fix!: rename JWS and JWE Algorithm model class names to prevent name conflicts

lepture · lepture · commit a8a95b3d4bf2 · 2025-07-21T11:38:38.000+09:00
diff --git a/src/joserfc/_rfc7518/jwe_algs.py b/src/joserfc/_rfc7518/jwe_algs.py
@@ -34,7 +34,7 @@
 )
 
 
-class DirectAlgModel(JWEDirectEncryption):
+class DirectAlgEncryption(JWEDirectEncryption):
     name = "dir"
     description = "Direct use of a shared symmetric key"
     recommended = True
@@ -49,7 +49,7 @@ def compute_cek(self, size: int, recipient: Recipient[OctKey]) -> bytes:
         return cek
 
 
-class RSAAlgModel(JWEKeyEncryption):
+class RSAAlgKeyEncryption(JWEKeyEncryption):
     #: A key of size 2048 bits or larger MUST be used with these algorithms
     #: RSA1_5, RSA-OAEP, RSA-OAEP-256
     key_size = 2048
@@ -83,7 +83,7 @@ def decrypt_cek(self, recipient: Recipient[RSAKey]) -> bytes:
         return cek
 
 
-class AESAlgModel(JWEKeyWrapping):
+class AESAlgKeyWrapping(JWEKeyWrapping):
     def __init__(self, key_size: int, recommended: bool = False):
         self.name = f"A{key_size}KW"
         self.description = f"AES Key Wrap using {key_size}-bit key"
@@ -118,7 +118,7 @@ def decrypt_cek(self, recipient: Recipient[OctKey]) -> bytes:
         return self.unwrap_cek(recipient.encrypted_key, op_key)
 
 
-class AESGCMAlgModel(JWEKeyWrapping):
+class AESGCMAlgKeyWrapping(JWEKeyWrapping):
     more_header_registry = {
         "iv": HeaderParameter("Initialization vector", "str", True),
         "tag": HeaderParameter("Authentication tag", "str", True),
@@ -179,7 +179,7 @@ def decrypt_cek(self, recipient: Recipient[OctKey]) -> bytes:
         return cek
 
 
-class ECDHESAlgModel(JWEKeyAgreement):
+class ECDHESAlgKeyAgreement(JWEKeyAgreement):
     key_types = ["EC", "OKP"]
     more_header_registry = {
         "epk": HeaderParameter("Ephemeral Public Key", "jwk", True),
@@ -225,7 +225,7 @@ def decrypt_agreed_upon_key(self, enc: JWEEncModel, recipient: Recipient[ECKey])
         return derive_key_for_concat_kdf(shared_key, headers, enc.cek_size, self.key_size)
 
 
-class PBES2HSAlgModel(JWEKeyEncryption):
+class PBES2HSAlgKeyEncryption(JWEKeyEncryption):
     # https://www.rfc-editor.org/rfc/rfc7518#section-4.8
     key_size: int
     more_header_registry = {
@@ -293,40 +293,47 @@ def decrypt_cek(self, recipient: Recipient[OctKey]) -> bytes:
         return self.key_wrapping.unwrap_cek(recipient.encrypted_key, kek)
 
 
-RSA1_5 = RSAAlgModel("RSA1_5", "RSAES-PKCS1-v1_5", padding.PKCS1v15())
+RSA1_5 = RSAAlgKeyEncryption("RSA1_5", "RSAES-PKCS1-v1_5", padding.PKCS1v15())
 RSA1_5.security_warning = 'JWE algorithm "RSA1_5" is deprecated, via draft-ietf-jose-deprecate-none-rsa15-02'
 
-A128KW = AESAlgModel(128, True)  # A128KW, Recommended
-A192KW = AESAlgModel(192)  # A192KW
-A256KW = AESAlgModel(256, True)  # A256KW, Recommended
+A128KW = AESAlgKeyWrapping(128, True)  # A128KW, Recommended
+A192KW = AESAlgKeyWrapping(192)  # A192KW
+A256KW = AESAlgKeyWrapping(256, True)  # A256KW, Recommended
 
 
 #: https://www.rfc-editor.org/rfc/rfc7518#section-4.1
 JWE_ALG_MODELS: list[JWEAlgModel] = [
     RSA1_5,
-    RSAAlgModel(
+    RSAAlgKeyEncryption(
         "RSA-OAEP",
         "RSAES OAEP using default parameters",
         padding.OAEP(padding.MGF1(hashes.SHA1()), hashes.SHA1(), None),
         True,
     ),  # Recommended+
-    RSAAlgModel(
+    RSAAlgKeyEncryption(
         "RSA-OAEP-256",
         "RSAES OAEP using SHA-256 and MGF1 with SHA-256",
         padding.OAEP(padding.MGF1(hashes.SHA256()), hashes.SHA256(), None),
     ),
     A128KW,
     A192KW,
     A256KW,
-    DirectAlgModel(),  # dir, Recommended
-    ECDHESAlgModel(None),  # ECDH-ES, Recommended+
-    ECDHESAlgModel(A128KW),  # ECDH-ES+A128KW, Recommended
-    ECDHESAlgModel(A192KW),  # ECDH-ES+A192KW
-    ECDHESAlgModel(A256KW),  # ECDH-ES+A256KW, Recommended
-    AESGCMAlgModel(128),  # A128GCMKW
-    AESGCMAlgModel(192),  # A192GCMKW
-    AESGCMAlgModel(256),  # A256GCMKW
-    PBES2HSAlgModel(256, A128KW),  # PBES2-HS256+A128KW
-    PBES2HSAlgModel(384, A192KW),  # PBES2-HS384+A192KW
-    PBES2HSAlgModel(512, A256KW),  # PBES2-HS512+A256KW
+    DirectAlgEncryption(),  # dir, Recommended
+    ECDHESAlgKeyAgreement(None),  # ECDH-ES, Recommended+
+    ECDHESAlgKeyAgreement(A128KW),  # ECDH-ES+A128KW, Recommended
+    ECDHESAlgKeyAgreement(A192KW),  # ECDH-ES+A192KW
+    ECDHESAlgKeyAgreement(A256KW),  # ECDH-ES+A256KW, Recommended
+    AESGCMAlgKeyWrapping(128),  # A128GCMKW
+    AESGCMAlgKeyWrapping(192),  # A192GCMKW
+    AESGCMAlgKeyWrapping(256),  # A256GCMKW
+    PBES2HSAlgKeyEncryption(256, A128KW),  # PBES2-HS256+A128KW
+    PBES2HSAlgKeyEncryption(384, A192KW),  # PBES2-HS384+A192KW
+    PBES2HSAlgKeyEncryption(512, A256KW),  # PBES2-HS512+A256KW
 ]
+
+# compatible alias
+DirectAlgModel = DirectAlgEncryption
+AESAlgModel = AESAlgKeyWrapping
+ECDHESAlgModel = ECDHESAlgKeyAgreement
+AESGCMAlgModel = AESGCMAlgKeyWrapping
+PBES2HSAlgModel = PBES2HSAlgKeyEncryption
diff --git a/src/joserfc/_rfc7518/jws_algs.py b/src/joserfc/_rfc7518/jws_algs.py
@@ -27,7 +27,7 @@
 from .util import encode_int, decode_int
 
 
-class NoneAlgModel(JWSAlgModel):
+class NoneAlgorithm(JWSAlgModel):
     name = "none"
     description = "No digital signature or MAC performed"
     security_warning = 'JWS algorithm "none" is deprecated, via draft-ietf-jose-deprecate-none-rsa15-02'
@@ -39,7 +39,7 @@ def verify(self, msg: bytes, sig: bytes, key: t.Any) -> bool:
         return sig == b""
 
 
-class HMACAlgModel(JWSAlgModel):
+class HMACAlgorithm(JWSAlgModel):
     """HMAC using SHA algorithms for JWS. Available algorithms:
 
     - HS256: HMAC using SHA-256
@@ -68,7 +68,7 @@ def verify(self, msg: bytes, sig: bytes, key: OctKey) -> bool:
         return hmac.compare_digest(sig, v_sig)
 
 
-class RSAAlgModel(JWSAlgModel):
+class RSAAlgorithm(JWSAlgModel):
     """RSA using SHA algorithms for JWS. Available algorithms:
 
     - RS256: RSASSA-PKCS1-v1_5 using SHA-256
@@ -102,7 +102,7 @@ def verify(self, msg: bytes, sig: bytes, key: RSAKey) -> bool:
             return False
 
 
-class ECAlgModel(JWSAlgModel):
+class ECAlgorithm(JWSAlgModel):
     """ECDSA using SHA algorithms for JWS. Available algorithms:
 
     - ES256: ECDSA using P-256 and SHA-256
@@ -156,7 +156,7 @@ def verify(self, msg: bytes, sig: bytes, key: ECKey) -> bool:
             return False
 
 
-class RSAPSSAlgModel(JWSAlgModel):
+class RSAPSSAlgorithm(JWSAlgModel):
     """RSASSA-PSS using SHA algorithms for JWS. Available algorithms:
 
     - PS256: RSASSA-PSS using SHA-256 and MGF1 with SHA-256
@@ -190,17 +190,24 @@ def verify(self, msg: bytes, sig: bytes, key: RSAKey) -> bool:
 
 
 JWS_ALGORITHMS: list[JWSAlgModel] = [
-    NoneAlgModel(),  # none
-    HMACAlgModel(256, True),  # HS256
-    HMACAlgModel(384),  # HS384
-    HMACAlgModel(512),  # HS512
-    RSAAlgModel(256, True),  # RS256
-    RSAAlgModel(384),  # RS384
-    RSAAlgModel(512),  # RS512
-    ECAlgModel("ES256", "P-256", 256, True),
-    ECAlgModel("ES384", "P-384", 384),
-    ECAlgModel("ES512", "P-521", 512),
-    RSAPSSAlgModel(256),  # PS256
-    RSAPSSAlgModel(384),  # PS384
-    RSAPSSAlgModel(512),  # PS512
+    NoneAlgorithm(),  # none
+    HMACAlgorithm(256, True),  # HS256
+    HMACAlgorithm(384),  # HS384
+    HMACAlgorithm(512),  # HS512
+    RSAAlgorithm(256, True),  # RS256
+    RSAAlgorithm(384),  # RS384
+    RSAAlgorithm(512),  # RS512
+    ECAlgorithm("ES256", "P-256", 256, True),
+    ECAlgorithm("ES384", "P-384", 384),
+    ECAlgorithm("ES512", "P-521", 512),
+    RSAPSSAlgorithm(256),  # PS256
+    RSAPSSAlgorithm(384),  # PS384
+    RSAPSSAlgorithm(512),  # PS512
 ]
+
+# compatible
+NoneAlgModel = NoneAlgorithm
+HMACAlgModel = HMACAlgorithm
+RSAAlgModel = RSAAlgorithm
+ECAlgModel = ECAlgorithm
+RSAPSSAlgModel = RSAPSSAlgorithm
diff --git a/src/joserfc/_rfc8037/jws_eddsa.py b/src/joserfc/_rfc8037/jws_eddsa.py
@@ -5,7 +5,7 @@
 from .okp_key import OKPKey
 
 
-class EdDSAAlgModel(JWSAlgModel):
+class EdDSAAlgorithm(JWSAlgModel):
     name = "EdDSA"
     description = "Edwards-curve Digital Signature Algorithm for JWS"
     key_type = "OKP"
@@ -25,4 +25,7 @@ def verify(self, msg: bytes, sig: bytes, key: OKPKey) -> bool:
             return False
 
 
-EdDSA = EdDSAAlgModel()
+EdDSA = EdDSAAlgorithm()
+
+# compatible
+EdDSAAlgModel = EdDSAAlgorithm
diff --git a/src/joserfc/_rfc8812/__init__.py b/src/joserfc/_rfc8812/__init__.py
@@ -1,8 +1,8 @@
 from cryptography.hazmat.primitives.asymmetric.ec import SECP256K1
 from .._rfc7518.ec_key import ECKey
-from .._rfc7518.jws_algs import ECAlgModel
+from .._rfc7518.jws_algs import ECAlgorithm
 
-ES256K = ECAlgModel("ES256K", "secp256k1", 256)
+ES256K = ECAlgorithm("ES256K", "secp256k1", 256)
 
 
 def register_secp256k1() -> None:
