From 283158ca4436b90e4b968332cd18e0e9e3c9764d Mon Sep 17 00:00:00 2001 From: Lukas Puehringer Date: Tue, 9 Apr 2024 11:27:43 +0200 Subject: [PATCH] Remove unused function and schema checks in hash The function "digest_from_rsa_scheme" doesn't seem to be used anywhere (according to sourcegraph.com), not even in securesystemslib.signer, where the same functionality is replicated several times (see #594). --- securesystemslib/hash.py | 69 +--------------------------------------- tests/test_hash.py | 29 ----------------- 2 files changed, 1 insertion(+), 97 deletions(-) diff --git a/securesystemslib/hash.py b/securesystemslib/hash.py index 59aaace4..55c874ed 100755 --- a/securesystemslib/hash.py +++ b/securesystemslib/hash.py @@ -23,7 +23,7 @@ import hashlib -from securesystemslib import exceptions, formats +from securesystemslib import exceptions from securesystemslib.storage import FilesystemBackend DEFAULT_CHUNK_SIZE = 4096 @@ -145,9 +145,6 @@ def digest(algorithm=DEFAULT_HASH_ALGORITHM, hash_library=DEFAULT_HASH_LIBRARY): The crypto library to use for the given hash algorithm (e.g., 'hashlib'). - securesystemslib.exceptions.FormatError, if the arguments are - improperly formatted. - securesystemslib.exceptions.UnsupportedAlgorithmError, if an unsupported hashing algorithm is specified, or digest could not be generated with given the algorithm. @@ -166,11 +163,6 @@ def digest(algorithm=DEFAULT_HASH_ALGORITHM, hash_library=DEFAULT_HASH_LIBRARY): PycaDiggestWrapper object """ - # Are the arguments properly formatted? If not, raise - # 'securesystemslib.exceptions.FormatError'. - formats.NAME_SCHEMA.check_match(algorithm) - formats.NAME_SCHEMA.check_match(hash_library) - # Was a hashlib digest object requested and is it supported? # If so, return the digest object. if hash_library == "hashlib" and hash_library in SUPPORTED_LIBRARIES: @@ -260,12 +252,6 @@ def digest_fileobject( hashlib.new(algorithm) or PycaDiggestWrapper object """ - - # Are the arguments properly formatted? If not, raise - # 'securesystemslib.exceptions.FormatError'. - formats.NAME_SCHEMA.check_match(algorithm) - formats.NAME_SCHEMA.check_match(hash_library) - # Digest object returned whose hash will be updated using 'file_object'. # digest() raises: # securesystemslib.exceptions.UnsupportedAlgorithmError @@ -340,9 +326,6 @@ def digest_filename( passed a FilesystemBackend will be instantiated and used. - securesystemslib.exceptions.FormatError, if the arguments are - improperly formatted. - securesystemslib.exceptions.UnsupportedAlgorithmError, if the given 'algorithm' is unsupported. @@ -361,12 +344,6 @@ def digest_filename( hashlib.new(algorithm) or PycaDiggestWrapper object """ - # Are the arguments properly formatted? If not, raise - # 'securesystemslib.exceptions.FormatError'. - formats.PATH_SCHEMA.check_match(filename) - formats.NAME_SCHEMA.check_match(algorithm) - formats.NAME_SCHEMA.check_match(hash_library) - digest_object = None if storage_backend is None: @@ -383,47 +360,3 @@ def digest_filename( ) return digest_object - - -def digest_from_rsa_scheme(scheme, hash_library=DEFAULT_HASH_LIBRARY): - """ - - Get digest object from RSA scheme. - - - scheme: - A string that indicates the signature scheme used to generate - 'signature'. - - hash_library: - The crypto library to use for the given hash algorithm (e.g., 'hashlib'). - - - securesystemslib.exceptions.FormatError, if the arguments are - improperly formatted. - - securesystemslib.exceptions.UnsupportedAlgorithmError, if an unsupported - hashing algorithm is specified, or digest could not be generated with given - the algorithm. - - securesystemslib.exceptions.UnsupportedLibraryError, if an unsupported - library was requested via 'hash_library'. - - - None. - - - Digest object - - e.g. - hashlib.new(algorithm) or - PycaDiggestWrapper object - """ - # Are the arguments properly formatted? If not, raise - # 'securesystemslib.exceptions.FormatError'. - formats.RSA_SCHEME_SCHEMA.check_match(scheme) - - # Get hash algorithm from rsa scheme (hash algorithm id is specified after - # the last dash; e.g. rsassa-pss-sha256 -> sha256) - hash_algorithm = scheme.split("-")[-1] - return digest(hash_algorithm, hash_library) diff --git a/tests/test_hash.py b/tests/test_hash.py index b69a1947..fa91e2ae 100755 --- a/tests/test_hash.py +++ b/tests/test_hash.py @@ -256,35 +256,6 @@ def _do_update_file_obj( # to always seek to the beginning. self.assertEqual(digest_object_truth.digest(), digest_object.digest()) - def test_digest_from_rsa_scheme(self): - self._run_with_all_hash_libraries( - self._do_get_digest_from_rsa_valid_schemes, "sha256" - ) - self._run_with_all_hash_libraries( - self._do_get_digest_from_rsa_non_valid_schemes, "sha256" - ) - - def _do_get_digest_from_rsa_valid_schemes(self, library, algorithm): - scheme = "rsassa-pss-sha256" - expected_digest_cls = type( - securesystemslib.hash.digest(algorithm, library) - ) - - self.assertIsInstance( - securesystemslib.hash.digest_from_rsa_scheme(scheme, library), - expected_digest_cls, - ) - - def _do_get_digest_from_rsa_non_valid_schemes( - self, library, algorithm - ): # pylint: disable=unused-argument - self.assertRaises( - securesystemslib.exceptions.FormatError, - securesystemslib.hash.digest_from_rsa_scheme, - "rsassa-pss-sha123", - library, - ) - def test_unsupported_digest_algorithm_and_library(self): self.assertRaises( securesystemslib.exceptions.UnsupportedAlgorithmError,