1360623 - expose hash algorithm constants in pykey.py so callers don't have to pick between "sha256" and "SHA-256"

Status: RESOLVED FIXED

(Core :: Security: PSM, enhancement, P1)

Description

[Dana Keeler (she/her) (use needinfo) [:keeler]]

For signing, pykey.py delegates to 3rd party libraries. One of these libraries expects hash algorithms to be specified in the form "SHA-256" whereas the other expects "sha256". Consumers of pykey shouldn't need to be aware of this detail. One thing we can do is expose constants that callers can use and then have pykey use the appropriate string.

Comment 1

[Dana Keeler (she/her) (use needinfo) [:keeler]]

Attachment: bug 1360623 - add hash algorithm constants to pykey for easier consumer use

For signing, pykey.py delegates to 3rd party libraries. One of these libraries
expects hash algorithms to be specified in the form "SHA-256" whereas the other
expects "sha256". Consumers of pykey shouldn't need to be aware of this detail.
This patch introduces constants HASH_SHA1, HASH_SHA256, etc. and changes pykey
to determine which string literals to use itself.

Review commit: https://reviewboard.mozilla.org/r/134818/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/134818/

Comment 2

[J.C. Jones [:jcj] (he/they)]

Comment on attachment 8862954 [details]
bug 1360623 - add hash algorithm constants to pykey for easier consumer use

https://reviewboard.mozilla.org/r/134818/#review137770

Comment 3

[Pulsebot]

Pushed by dkeeler@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/df41759ab4d3
add hash algorithm constants to pykey for easier consumer use r=jcj

Comment 4

[Wes Kocher (:KWierso) (Not reading bugmail; email directly if needed)]

https://hg.mozilla.org/mozilla-central/rev/df41759ab4d3