_TYPE_ED25519, KEY_TYPE_ECDSA
 
-import six
-
 logger = logging.getLogger(__name__)
 
 try:

securesystemslib/keys.py

@@ -59,10 +59,6 @@
 # hexlified.
 import binascii
 
-# NOTE:  'warnings' needed to temporarily suppress user warnings raised by
-# 'pynacl' (as of version 0.2.3).
-# http://docs.python.org/2/library/warnings.html#temporarily-suppressing-warnings
-import warnings
 import logging
 
 import securesystemslib.rsa_keys

securesystemslib/rsa_keys.py

@@ -68,7 +68,6 @@
   # Import pyca/cryptography routines needed to generate and load cryptographic
   # keys in PEM format.
   from cryptography.hazmat.primitives import serialization
-  from cryptography.hazmat.backends.interfaces import PEMSerializationBackend
   from cryptography.hazmat.primitives.serialization import load_pem_private_key
   from cryptography.hazmat.backends import default_backend
 
@@ -486,7 +485,7 @@ def verify_rsa_signature(signature, signature_scheme, public_key, data):
       # This is a defensive check check..
       else:  # pragma: no cover
         raise securesystemslib.exceptions.UnsupportedAlgorithmError('Unsupported'
-            ' signature scheme is specified: ' + repr(scheme))
+            ' signature scheme is specified: ' + repr(signature_scheme))
 
       return True
 
@@ -991,8 +990,7 @@ def _encrypt(key_data, derived_key_information):
   # a decryption operation.
   symmetric_key = derived_key_information['derived_key']
   salt = derived_key_information['salt']
-  hmac_object = \
-    cryptography.hazmat.primitives.hmac.HMAC(symmetric_key, hashes.SHA256(),
+  hmac_object = hmac.HMAC(symmetric_key, hashes.SHA256(),
         backend=default_backend())
   hmac_object.update(ciphertext)
   hmac_value = binascii.hexlify(hmac_object.finalize())
@@ -1031,7 +1029,7 @@ def _decrypt(file_contents, password):
   # separating.  Raise 'securesystemslib.exceptions.CryptoError', if
   # 'file_contents' does not contains the expected data layout.
   try:
-    salt, iterations, hmac, iv, ciphertext = \
+    salt, iterations, read_hmac, iv, ciphertext = \
       file_contents.split(_ENCRYPTION_DELIMITER)
 
   except ValueError:
@@ -1054,14 +1052,13 @@ def _decrypt(file_contents, password):
   # See the encryption routine for why we use the encrypt-then-MAC approach.
   # The decryption routine may verify a ciphertext without having to perform
   # a decryption operation.
-  generated_hmac_object = \
-    cryptography.hazmat.primitives.hmac.HMAC(symmetric_key, hashes.SHA256(),
+  generated_hmac_object = hmac.HMAC(symmetric_key, hashes.SHA256(),
         backend=default_backend())
   generated_hmac_object.update(ciphertext)
   generated_hmac = binascii.hexlify(generated_hmac_object.finalize())
 
 
-  if not securesystemslib.util.digests_are_equal(generated_hmac.decode(), hmac):
+  if not securesystemslib.util.digests_are_equal(generated_hmac.decode(), read_hmac):
     raise securesystemslib.exceptions.CryptoError('Decryption failed.')
 
   # Construct a Cipher object, with the key and iv.

securesystemslib/util.py

@@ -26,19 +26,14 @@
 from __future__ import unicode_literals
 
 import os
-import shutil
 import logging
-import tempfile
-import warnings
 
 import securesystemslib.exceptions
 import securesystemslib.settings
 import securesystemslib.hash
 import securesystemslib.formats
 import securesystemslib.storage
 
-import six
-
 logger = logging.getLogger(__name__)
 
 
@@ -436,7 +431,7 @@ def load_json_file(filepath, storage_backend=None):
     try:
       deserialized_object = json.loads(raw_data)
 
-    except (ValueError, TypeError) as e:
+    except (ValueError, TypeError):
       raise securesystemslib.exceptions.Error('Cannot deserialize to a'
           ' Python object: ' + filepath)