signer API: Move dispatch table population to init

This does not change API but makes it easier to implement Signers/Keys
in multiple files.

Author: jku

securesystemslib/signer/__init__.py

@@ -13,3 +13,35 @@
     Signer,
     SSlibSigner,
 )
+
+# Register supported private key uri schemes and the Signers implementing them
+SIGNER_FOR_URI_SCHEME.update(
+    {
+        SSlibSigner.ENVVAR_URI_SCHEME: SSlibSigner,
+        SSlibSigner.FILE_URI_SCHEME: SSlibSigner,
+    }
+)
+
+# Register supported key types and schemes, and the Keys implementing them
+KEY_FOR_TYPE_AND_SCHEME.update(
+    {
+        ("ecdsa", "ecdsa-sha2-nistp256"): SSlibKey,
+        ("ecdsa", "ecdsa-sha2-nistp384"): SSlibKey,
+        ("ecdsa-sha2-nistp256", "ecdsa-sha2-nistp256"): SSlibKey,
+        ("ecdsa-sha2-nistp384", "ecdsa-sha2-nistp384"): SSlibKey,
+        ("ed25519", "ed25519"): SSlibKey,
+        ("rsa", "rsassa-pss-md5"): SSlibKey,
+        ("rsa", "rsassa-pss-sha1"): SSlibKey,
+        ("rsa", "rsassa-pss-sha224"): SSlibKey,
+        ("rsa", "rsassa-pss-sha256"): SSlibKey,
+        ("rsa", "rsassa-pss-sha384"): SSlibKey,
+        ("rsa", "rsassa-pss-sha512"): SSlibKey,
+        ("rsa", "rsa-pkcs1v15-md5"): SSlibKey,
+        ("rsa", "rsa-pkcs1v15-sha1"): SSlibKey,
+        ("rsa", "rsa-pkcs1v15-sha224"): SSlibKey,
+        ("rsa", "rsa-pkcs1v15-sha256"): SSlibKey,
+        ("rsa", "rsa-pkcs1v15-sha384"): SSlibKey,
+        ("rsa", "rsa-pkcs1v15-sha512"): SSlibKey,
+        ("sphincs", "sphincs-shake-128s"): SSlibKey,
+    }
+)

securesystemslib/signer/_key.py

@@ -9,9 +9,8 @@
 
 logger = logging.getLogger(__name__)
 
-# NOTE dict for Key dispatch defined here, but filled at end of file when
-# subclass definitions are available. Users can add Key implementations.
-
+# NOTE Key dispatch table is defined here so it's usable by Key,
+# but is populated in __init__.py (and can be appended by users).
 KEY_FOR_TYPE_AND_SCHEME: Dict[Tuple[str, str], Type] = {}
 
 
@@ -181,26 +180,3 @@ def verify_signature(self, signature: Signature, data: bytes) -> None:
             raise exceptions.VerificationError(
                 f"Unknown failure to verify signature by {self.keyid}"
             ) from e
-
-
-# Supported key types and schemes, and the Keys implementing them
-KEY_FOR_TYPE_AND_SCHEME = {
-    ("ecdsa", "ecdsa-sha2-nistp256"): SSlibKey,
-    ("ecdsa", "ecdsa-sha2-nistp384"): SSlibKey,
-    ("ecdsa-sha2-nistp256", "ecdsa-sha2-nistp256"): SSlibKey,
-    ("ecdsa-sha2-nistp384", "ecdsa-sha2-nistp384"): SSlibKey,
-    ("ed25519", "ed25519"): SSlibKey,
-    ("rsa", "rsassa-pss-md5"): SSlibKey,
-    ("rsa", "rsassa-pss-sha1"): SSlibKey,
-    ("rsa", "rsassa-pss-sha224"): SSlibKey,
-    ("rsa", "rsassa-pss-sha256"): SSlibKey,
-    ("rsa", "rsassa-pss-sha384"): SSlibKey,
-    ("rsa", "rsassa-pss-sha512"): SSlibKey,
-    ("rsa", "rsa-pkcs1v15-md5"): SSlibKey,
-    ("rsa", "rsa-pkcs1v15-sha1"): SSlibKey,
-    ("rsa", "rsa-pkcs1v15-sha224"): SSlibKey,
-    ("rsa", "rsa-pkcs1v15-sha256"): SSlibKey,
-    ("rsa", "rsa-pkcs1v15-sha384"): SSlibKey,
-    ("rsa", "rsa-pkcs1v15-sha512"): SSlibKey,
-    ("sphincs", "sphincs-shake-128s"): SSlibKey,
-}

securesystemslib/signer/_signer.py

@@ -13,8 +13,8 @@
 
 logger = logging.getLogger(__name__)
 
-# NOTE dict for Signer dispatch defined here, but filled at end of file when
-# subclass definitions are available. Users can add Signer implementations.
+# NOTE Signer dispatch table is defined here so it's usable by Signer,
+# but is populated in __init__.py (and can be appended by users).
 SIGNER_FOR_URI_SCHEME: Dict[str, Type] = {}
 
 
@@ -273,10 +273,3 @@ def sign(self, payload: bytes) -> GPGSignature:
 
         sig_dict = gpg.create_signature(payload, self.keyid, self.homedir)
         return GPGSignature(**sig_dict)
-
-
-# Supported private key uri schemes and the Signers implementing them
-SIGNER_FOR_URI_SCHEME = {
-    SSlibSigner.ENVVAR_URI_SCHEME: SSlibSigner,
-    SSlibSigner.FILE_URI_SCHEME: SSlibSigner,
-}