Add more stubs for cryptography

[jlaine]

No description provided.

[jlaine]

The x509 stub still needs some love, I haven't had a chance to properly represent the "Name" class.

[JelleZijlstra]

Presumably these things have some methods? If you don't have time to stub them all out, we should add a def __getattr__(self, name: str) -> Any to avoid false positives for people using these classes.

[jlaine]

The backends themselves are private API.. so it's debatable whether they should be declared at all.

[srittau]

They are documented, though? Also, they should all have a metaclass=ABCMeta base. Same is true for several of the interfaces in other files.

[jlaine]

One thing I noticed is that the signature for load_pem_private_key looks wrong, I believe the password argument is bytes, not str.

[jlaine]

CI seems to be failing because Python 2 lacks ipaddress, see #3309.

It's a bit annoying having to deal with Python 2 less than 3 months before EOL..

Edit: this is no longer an issue, ipaddress is now in third_party/2

[JelleZijlstra]

I think the EOL of Python 2 in typeshed is probably going to be later than December 31.

[srittau]

Thank you for these stubs! I left some remarks below, not a full review yet.

[srittau]

They are documented, though? Also, they should all have a metaclass=ABCMeta base. Same is true for several of the interfaces in other files.

[jlaine]

@srittau I have added a lot more stubs, feel free to review.

I have extensively read the cryptography documentation, and AFAICT the only module which is not yet fully typed is x509.

[srittau]

This is very helpful, thank you for the stubs! I am sorry for the delay in reviewing, other things came up. For now I just managed to review up to hazmat/primitives/asymmetric, but I hope to review the rest soon.

A few notes below, none of them showstoppers. Most of them are just repeats of the same issue, but I pointed them out in each place to (hopefully) make it easier to fix.

[srittau]

This is very helpful, thank you for the stubs! I am sorry for the delay in reviewing, other things came up. For now I just managed to review up to hazmat/primitives/asymmetric, but I hope to review the rest soon.

A few notes below, none of them showstoppers. Most of them are just repeats of the same issue, but I pointed them out in each place to (hopefully) make it easier to fix.

[jlaine]

Thanks so much for taking the time for this first review, I've addressed all the issues you pointed out. The changes related to abstract properties seem to have broken CI though, it looks as though I need to go over all the subclasses to add the corresponding concrete properties.

[alex]

I would not bother including the various backend API methods -- basically no user should ever be invoking them, so it's a lot of code for relatively little benefit (that's my opinion at least, maybe the approach of typeshed is different)

[jlaine]

That was my opinion too, but as @srittau pointed out in #3307 (comment) these methods are part of the cryptography documentation.. so public API?

[jlaine]

Since @alex is weighing in on this PR, it might be a good time to decide whether these type hints should live in cryptography itself or it typeshed.

I'm happy with both approaches, as long as it lets me typecheck my code :)

[alex]

We're unlikely to be convinced to bring these in-tree for cryptography until we're python3 only and can use the native syntax.

[srittau]

@alex I'd just like to point out that the syntax of stubs is independent of the supported Python version. Even when checking Python 2.7 code, type checkers will support stub files using newer features.

[srittau]

Finished the review now. Just one more note below. Please note that due to the size of the PR, I didn't compare the stubs against implementation or documentation like I usually do, I just looked for obvious issues.

[alex]

Yes, I understand the stubs syntax works in both Python2/3. We don't plan to adopt type hints until they can be done directly inline in the source code.

[srittau]

Seems sensible. We are happy to have them in typeshed as long as required.

[srittau]

Looks good, I will merge when the build failure is fixed.

[jlaine]

Let's see if CI completes this time. I caught a couple of other places in hazmat.ciphers.algorithms where abstract properties were needed instead of members.

Going forward, I don't plan to do a "hit and run", please mention me if any issues crop up related to these new stubs. I also plan to expand the x509 module as time allows.

[jlaine]

Thanks for all your guidance @srittau, this is one friendly project!