appu review comments

Signed-off-by: Patrick Flynn <patrick@chainguard.dev>
sigstore · Sep 12, 2022 · 714d53a · 714d53a
1 parent 7b23b5b
commit 714d53a
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 7 deletions.
diff --git a/sigstore-java/src/main/java/dev/sigstore/encryption/Keys.java b/sigstore-java/src/main/java/dev/sigstore/encryption/Keys.java
@@ -123,8 +123,7 @@ public static PublicKey constructTufPublicKey(byte[] contents, String scheme)
           // spec for P-256 curve
           ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec("P-256");
           // create a KeyFactory with ECDSA (Elliptic Curve Diffie-Hellman) algorithm and use
-          // BouncyCastle
-          // as the provider
+          // BouncyCastle as the provider
           KeyFactory kf = null;
           try {
             kf = KeyFactory.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME);

diff --git a/sigstore-java/src/main/java/dev/sigstore/tuf/TufClient.java b/sigstore-java/src/main/java/dev/sigstore/tuf/TufClient.java
@@ -65,12 +65,11 @@ public void updateRoot(Path trustedRootPath, URL mirror, Path localStore)
     // 5.3.1) record the time at start and use for expiration checks consistently throughout the
     // update.
     updateStartTime = ZonedDateTime.now(clock);
-    Root trustedRoot;
 
     // 5.3.2) load the trust metadata file (root.json), get version of root.json and the role
     // signature threshold value
 
-    trustedRoot = GSON.get().fromJson(Files.readString(trustedRootPath), Root.class);
+    Root trustedRoot = GSON.get().fromJson(Files.readString(trustedRootPath), Root.class);
     int baseVersion = trustedRoot.getSignedMeta().getVersion();
     int nextVersion = baseVersion + 1;
     // keep these for verifying the last step. 5.3.11
@@ -132,8 +131,7 @@ public void updateRoot(Path trustedRootPath, URL mirror, Path localStore)
 
       // 5.3.5) We've taken the liberty to modify 5.3.5 to just validate that the new root meta
       // matches the version we pulled based off of the pattern {version}.root.json. We know due to
-      // the
-      // loop constraints that it is larger than the current version.
+      // the loop constraints that it is larger than the current version.
       if (newRoot.getSignedMeta().getVersion() != nextVersion) {
         throw new RoleVersionException(nextVersion, newRoot.getSignedMeta().getVersion());
       }
@@ -142,7 +140,7 @@ public void updateRoot(Path trustedRootPath, URL mirror, Path localStore)
       // 5.3.8) persist to repo
       Path localTrustRoot = localStore.resolve("root.json");
       if (localTrustRoot.toFile().exists()) {
-        // Backup the old root. (not sure if this is necessary)
+        // Backup the old root.
         Files.move(localTrustRoot, localStore.resolve((nextVersion - 1) + ".root.json"));
       }
       try (FileWriter fileWriter = new FileWriter(localTrustRoot.toFile())) {