Relocate algorithms to own module

kislyuk · kislyuk · commit 6f20503c9950 · 2022-11-05T23:04:09.000-07:00
diff --git a/signxml/__init__.py b/signxml/__init__.py
@@ -14,17 +14,18 @@
 from OpenSSL.crypto import dump_certificate, load_certificate
 from OpenSSL.crypto import verify as openssl_verify
 
+from .algorithms import XMLSecurityDigestAlgorithm as digest_algorithms
+from .algorithms import XMLSecuritySignatureMethod as signature_methods
+from .algorithms import XMLSignatureMethods as methods
+from .algorithms import digest_algorithm_implementations
 from .exceptions import InvalidCertificate, InvalidDigest, InvalidInput, InvalidSignature  # noqa
-from .util import SigningSettings, XMLProcessor
-from .util import XMLSecurityDigestAlgorithm as digest_algorithms
-from .util import XMLSecuritySignatureMethod as signature_methods
-from .util import XMLSignatureMethods as methods
 from .util import (
+    SigningSettings,
+    XMLProcessor,
     _remove_sig,
     add_pem_header,
     bits_to_bytes_unit,
     bytes_to_long,
-    digest_algorithm_implementations,
     ds_tag,
     dsig11_tag,
     ec_tag,
diff --git a/signxml/util/__init__.py b/signxml/util/__init__.py
@@ -11,7 +11,6 @@
 import textwrap
 from base64 import b64decode, b64encode
 from dataclasses import dataclass
-from enum import Enum, auto
 from typing import Any, List, Optional
 from xml.etree import ElementTree as stdlibElementTree
 
@@ -24,108 +23,6 @@
 PEM_FOOTER = "-----END CERTIFICATE-----"
 
 
-class XMLSignatureMethods(Enum):
-    enveloped = auto()
-    enveloping = auto()
-    detached = auto()
-
-
-class FragmentLookupMixin:
-    @classmethod
-    def from_fragment(cls, fragment):
-        for i in cls:  # type: ignore
-            if i.value.endswith("#" + fragment):
-                return i
-        else:
-            raise InvalidInput(f"Unrecognized {cls.__name__} identifier fragment: {fragment}")
-
-
-class InvalidInputErrorMixin:
-    @classmethod
-    def _missing_(cls, value):
-        raise InvalidInput(f"Unrecognized {cls.__name__}: {value}")
-
-
-class XMLSecurityDigestAlgorithm(FragmentLookupMixin, InvalidInputErrorMixin, Enum):
-    SHA1 = "http://www.w3.org/2000/09/xmldsig#sha1"
-    SHA224 = "http://www.w3.org/2001/04/xmldsig-more#sha224"
-    SHA384 = "http://www.w3.org/2001/04/xmldsig-more#sha384"
-    SHA256 = "http://www.w3.org/2001/04/xmlenc#sha256"
-    SHA512 = "http://www.w3.org/2001/04/xmlenc#sha512"
-    SHA3_224 = "http://www.w3.org/2007/05/xmldsig-more#sha3-224"
-    SHA3_256 = "http://www.w3.org/2007/05/xmldsig-more#sha3-256"
-    SHA3_384 = "http://www.w3.org/2007/05/xmldsig-more#sha3-384"
-    SHA3_512 = "http://www.w3.org/2007/05/xmldsig-more#sha3-512"
-
-    @property
-    def implementation(self):
-        return digest_algorithm_implementations[self]
-
-
-# TODO: check if padding errors are fixed by using padding=MGF1
-class XMLSecuritySignatureMethod(FragmentLookupMixin, InvalidInputErrorMixin, Enum):
-    DSA_SHA1 = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"
-    HMAC_SHA1 = "http://www.w3.org/2000/09/xmldsig#hmac-sha1"
-    RSA_SHA1 = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
-    ECDSA_SHA1 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"
-    ECDSA_SHA224 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"
-    ECDSA_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"
-    ECDSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"
-    ECDSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"
-    HMAC_SHA224 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha224"
-    HMAC_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"
-    HMAC_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha384"
-    HMAC_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha512"
-    RSA_SHA224 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha224"
-    RSA_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
-    RSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"
-    RSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"
-    RSA_PSS = "http://www.w3.org/2007/05/xmldsig-more#rsa-pss"
-    DSA_SHA256 = "http://www.w3.org/2009/xmldsig11#dsa-sha256"
-    ECDSA_SHA3_224 = "http://www.w3.org/2021/04/xmldsig-more#ecdsa-sha3-224"
-    ECDSA_SHA3_256 = "http://www.w3.org/2021/04/xmldsig-more#ecdsa-sha3-256"
-    ECDSA_SHA3_384 = "http://www.w3.org/2021/04/xmldsig-more#ecdsa-sha3-384"
-    ECDSA_SHA3_512 = "http://www.w3.org/2021/04/xmldsig-more#ecdsa-sha3-512"
-    EDDSA_ED25519 = "http://www.w3.org/2021/04/xmldsig-more#eddsa-ed25519"
-    EDDSA_ED448 = "http://www.w3.org/2021/04/xmldsig-more#eddsa-ed448"
-
-
-digest_algorithm_implementations = {
-    XMLSecurityDigestAlgorithm.SHA1: hashes.SHA1,
-    XMLSecurityDigestAlgorithm.SHA224: hashes.SHA224,
-    XMLSecurityDigestAlgorithm.SHA384: hashes.SHA384,
-    XMLSecurityDigestAlgorithm.SHA256: hashes.SHA256,
-    XMLSecurityDigestAlgorithm.SHA512: hashes.SHA512,
-    XMLSecurityDigestAlgorithm.SHA3_224: hashes.SHA3_224,
-    XMLSecurityDigestAlgorithm.SHA3_256: hashes.SHA3_256,
-    XMLSecurityDigestAlgorithm.SHA3_384: hashes.SHA3_384,
-    XMLSecurityDigestAlgorithm.SHA3_512: hashes.SHA3_512,
-    XMLSecuritySignatureMethod.DSA_SHA1: hashes.SHA1,
-    XMLSecuritySignatureMethod.HMAC_SHA1: hashes.SHA1,
-    XMLSecuritySignatureMethod.RSA_SHA1: hashes.SHA1,
-    XMLSecuritySignatureMethod.ECDSA_SHA1: hashes.SHA1,
-    XMLSecuritySignatureMethod.ECDSA_SHA224: hashes.SHA224,
-    XMLSecuritySignatureMethod.ECDSA_SHA256: hashes.SHA256,
-    XMLSecuritySignatureMethod.ECDSA_SHA384: hashes.SHA384,
-    XMLSecuritySignatureMethod.ECDSA_SHA512: hashes.SHA512,
-    XMLSecuritySignatureMethod.HMAC_SHA224: hashes.SHA224,
-    XMLSecuritySignatureMethod.HMAC_SHA256: hashes.SHA256,
-    XMLSecuritySignatureMethod.HMAC_SHA384: hashes.SHA384,
-    XMLSecuritySignatureMethod.HMAC_SHA512: hashes.SHA512,
-    XMLSecuritySignatureMethod.RSA_SHA224: hashes.SHA224,
-    XMLSecuritySignatureMethod.RSA_SHA256: hashes.SHA256,
-    XMLSecuritySignatureMethod.RSA_SHA384: hashes.SHA384,
-    XMLSecuritySignatureMethod.RSA_SHA512: hashes.SHA512,
-    XMLSecuritySignatureMethod.DSA_SHA256: hashes.SHA256,
-    XMLSecuritySignatureMethod.ECDSA_SHA3_224: hashes.SHA1,
-    XMLSecuritySignatureMethod.ECDSA_SHA3_256: hashes.SHA1,
-    XMLSecuritySignatureMethod.ECDSA_SHA3_384: hashes.SHA1,
-    XMLSecuritySignatureMethod.ECDSA_SHA3_512: hashes.SHA1,
-    XMLSecuritySignatureMethod.EDDSA_ED25519: hashes.SHA512,
-    XMLSecuritySignatureMethod.EDDSA_ED448: hashes.SHAKE256,
-}
-
-
 class Namespace(dict):
     def __getattr__(self, a):
         return dict.__getitem__(self, a)
diff --git a/signxml/xades/__init__.py b/signxml/xades/__init__.py
@@ -50,10 +50,9 @@
 from OpenSSL.crypto import FILETYPE_ASN1, FILETYPE_PEM, X509, dump_certificate, load_certificate
 
 from .. import VerifyResult, XMLSignatureProcessor, XMLSigner, XMLVerifier
+from ..algorithms import XMLSecurityDigestAlgorithm as digest_algorithms
 from ..exceptions import InvalidDigest, InvalidInput
-from ..util import SigningSettings
-from ..util import XMLSecurityDigestAlgorithm as digest_algorithms
-from ..util import add_pem_header, ds_tag, namespaces, xades_tag
+from ..util import SigningSettings, add_pem_header, ds_tag, namespaces, xades_tag
 
 # TODO: make this a dataclass
 default_data_object_format = {"Description": "Default XAdES payload description", "MimeType": "text/xml"}
