Minor restructure in TAP 15 example

Generate keys for all roles in one place and rename to
better distinguish delegating targets key from bins key.

Signed-off-by: Lukas Puehringer <[email protected]>

Author: Lukas Puehringer

examples/repo_example/succinct_hash_bin_delegations.py

@@ -85,7 +85,9 @@ def create_key() -> Tuple[Key, SSlibSigner]:
     return Key.from_securesystemslib_key(sslib_key), SSlibSigner(sslib_key)
 
 
-key, signer = create_key()
+# Create one signing key for all bins, and one for the delegating targets role.
+bins_key, bins_signer = create_key()
+_, targets_signer = create_key()
 
 # Delegating targets role
 # -----------------------
@@ -101,16 +103,13 @@ def create_key() -> Tuple[Key, SSlibSigner]:
 targets = Metadata(Targets(expires=expiration_date))
 
 succinct_roles = SuccinctRoles(
-    keyids=[],
+    keyids=[bins_key.keyid],
     threshold=THRESHOLD,
     bit_length=BIT_LENGTH,
     name_prefix=NAME_PREFIX,
 )
-
-# Now we will populate the keyids by using the succinct_roles_keys list.
 delegations_keys_info: Dict[str, Key] = {}
-succinct_roles.keyids.append(key.keyid)
-delegations_keys_info[key.keyid] = key
+delegations_keys_info[bins_key.keyid] = bins_key
 
 targets.signed.delegations = Delegations(
     delegations_keys_info, roles=None, succinct_roles=succinct_roles
@@ -164,15 +163,14 @@ def create_key() -> Tuple[Key, SSlibSigner]:
 PRETTY = JSONSerializer(compact=False)
 TMP_DIR = tempfile.mkdtemp(dir=os.getcwd())
 
-# Generate a key for targets we haven't added one up to this point.
-_, targets_signer = create_key()
+
 targets.sign(targets_signer)
 targets.to_file(os.path.join(TMP_DIR, "1.targets.json"), serializer=PRETTY)
 
 for bin_name, bin_target_role in delegated_bins.items():
     file_name = f"1.{bin_name}.json"
     file_path = os.path.join(TMP_DIR, file_name)
 
-    bin_target_role.sign(signer, append=True)
+    bin_target_role.sign(bins_signer, append=True)
 
     bin_target_role.to_file(file_path, serializer=PRETTY)