Skip to content

Commit

Permalink
Remove unused function and schema checks in hash
Browse files Browse the repository at this point in the history
The function "digest_from_rsa_scheme" doesn't seem to be used anywhere
(according to sourcegraph.com), not even in securesystemslib.signer,
where the same functionality is replicated several times (see secure-systems-lab#594).
  • Loading branch information
lukpueh committed Apr 9, 2024
1 parent 04da19f commit 07fd62d
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 97 deletions.
69 changes: 1 addition & 68 deletions securesystemslib/hash.py
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@

import hashlib

from securesystemslib import exceptions, formats
from securesystemslib import exceptions
from securesystemslib.storage import FilesystemBackend

DEFAULT_CHUNK_SIZE = 4096
Expand Down Expand Up @@ -145,9 +145,6 @@ def digest(algorithm=DEFAULT_HASH_ALGORITHM, hash_library=DEFAULT_HASH_LIBRARY):
The crypto library to use for the given hash algorithm (e.g., 'hashlib').
<Exceptions>
securesystemslib.exceptions.FormatError, if the arguments are
improperly formatted.
securesystemslib.exceptions.UnsupportedAlgorithmError, if an unsupported
hashing algorithm is specified, or digest could not be generated with given
the algorithm.
Expand All @@ -166,11 +163,6 @@ def digest(algorithm=DEFAULT_HASH_ALGORITHM, hash_library=DEFAULT_HASH_LIBRARY):
PycaDiggestWrapper object
"""

# Are the arguments properly formatted? If not, raise
# 'securesystemslib.exceptions.FormatError'.
formats.NAME_SCHEMA.check_match(algorithm)
formats.NAME_SCHEMA.check_match(hash_library)

# Was a hashlib digest object requested and is it supported?
# If so, return the digest object.
if hash_library == "hashlib" and hash_library in SUPPORTED_LIBRARIES:
Expand Down Expand Up @@ -260,12 +252,6 @@ def digest_fileobject(
hashlib.new(algorithm) or
PycaDiggestWrapper object
"""

# Are the arguments properly formatted? If not, raise
# 'securesystemslib.exceptions.FormatError'.
formats.NAME_SCHEMA.check_match(algorithm)
formats.NAME_SCHEMA.check_match(hash_library)

# Digest object returned whose hash will be updated using 'file_object'.
# digest() raises:
# securesystemslib.exceptions.UnsupportedAlgorithmError
Expand Down Expand Up @@ -340,9 +326,6 @@ def digest_filename(
passed a FilesystemBackend will be instantiated and used.
<Exceptions>
securesystemslib.exceptions.FormatError, if the arguments are
improperly formatted.
securesystemslib.exceptions.UnsupportedAlgorithmError, if the given
'algorithm' is unsupported.
Expand All @@ -361,12 +344,6 @@ def digest_filename(
hashlib.new(algorithm) or
PycaDiggestWrapper object
"""
# Are the arguments properly formatted? If not, raise
# 'securesystemslib.exceptions.FormatError'.
formats.PATH_SCHEMA.check_match(filename)
formats.NAME_SCHEMA.check_match(algorithm)
formats.NAME_SCHEMA.check_match(hash_library)

digest_object = None

if storage_backend is None:
Expand All @@ -383,47 +360,3 @@ def digest_filename(
)

return digest_object


def digest_from_rsa_scheme(scheme, hash_library=DEFAULT_HASH_LIBRARY):
"""
<Purpose>
Get digest object from RSA scheme.
<Arguments>
scheme:
A string that indicates the signature scheme used to generate
'signature'.
hash_library:
The crypto library to use for the given hash algorithm (e.g., 'hashlib').
<Exceptions>
securesystemslib.exceptions.FormatError, if the arguments are
improperly formatted.
securesystemslib.exceptions.UnsupportedAlgorithmError, if an unsupported
hashing algorithm is specified, or digest could not be generated with given
the algorithm.
securesystemslib.exceptions.UnsupportedLibraryError, if an unsupported
library was requested via 'hash_library'.
<Side Effects>
None.
<Returns>
Digest object
e.g.
hashlib.new(algorithm) or
PycaDiggestWrapper object
"""
# Are the arguments properly formatted? If not, raise
# 'securesystemslib.exceptions.FormatError'.
formats.RSA_SCHEME_SCHEMA.check_match(scheme)

# Get hash algorithm from rsa scheme (hash algorithm id is specified after
# the last dash; e.g. rsassa-pss-sha256 -> sha256)
hash_algorithm = scheme.split("-")[-1]
return digest(hash_algorithm, hash_library)
29 changes: 0 additions & 29 deletions tests/test_hash.py
Original file line number Diff line number Diff line change
Expand Up @@ -256,35 +256,6 @@ def _do_update_file_obj(
# to always seek to the beginning.
self.assertEqual(digest_object_truth.digest(), digest_object.digest())

def test_digest_from_rsa_scheme(self):
self._run_with_all_hash_libraries(
self._do_get_digest_from_rsa_valid_schemes, "sha256"
)
self._run_with_all_hash_libraries(
self._do_get_digest_from_rsa_non_valid_schemes, "sha256"
)

def _do_get_digest_from_rsa_valid_schemes(self, library, algorithm):
scheme = "rsassa-pss-sha256"
expected_digest_cls = type(
securesystemslib.hash.digest(algorithm, library)
)

self.assertIsInstance(
securesystemslib.hash.digest_from_rsa_scheme(scheme, library),
expected_digest_cls,
)

def _do_get_digest_from_rsa_non_valid_schemes(
self, library, algorithm
): # pylint: disable=unused-argument
self.assertRaises(
securesystemslib.exceptions.FormatError,
securesystemslib.hash.digest_from_rsa_scheme,
"rsassa-pss-sha123",
library,
)

def test_unsupported_digest_algorithm_and_library(self):
self.assertRaises(
securesystemslib.exceptions.UnsupportedAlgorithmError,
Expand Down

0 comments on commit 07fd62d

Please sign in to comment.