Move signature base64 encoding to Envelope

Moves signature base64 encoding from helper functions to Envelope,
as it will make the API smaller and base64 encoded signature
aren't rqeuired anywhere else.

Now, DSSE Envelope create base64 encoded signature on dict
conversion.

Signed-off-by: Pradyumna Krishna <[email protected]>

Author: PradyumnaKrishna

securesystemslib/dsse.py

@@ -58,22 +58,26 @@ def from_dict(cls, data: dict) -> "Envelope":
         payload = b64dec(data["payload"])
         payload_type = data["payloadType"]
 
-        signatures = [
-            Signature.from_base64_dict(signature)
-            for signature in data["signatures"]
-        ]
+        signatures = []
+        for signature in data["signatures"]:
+            signature["sig"] = b64dec(signature["sig"]).decode("utf-8")
+            signatures.append(Signature.from_dict(signature))
 
         return cls(payload, payload_type, signatures)
 
     def to_dict(self) -> dict:
         """Returns the JSON-serializable dictionary representation of self."""
 
+        signatures = []
+        for signature in self.signatures:
+            sig_dict = signature.to_dict()
+            sig_dict["sig"] = b64enc(sig_dict["sig"].encode("utf-8"))
+            signatures.append(sig_dict)
+
         return {
             "payload": b64enc(self.payload),
             "payloadType": self.payload_type,
-            "signatures": [
-                signature.to_base64_dict() for signature in self.signatures
-            ],
+            "signatures": signatures,
         }
 
     def pae(self) -> bytes:

securesystemslib/signer/_signature.py

@@ -3,8 +3,6 @@
 import logging
 from typing import Any, Dict, Optional
 
-from securesystemslib._internal.utils import b64dec, b64enc
-
 logger = logging.getLogger(__name__)
 
 
@@ -49,31 +47,6 @@ def __eq__(self, other: Any) -> bool:
             and self.unrecognized_fields == other.unrecognized_fields
         )
 
-    @classmethod
-    def from_base64_dict(cls, signature_dict: Dict) -> "Signature":
-        """Creates a Signature object from its JSON/dict representation
-        containing base64 encoded signature.
-
-        Arguments:
-            signature_dict:
-                A dict containing a valid keyid and a signature.
-                Note that the fields in it should be named "keyid" and "sig"
-                respectively.
-
-        Raises:
-            KeyError: If any of the "keyid" and "sig" fields are missing from
-                the signature_dict.
-
-        Side Effect:
-            Destroys the metadata dict passed by reference.
-
-        Returns:
-            A "Signature" instance.
-        """
-
-        signature_dict["sig"] = b64dec(signature_dict["sig"]).decode("utf-8")
-        return cls.from_dict(signature_dict)
-
     @classmethod
     def from_dict(cls, signature_dict: Dict) -> "Signature":
         """Creates a Signature object from its JSON/dict representation.
@@ -108,13 +81,3 @@ def to_dict(self) -> Dict:
             "sig": self.signature,
             **self.unrecognized_fields,
         }
-
-    def to_base64_dict(self) -> Dict:
-        """Returns the JSON-serializable dictionary representation of self
-        containing base64 encoded signature."""
-
-        return {
-            "keyid": self.keyid,
-            "sig": b64enc(self.signature.encode("utf-8")),
-            **self.unrecognized_fields,
-        }

tests/test_signer.py

@@ -453,15 +453,6 @@ def test_signature_from_to_dict(self):
 
         self.assertDictEqual(signature_dict, sig_obj.to_dict())
 
-    def test_signature_from_to_base64_dict(self):
-        signature_dict = {
-            "sig": "MzA0NjAyMjEwMDkzNDJlNDU2NjUyOGZjZWNmNmE3YTVkNTNlYmFjZGIxZGYxNTFlMjQyZjU1Zjg3NzU4ODM0NjljYjAxZGJjNjYwMjIxMDA4NmI0MjZjYzgyNjcwOWFjZmEyYzNmOTIxNDYxMGNiMGE4MzJkYjk0YmJkMjY2ZmQ3YzU5MzlhNDgwNjRhODUx",
-            "keyid": "11fa391a0ed7a447cbfeb4b2667e286fc248f64d5e6d0eeed2e5e23f97f9f714",
-        }
-        sig_obj = Signature.from_base64_dict(copy.copy(signature_dict))
-
-        self.assertDictEqual(signature_dict, sig_obj.to_base64_dict())
-
     def test_signature_eq_(self):
         signature_dict = {
             "sig": "30460221009342e4566528fcecf6a7a5d53ebacdb1df151e242f55f8775883469cb01dbc6602210086b426cc826709acfa2c3f9214610cb0a832db94bbd266fd7c5939a48064a851",