Description of issue or feature request:
Securesystemslib lacks of a clear public API. It should be clear and intuitive for users of secureystemslib, which modules and which functions are public API.

Current behavior:
API is scattered across:

• for general key operations (generate, import, sign, verify)

  • keys.py -- high-level public interface to sign/very (key type independent), and generate and import keys (key type dependent). Calls into low-level non-public {rsa, ecdsa, ed25519}_keys.py modules, which are (mostly) separated by key type.
  • interface.py -- higher-level public interface (mostly calls into key.py) to generate and import keys

• for GPG key operations (import, sign, verify)

  • gpg/functions.py -- public interface for gpg subpackage, independent from above key operations.

• for other other non-key related operations

  • hash.py -- facade for hashlib from stdlib and cryptography.hazmat.primitives.hashes
  • process.py -- thin subprocess wrapper
  • storage.py-- file system abstraction
  • util.py -- mostly I/O related utils
  • formats.py-- schema definition constants (likely to be deprecated, see Revise schema and formats facility #183), OLPC canonical json implementation

Expected behavior:
Revise module architecture to use mnemonic names for (public) modules (not interface or functions) appropriate for the interface functions they contain. Also see discussion about import guidelines.