commit 8e84384bebe3b215a8f28f734f8227f71f737c6c
author Erick Tryzelaar <etryzelaar@google.com> Tue Dec 10 15:09:48 2019 -0800
committer Erick Tryzelaar <etryzelaar@google.com> Tue Dec 10 15:57:55 2019 -0800
tree e7df2ecdf9a86e4af07f8e5334b28f142ef986cc
parent 129ce308c6e2d311b1a078f7a02746eacddf39c1

Copy PrivateKey fields to Signers

In order for Signers to produce the same key ids as
`PrivateKey.PublicData.IDs()`, we need to make sure we copy the exact
values for `Type`, `Scheme`, and `Algorithms`.

Change-Id: I6546481c9c03e3ff05db7c0375f32c3803d825c8

sign/keys.go

diff --git a/sign/keys.go b/sign/keys.go
index cae4d2e..78e0b5e 100644
--- a/sign/keys.go
+++ b/sign/keys.go
@@ -30,7 +30,12 @@
 }
 
 func (k *PrivateKey) Signer() Signer {
-	return &ed25519Signer{PrivateKey: ed25519.PrivateKey(k.Value.Private)}
+	return &ed25519Signer{
+		PrivateKey:    ed25519.PrivateKey(k.Value.Private),
+		keyType:       k.Type,
+		keyScheme:     k.Scheme,
+		keyAlgorithms: k.Algorithms,
+	}
 }
 
 func GenerateEd25519Key() (*PrivateKey, error) {
@@ -52,8 +57,11 @@
 type ed25519Signer struct {
 	ed25519.PrivateKey
 
-	ids    []string
-	idOnce sync.Once
+	keyType       string
+	keyScheme     string
+	keyAlgorithms []string
+	ids           []string
+	idOnce        sync.Once
 }
 
 var _ Signer = &ed25519Signer{}
@@ -74,17 +82,17 @@
 
 func (s *ed25519Signer) publicData() *data.Key {
 	return &data.Key{
-		Type:       data.KeyTypeEd25519,
-		Scheme:     data.KeySchemeEd25519,
-		Algorithms: data.KeyAlgorithms,
+		Type:       s.keyType,
+		Scheme:     s.keyScheme,
+		Algorithms: s.keyAlgorithms,
 		Value:      data.KeyValue{Public: []byte(s.PrivateKey.Public().(ed25519.PublicKey))},
 	}
 }
 
 func (s *ed25519Signer) Type() string {
-	return data.KeyTypeEd25519
+	return s.keyType
 }
 
 func (s *ed25519Signer) Scheme() string {
-	return data.KeySchemeEd25519
+	return s.keyScheme
 }

sign/keys_test.go

diff --git a/sign/keys_test.go b/sign/keys_test.go
new file mode 100644
index 0000000..aa05b69
--- /dev/null
+++ b/sign/keys_test.go
@@ -0,0 +1,36 @@
+package sign
+
+import (
+	"testing"
+
+	. "gopkg.in/check.v1"
+)
+
+// Hook up gocheck into the "go test" runner.
+func Test(t *testing.T) { TestingT(t) }
+
+type KeysSuite struct{}
+
+var _ = Suite(&KeysSuite{})
+
+func (KeysSuite) TestSignerKeyIDs(c *C) {
+	key, err := GenerateEd25519Key()
+	c.Assert(err, IsNil)
+	signer := key.Signer()
+	c.Assert(key.PublicData().IDs(), DeepEquals, signer.IDs())
+
+	// If we have a TUF-0.9 key, we won't have a scheme.
+	key, err = GenerateEd25519Key()
+	c.Assert(err, IsNil)
+	key.Scheme = ""
+	signer = key.Signer()
+	c.Assert(key.PublicData().IDs(), DeepEquals, signer.IDs())
+
+	// Make sure we preserve ids if we don't have any
+	// keyid_hash_algorithms.
+	key, err = GenerateEd25519Key()
+	c.Assert(err, IsNil)
+	key.Algorithms = []string{}
+	signer = key.Signer()
+	c.Assert(key.PublicData().IDs(), DeepEquals, signer.IDs())
+}