Drop legacy signature verification code (DO NOT MERGE!)

IMPORTANT NOTE:

- This is a massive breaking change, which I suggest to hold off for
  1.0.0, after the keys refactor is finished.
- The commit is mostly to visualize how much more lightweight the new
  implementation is.
- It might be worth to skim the removed tests, if we are removing any
  interesting cases that we should port to test_signer.
- python-tuf should not be affected, because it already uses the signer API
- in-toto definitely is (see in-toto/in-toto#532)

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>

README.rst

@@ -181,29 +181,6 @@ cryptographic operations.
     >>> signature = create_signature(ecdsa_key, data)
 
 
-Verify ECDSA, Ed25519, and RSA Signatures
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-::
-
-    # Continuing from the previous sections . . .
-
-    >>> data = b'The quick brown fox jumps over the lazy dog'
-    >>> ed25519_key = generate_ed25519_key()
-    >>> signature = create_signature(ed25519_key, data)
-    >>> verify_signature(ed25519_key, signature, data)
-    True
-    >>> verify_signature(ed25519_key, signature, 'bad_data')
-    False
-    >>> rsa_key = generate_rsa_key()
-    >>> signature = create_signature(rsa_key, data)
-    >>> verify_signature(rsa_key, signature, data)
-    True
-    >>> ecdsa_key = generate_ecdsa_key()
-    >>> signature = create_signature(ecdsa_key, data)
-    >>> verify_signature(ecdsa_key, signature, data)
-    True
-
 
 Miscellaneous functions
 ~~~~~~~~~~~~~~~~~~~~~~~

securesystemslib/ecdsa_keys.py

@@ -22,8 +22,8 @@
   'securesystemslib.ecdsa_keys.py' calls the 'cryptography' library to perform
   all of the ecdsa-related operations.
 
-  The ecdsa-related functions included here are generate(), create_signature()
-  and verify_signature().  The 'cryptography' library is used by ecdsa_keys.py
+  The ecdsa-related functions included here are generate() and create_signature().
+  The 'cryptography' library is used by ecdsa_keys.py
   to perform the actual ECDSA computations, and the functions listed above can
   be viewed as an easy-to-use public interface.
  """
@@ -34,13 +34,12 @@
 CRYPTO = True
 NO_CRYPTO_MSG = "ECDSA key support requires the cryptography library"
 try:
-    from cryptography.exceptions import InvalidSignature, UnsupportedAlgorithm
+    from cryptography.exceptions import UnsupportedAlgorithm
     from cryptography.hazmat.backends import default_backend
     from cryptography.hazmat.primitives import hashes, serialization
     from cryptography.hazmat.primitives.asymmetric import ec
     from cryptography.hazmat.primitives.serialization import (
         load_pem_private_key,
-        load_pem_public_key,
     )
 
     _SCHEME_HASHER = {
@@ -260,89 +259,6 @@ def create_signature(
     return signature, scheme
 
 
-def verify_signature(public_key, scheme, signature, data):
-    """
-    <Purpose>
-      Verify that 'signature' was produced by the private key associated with
-      'public_key'.
-
-      >>> scheme = 'ecdsa-sha2-nistp256'
-      >>> public, private = generate_public_and_private(scheme)
-      >>> data = b'The quick brown fox jumps over the lazy dog'
-      >>> signature, scheme = create_signature(public, private, data, scheme)
-      >>> verify_signature(public, scheme, signature, data)
-      True
-      >>> verify_signature(public, scheme, signature, b'bad data')
-      False
-
-    <Arguments>
-      public_key:
-        The ECDSA public key in PEM format.  The public key is needed to verify
-        'signature'.
-
-      scheme:
-        The signature scheme used to generate 'signature'.  For example:
-        'ecdsa-sha2-nistp256'.
-
-      signature:
-        The signature to be verified, which should have been generated by
-        the private key associated with 'public_key'.  'data'.
-
-      data:
-        Byte data that was used by create_signature() to generate 'signature'.
-
-    <Exceptions>
-      securesystemslib.exceptions.FormatError, if any of the arguments are
-      improperly formatted.
-
-      securesystemslib.exceptions.UnsupportedAlgorithmError, if 'scheme' is
-      not one of the supported signature schemes.
-
-      securesystemslib.exceptions.UnsupportedLibraryError, if the cryptography
-      module is not available.
-
-    <Side Effects>
-      None.
-
-    <Returns>
-      Boolean, indicating whether the 'signature' of data was generated by
-      the private key associated with 'public_key'.
-    """
-
-    if not CRYPTO:  # pragma: no cover
-        raise exceptions.UnsupportedLibraryError(NO_CRYPTO_MSG)
-
-    # Are the arguments properly formatted?
-    # If not, raise 'securesystemslib.exceptions.FormatError'.
-    formats.PEMECDSA_SCHEMA.check_match(public_key)
-    formats.ECDSA_SCHEME_SCHEMA.check_match(scheme)
-    formats.ECDSASIGNATURE_SCHEMA.check_match(signature)
-
-    try:
-        ecdsa_key = load_pem_public_key(
-            public_key.encode("utf-8"), backend=default_backend()
-        )
-    except ValueError as e:
-        raise exceptions.FormatError(
-            f"Failed to load PEM key {public_key}"
-        ) from e
-
-    if not isinstance(ecdsa_key, ec.EllipticCurvePublicKey):
-        raise exceptions.FormatError(
-            "Invalid ECDSA public" " key: " + repr(public_key)
-        )
-    logger.debug("Loaded a valid ECDSA public key.")
-
-    # verify() raises an 'InvalidSignature' exception if 'signature'
-    # is invalid.
-    try:
-        ecdsa_key.verify(signature, data, _SCHEME_HASHER[scheme])
-        return True
-
-    except (TypeError, InvalidSignature):
-        return False
-
-
 def create_ecdsa_public_and_private_from_pem(pem, password=None):
     """
     <Purpose>

securesystemslib/ed25519_keys.py

@@ -37,8 +37,8 @@
   http://nacl.cr.yp.to/
   https://github.com/pyca/ed25519
 
-  The ed25519-related functions included here are generate(), create_signature()
-  and verify_signature().  The 'ed25519' and PyNaCl (i.e., 'nacl') modules used
+  The ed25519-related functions included here are generate() and create_signature().
+  The 'ed25519' and PyNaCl (i.e., 'nacl') modules used
   by ed25519_keys.py perform the actual ed25519 computations and the functions
   listed above can be viewed as an easy-to-use public interface.
  """
@@ -67,18 +67,13 @@
     # avoid conflicts with own exceptions of same name
     from nacl import exceptions as nacl_exceptions
     from nacl.encoding import RawEncoder
-    from nacl.signing import SigningKey, VerifyKey
+    from nacl.signing import SigningKey
 except ImportError:
     NACL = False
 
 # pylint: disable=wrong-import-position
 from securesystemslib import exceptions, formats
 
-# The optimized pure Python implementation of Ed25519.  If
-# PyNaCl cannot be imported and an attempt to use is made in this module, a
-# 'securesystemslib.exceptions.UnsupportedLibraryError' exception is raised.
-from securesystemslib._vendor.ed25519 import ed25519 as python_ed25519
-
 # pylint: enable=wrong-import-position
 
 # Supported ed25519 signing schemes: 'ed25519'.  The pure Python implementation
@@ -248,112 +243,6 @@ def create_signature(public_key, private_key, data, scheme):
     return signature, scheme
 
 
-def verify_signature(public_key, scheme, signature, data):
-    """
-  <Purpose>
-    Determine whether the private key corresponding to 'public_key' produced
-    'signature'.  verify_signature() will use the public key, the 'scheme' and
-    'sig', and 'data' arguments to complete the verification.
-
-    >>> public, private = generate_public_and_private()
-    >>> data = b'The quick brown fox jumps over the lazy dog'
-    >>> scheme = 'ed25519'
-    >>> signature, scheme = \
-        create_signature(public, private, data, scheme)
-    >>> verify_signature(public, scheme, signature, data)
-    True
-    >>> bad_data = b'The sly brown fox jumps over the lazy dog'
-    >>> bad_signature, scheme = \
-        create_signature(public, private, bad_data, scheme)
-    >>> verify_signature(public, scheme, bad_signature, data)
-    False
-
-  <Arguments>
-    public_key:
-      The public key is a 32-byte string.
-
-    scheme:
-      'ed25519' signature scheme used by either the pure python
-      implementation (i.e., ed25519.py) or PyNacl (i.e., 'nacl').
-
-    signature:
-      The signature is a 64-byte string.
-
-    data:
-      Data object used by securesystemslib.ed25519_keys.create_signature() to
-      generate 'signature'.  'data' is needed here to verify the signature.
-
-  <Exceptions>
-    securesystemslib.exceptions.UnsupportedAlgorithmError.  Raised if the
-    signature scheme 'scheme' is not one supported by
-    securesystemslib.ed25519_keys.create_signature().
-
-    securesystemslib.exceptions.FormatError. Raised if the arguments are
-    improperly formatted.
-
-  <Side Effects>
-    nacl.signing.VerifyKey.verify() called if available, otherwise
-    securesystemslib._vendor.ed25519.ed25519.checkvalid() called to do the
-    verification.
-
-  <Returns>
-    Boolean.  True if the signature is valid, False otherwise.
-  """
-
-    # Does 'public_key' have the correct format?
-    # This check will ensure 'public_key' conforms to
-    # 'securesystemslib.formats.ED25519PUBLIC_SCHEMA', which must have length 32
-    # bytes.  Raise 'securesystemslib.exceptions.FormatError' if the check fails.
-    formats.ED25519PUBLIC_SCHEMA.check_match(public_key)
-
-    # Is 'scheme' properly formatted?
-    formats.ED25519_SIG_SCHEMA.check_match(scheme)
-
-    # Is 'signature' properly formatted?
-    formats.ED25519SIGNATURE_SCHEMA.check_match(signature)
-
-    # Verify 'signature'.  Before returning the Boolean result, ensure 'ed25519'
-    # was used as the signature scheme.
-    public = public_key
-    valid_signature = False
-
-    if scheme in _SUPPORTED_ED25519_SIGNING_SCHEMES:
-        if NACL:
-            try:
-                nacl_verify_key = VerifyKey(public)
-                nacl_verify_key.verify(data, signature)
-                valid_signature = True
-
-            except nacl_exceptions.BadSignatureError:
-                pass
-
-        # Verify 'ed25519' signature with the pure Python implementation.
-        else:
-            try:
-                python_ed25519.checkvalid(signature, data, public)
-                valid_signature = True
-
-            # The pure Python implementation raises 'Exception' if 'signature' is
-            # invalid.
-            except Exception:  # pylint: disable=broad-except  # nosec
-                pass
-
-    # This is a defensive check for a valid 'scheme', which should have already
-    # been validated in the ED25519_SIG_SCHEMA.check_match(scheme) above.
-    else:  # pragma: no cover
-        message = (
-            "Unsupported ed25519 signature scheme: "
-            + repr(scheme)
-            + ".\n"
-            + "Supported schemes: "
-            + repr(_SUPPORTED_ED25519_SIGNING_SCHEMES)
-            + "."
-        )
-        raise exceptions.UnsupportedAlgorithmError(message)
-
-    return valid_signature
-
-
 if __name__ == "__main__":
     # The interactive sessions of the documentation strings can
     # be tested by running 'ed25519_keys.py' as a standalone module.