Merge pull request #558 from lukpueh/base-de_serialization-helpers

lukpueh · web-flow · commit b1b14ebaad2e · 2023-04-14T14:24:51.000+02:00
signer: _from/_to_dict helpers for Key base fields
diff --git a/securesystemslib/signer/_gpg_signer.py b/securesystemslib/signer/_gpg_signer.py
@@ -32,19 +32,11 @@ class GPGKey(Key):
 
     @classmethod
     def from_dict(cls, keyid: str, key_dict: Dict[str, Any]) -> "GPGKey":
-        keytype = key_dict.pop("keytype")
-        scheme = key_dict.pop("scheme")
-        keyval = key_dict.pop("keyval")
-
+        keytype, scheme, keyval = cls._from_dict(key_dict)
         return cls(keyid, keytype, scheme, keyval, key_dict)
 
     def to_dict(self) -> Dict:
-        return {
-            "keytype": self.keytype,
-            "scheme": self.scheme,
-            "keyval": self.keyval,
-            **self.unrecognized_fields,
-        }
+        return self._to_dict()
 
     def verify_signature(self, signature: Signature, data: bytes) -> None:
         try:
diff --git a/securesystemslib/signer/_key.py b/securesystemslib/signer/_key.py
@@ -101,6 +101,32 @@ def to_dict(self) -> Dict[str, Any]:
         """
         raise NotImplementedError
 
+    def _to_dict(self) -> Dict[str, Any]:
+        """Serialization helper to add base Key fields to a dict.
+
+        Key implementations may call this in their to_dict, which they must
+        still provide, in order to avoid unnoticed serialization accidents.
+        """
+        return {
+            "keytype": self.keytype,
+            "scheme": self.scheme,
+            "keyval": self.keyval,
+            **self.unrecognized_fields,
+        }
+
+    @staticmethod
+    def _from_dict(key_dict: Dict[str, Any]) -> Tuple[str, str, Dict[str, Any]]:
+        """Deserialization helper to pop base Key fields off the dict.
+
+        Key implementations may call this in their from_dict, in order to parse
+        out common fields. But they have to create the Key instance themselves.
+        """
+        keytype = key_dict.pop("keytype")
+        scheme = key_dict.pop("scheme")
+        keyval = key_dict.pop("keyval")
+
+        return keytype, scheme, keyval
+
     @abstractmethod
     def verify_signature(self, signature: Signature, data: bytes) -> None:
         """Raises if verification of signature over data fails.
@@ -143,9 +169,7 @@ def from_securesystemslib_key(cls, key_dict: Dict[str, Any]) -> "SSlibKey":
 
     @classmethod
     def from_dict(cls, keyid: str, key_dict: Dict[str, Any]) -> "SSlibKey":
-        keytype = key_dict.pop("keytype")
-        scheme = key_dict.pop("scheme")
-        keyval = key_dict.pop("keyval")
+        keytype, scheme, keyval = cls._from_dict(key_dict)
 
         if "public" not in keyval or not isinstance(keyval["public"], str):
             raise ValueError(f"public key string required for scheme {scheme}")
@@ -154,12 +178,7 @@ def from_dict(cls, keyid: str, key_dict: Dict[str, Any]) -> "SSlibKey":
         return cls(keyid, keytype, scheme, keyval, key_dict)
 
     def to_dict(self) -> Dict[str, Any]:
-        return {
-            "keytype": self.keytype,
-            "scheme": self.scheme,
-            "keyval": self.keyval,
-            **self.unrecognized_fields,
-        }
+        return self._to_dict()
 
     def verify_signature(self, signature: Signature, data: bytes) -> None:
         try:
diff --git a/securesystemslib/signer/_sigstore_signer.py b/securesystemslib/signer/_sigstore_signer.py
@@ -35,9 +35,7 @@ class SigstoreKey(Key):
 
     @classmethod
     def from_dict(cls, keyid: str, key_dict: Dict[str, Any]) -> "SigstoreKey":
-        keytype = key_dict.pop("keytype")
-        scheme = key_dict.pop("scheme")
-        keyval = key_dict.pop("keyval")
+        keytype, scheme, keyval = cls._from_dict(key_dict)
 
         for content in ["identity", "issuer"]:
             if content not in keyval or not isinstance(keyval[content], str):
@@ -48,12 +46,7 @@ def from_dict(cls, keyid: str, key_dict: Dict[str, Any]) -> "SigstoreKey":
         return cls(keyid, keytype, scheme, keyval, key_dict)
 
     def to_dict(self) -> Dict:
-        return {
-            "keytype": self.keytype,
-            "scheme": self.scheme,
-            "keyval": self.keyval,
-            **self.unrecognized_fields,
-        }
+        return self._to_dict()
 
     def verify_signature(self, signature: Signature, data: bytes) -> None:
         # pylint: disable=import-outside-toplevel,import-error
