Skip to content

Commit

Permalink
signer: Allow multiple signatures
Browse files Browse the repository at this point in the history 
This makes it possible to sign the same metadata twice:
* currently this is only useful when fixing the keyid compliance issue
  in root (see theupdateframework#292). Basically the user will be asked to sign with
  both the keyid from root N+1 and the keyid from root N.
* there are clear use cases with one signer with multiple keys in
  future (think e.g. key rotation).
  • Loading branch information
@jku
jku committed May 17, 2024
1 parent 9bfba1e commit 6ad9ec3
Showing 1 changed file with 10 additions and 8 deletions.
18 changes: 10 additions & 8 deletions signer/tuf_on_ci_sign/_signer_repository.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -742,24 +742,26 @@ def status(self, rolename: str) -> str:
def sign(self, rolename: str):
"""Sign without payload changes"""
md = self.open(rolename)
signing_keys: dict[str, Key] = {}
for key in self._get_keys(rolename):
keyowner = key.unrecognized_fields["x-tuf-on-ci-keyowner"]
if keyowner == self.user.name:
self._sign(rolename, md, key)
self._write(rolename, md)
return
signing_keys[key.keyid] = key

# Root is eligible to sign current root if the signer was valid
# user is also eligible to sign current root if the signer was valid
# in previous version
if rolename == "root":
for key in self._get_keys(rolename, True):
keyowner = key.unrecognized_fields["x-tuf-on-ci-keyowner"]
if keyowner == self.user.name:
self._sign(rolename, md, key)
self._write(rolename, md)
return
signing_keys[key.keyid] = key

raise ValueError(f"{rolename} signing key for {self.user.name} not found")
if not signing_keys:
raise ValueError(f"{rolename} signing key for {self.user.name} not found")

for key in signing_keys.values():
self._sign(rolename, md, key)
self._write(rolename, md)


def build_paths(rolename: str, depth: int) -> list[str]:
Expand Down

0 comments on commit 6ad9ec3

Please sign in to comment.