signer: move legacy gpg key conversion methods

These methods are ugly no matter where they are implemented. I move
them to the signer to keep them together with the legacy signature
format conversion methods.

Signed-off-by: Lukas Puehringer <[email protected]>

securesystemslib/signer/_gpg_signer.py

@@ -46,35 +46,15 @@ def to_dict(self) -> Dict:
             **self.unrecognized_fields,
         }
 
-    @classmethod
-    def _from_legacy_dict(cls, key_dict: Dict[str, Any]) -> "GPGKey":
-        """Create GPGKey from legacy dictionary representation."""
-
-        keyid = key_dict["keyid"]
-        keytype = key_dict["type"]
-        scheme = key_dict["method"]
-        keyval = key_dict["keyval"]
-
-        return cls(keyid, keytype, scheme, keyval)
-
-    def _to_legacy_dict(self) -> Dict[str, Any]:
-        """Returns legacy dictionary representation of self."""
-
-        return {
-            "keyid": self.keyid,
-            "type": self.keytype,
-            "method": self.scheme,
-            "hashes": [formats.GPG_HASH_ALGORITHM_STRING],
-            "keyval": self.keyval,
-        }
-
     def verify_signature(self, signature: Signature, data: bytes) -> None:
         try:
             if not gpg.verify_signature(
                 GPGSigner._sig_to_legacy_dict(  # pylint: disable=protected-access
                     signature
                 ),
-                self._to_legacy_dict(),
+                GPGSigner._key_to_legacy_dict(  # pylint: disable=protected-access
+                    self
+                ),
                 data,
             ):
                 raise exceptions.UnverifiedSignatureError(
@@ -155,6 +135,27 @@ def _sig_from_legacy_dict(sig_dict: Dict) -> Signature:
         sig_dict["sig"] = sig_dict.pop("signature")
         return Signature.from_dict(sig_dict)
 
+    @staticmethod
+    def _key_to_legacy_dict(key: GPGKey) -> Dict[str, Any]:
+        """Returns legacy dictionary representation of self."""
+        return {
+            "keyid": key.keyid,
+            "type": key.keytype,
+            "method": key.scheme,
+            "hashes": [formats.GPG_HASH_ALGORITHM_STRING],
+            "keyval": key.keyval,
+        }
+
+    @staticmethod
+    def _key_from_legacy_dict(key_dict: Dict[str, Any]) -> GPGKey:
+        """Create GPGKey from legacy dictionary representation."""
+        keyid = key_dict["keyid"]
+        keytype = key_dict["type"]
+        scheme = key_dict["method"]
+        keyval = key_dict["keyval"]
+
+        return GPGKey(keyid, keytype, scheme, keyval)
+
     @classmethod
     def import_(
         cls, keyid: str, homedir: Optional[str] = None
@@ -187,9 +188,7 @@ def import_(
         for key in raw_keys:
             if key["keyid"] == keyid:
                 # TODO: Raise here if key is expired, revoked, incapable, ...
-                public_key = GPGKey._from_legacy_dict(  # pylint: disable=protected-access
-                    key
-                )
+                public_key = cls._key_from_legacy_dict(key)
                 break
             keyids.append(key["keyid"])
 
@@ -219,6 +218,7 @@ def sign(self, payload: bytes) -> Signature:
 
         Returns:
             Signature.
+
         """
         raw_sig = gpg.create_signature(
             payload, self.public_key.keyid, self.homedir

tests/check_public_interfaces_gpg.py

@@ -34,7 +34,6 @@
     export_pubkeys,
     verify_signature,
 )
-
 from securesystemslib.signer import GPGKey, GPGSigner, Signer
 
 
@@ -153,7 +152,7 @@ def test_gpg_verify(self):
         for key, sig in key_signature_pairs:
             self.assertTrue(verify_signature(sig, key, data))
             # pylint: disable=protected-access
-            GPGKey._from_legacy_dict(key).verify_signature(
+            GPGSigner._key_from_legacy_dict(key).verify_signature(
                 GPGSigner._sig_from_legacy_dict(sig), data
             )
 

tests/test_signer.py

@@ -483,14 +483,16 @@ def test_gpg_key_legacy_data_structure(self):
         legacy_fields = {"keyid", "type", "method"}
         fields = {"keytype", "scheme"}
 
-        legacy_dict = public_key._to_legacy_dict()
+        legacy_dict = GPGSigner._key_to_legacy_dict(public_key)
         for field in legacy_fields:
             self.assertIn(field, legacy_dict)
 
         for field in fields:
             self.assertNotIn(field, legacy_dict)
 
-        self.assertEqual(public_key, GPGKey._from_legacy_dict(legacy_dict))
+        self.assertEqual(
+            public_key, GPGSigner._key_from_legacy_dict(legacy_dict)
+        )
 
     def test_gpg_key__eq__(self):
         """Test GPGKey.__eq__() ."""