diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 229eb24028dc..253540cc906a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -49,7 +49,7 @@ jobs: - {VERSION: "3.12", NOXSESSION: "tests", OPENSSL: {TYPE: "openssl", VERSION: "4a9e48f727ce7ad924c53a55b301e426d7e43863"}} # Builds with various Rust versions. Includes MSRV and next # potential future MSRV. - - {VERSION: "3.12", NOXSESSION: "rust,tests", RUST: "1.65.0"} + - {VERSION: "3.12", NOXSESSION: "rust,tests-nocoverage", RUST: "1.65.0"} - {VERSION: "3.12", NOXSESSION: "rust,tests", RUST: "beta"} - {VERSION: "3.12", NOXSESSION: "rust,tests", RUST: "nightly"} timeout-minutes: 15 diff --git a/src/rust/Cargo.lock b/src/rust/Cargo.lock index 11ee8b08475d..08a18882aebc 100644 --- a/src/rust/Cargo.lock +++ b/src/rust/Cargo.lock @@ -278,9 +278,9 @@ dependencies = [ [[package]] name = "pyo3" -version = "0.20.3" +version = "0.21.0-beta.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "53bdbb96d49157e65d45cc287af5f32ffadd5f4761438b527b055fb0d4bb8233" +checksum = "5d0c41d899f822e5f39186d6da130a822a0a43edb19992b51bf4ef6cd0b4cfd1" dependencies = [ "cfg-if", "indoc", @@ -296,9 +296,9 @@ dependencies = [ [[package]] name = "pyo3-build-config" -version = "0.20.3" +version = "0.21.0-beta.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "deaa5745de3f5231ce10517a1f5dd97d53e5a2fd77aa6b5842292085831d48d7" +checksum = "5509c2aa78c7e770077e41ba86f806e60dcee812e924ccb2d6fe78c0a0128ce2" dependencies = [ "once_cell", "target-lexicon", @@ -306,9 +306,9 @@ dependencies = [ [[package]] name = "pyo3-ffi" -version = "0.20.3" +version = "0.21.0-beta.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62b42531d03e08d4ef1f6e85a2ed422eb678b8cd62b762e53891c05faf0d4afa" +checksum = "e6bb234a86ed619a661f3bb3c2493aaff9cb937e33e198d17f5f20a15881e155" dependencies = [ "libc", "pyo3-build-config", @@ -316,9 +316,9 @@ dependencies = [ [[package]] name = "pyo3-macros" -version = "0.20.3" +version = "0.21.0-beta.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7305c720fa01b8055ec95e484a6eca7a83c841267f0dd5280f0c8b8551d2c158" +checksum = "f0b787de2c6832eb1eb393c9f82f976a5a87bda979780d9b853878846a8d2e4b" dependencies = [ "proc-macro2", "pyo3-macros-backend", @@ -328,9 +328,9 @@ dependencies = [ [[package]] name = "pyo3-macros-backend" -version = "0.20.3" +version = "0.21.0-beta.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7c7e9b68bb9c3149c5b0cade5d07f953d6d125eb4337723c4ccdb665f1f96185" +checksum = "5e3b7beed357786d2afe845871964e824ad8af0df38a403f7d01cdc81aadb211" dependencies = [ "heck", "proc-macro2", diff --git a/src/rust/Cargo.toml b/src/rust/Cargo.toml index e3145ca05262..70f3b2ec7530 100644 --- a/src/rust/Cargo.toml +++ b/src/rust/Cargo.toml @@ -10,7 +10,7 @@ rust-version = "1.65.0" [dependencies] once_cell = "1" cfg-if = "1" -pyo3 = { version = "0.20", features = ["abi3"] } +pyo3 = { version="0.21.0", features = ["abi3", "gil-refs"] } asn1 = { version = "0.16.1", default-features = false } cryptography-cffi = { path = "cryptography-cffi" } cryptography-key-parsing = { path = "cryptography-key-parsing" } diff --git a/src/rust/cryptography-cffi/Cargo.toml b/src/rust/cryptography-cffi/Cargo.toml index 00b214f6f7e3..b800e694cadd 100644 --- a/src/rust/cryptography-cffi/Cargo.toml +++ b/src/rust/cryptography-cffi/Cargo.toml @@ -8,7 +8,7 @@ publish = false rust-version = "1.65.0" [dependencies] -pyo3 = { version = "0.20", features = ["abi3"] } +pyo3 = { version="0.21.0", features = ["abi3", "gil-refs"] } openssl-sys = "0.9.101" [build-dependencies] diff --git a/src/rust/cryptography-cffi/src/lib.rs b/src/rust/cryptography-cffi/src/lib.rs index 110341a1901e..a1afd6878086 100644 --- a/src/rust/cryptography-cffi/src/lib.rs +++ b/src/rust/cryptography-cffi/src/lib.rs @@ -5,7 +5,7 @@ #![deny(rust_2018_idioms, clippy::undocumented_unsafe_blocks)] #[cfg(not(python_implementation = "PyPy"))] -use pyo3::FromPyPointer; +use pyo3::Py; #[cfg(python_implementation = "PyPy")] extern "C" { @@ -16,18 +16,20 @@ extern "C" { fn PyInit__openssl() -> *mut pyo3::ffi::PyObject; } -pub fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::types::PyModule> { +pub fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { #[cfg(python_implementation = "PyPy")] let openssl_mod = unsafe { let res = Cryptography_make_openssl_module(); assert_eq!(res, 0); - pyo3::types::PyModule::import(py, "_openssl")? + pyo3::types::PyModule::import_bound(py, "_openssl")?.clone() }; #[cfg(not(python_implementation = "PyPy"))] // SAFETY: `PyInit__openssl` returns an owned reference. let openssl_mod = unsafe { let ptr = PyInit__openssl(); - pyo3::types::PyModule::from_owned_ptr(py, ptr) + Py::from_owned_ptr(py, ptr).bind(py).clone() }; Ok(openssl_mod) diff --git a/src/rust/src/asn1.rs b/src/rust/src/asn1.rs index 641417545fce..b5edd25164f1 100644 --- a/src/rust/src/asn1.rs +++ b/src/rust/src/asn1.rs @@ -6,6 +6,7 @@ use asn1::SimpleAsn1Readable; use cryptography_x509::certificate::Certificate; use cryptography_x509::common::{DssSignature, SubjectPublicKeyInfo, Time}; use cryptography_x509::name::Name; +use pyo3::prelude::PyModuleMethods; use pyo3::types::IntoPyDict; use pyo3::ToPyObject; @@ -167,14 +168,16 @@ fn test_parse_certificate(data: &[u8]) -> Result) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let submod = pyo3::prelude::PyModule::new(py, "asn1")?; - submod.add_function(pyo3::wrap_pyfunction!(parse_spki_for_data, submod)?)?; +pub(crate) fn create_submodule( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let submod = pyo3::prelude::PyModule::new_bound(py, "asn1")?; + submod.add_function(pyo3::wrap_pyfunction!(parse_spki_for_data, &submod)?)?; - submod.add_function(pyo3::wrap_pyfunction!(decode_dss_signature, submod)?)?; - submod.add_function(pyo3::wrap_pyfunction!(encode_dss_signature, submod)?)?; + submod.add_function(pyo3::wrap_pyfunction!(decode_dss_signature, &submod)?)?; + submod.add_function(pyo3::wrap_pyfunction!(encode_dss_signature, &submod)?)?; - submod.add_function(pyo3::wrap_pyfunction!(test_parse_certificate, submod)?)?; + submod.add_function(pyo3::wrap_pyfunction!(test_parse_certificate, &submod)?)?; Ok(submod) } diff --git a/src/rust/src/backend/aead.rs b/src/rust/src/backend/aead.rs index 2438ae644cb6..ee1acd195edd 100644 --- a/src/rust/src/backend/aead.rs +++ b/src/rust/src/backend/aead.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use crate::buf::CffiBuf; use crate::error::{CryptographyError, CryptographyResult}; @@ -1130,8 +1131,10 @@ impl AesGcmSiv { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "aead")?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "aead")?; m.add_class::()?; m.add_class::()?; diff --git a/src/rust/src/backend/cipher_registry.rs b/src/rust/src/backend/cipher_registry.rs index 46f6e09b5aac..ef54b7460e82 100644 --- a/src/rust/src/backend/cipher_registry.rs +++ b/src/rust/src/backend/cipher_registry.rs @@ -259,7 +259,7 @@ fn get_cipher_registry( // this should't be necessary but OpenSSL 3 will return an EVP_CIPHER // even when the cipher is unavailable. if cfg!(not(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER)) - || types::LEGACY_PROVIDER_LOADED.get(py)?.is_true()? + || types::LEGACY_PROVIDER_LOADED.get(py)?.is_truthy()? { #[cfg(not(CRYPTOGRAPHY_OSSLCONF = "OPENSSL_NO_BF"))] { diff --git a/src/rust/src/backend/ciphers.rs b/src/rust/src/backend/ciphers.rs index 3695ca1d89df..ece02158b3bc 100644 --- a/src/rust/src/backend/ciphers.rs +++ b/src/rust/src/backend/ciphers.rs @@ -7,6 +7,7 @@ use crate::buf::{CffiBuf, CffiMutBuf}; use crate::error::{CryptographyError, CryptographyResult}; use crate::exceptions; use crate::types; +use pyo3::prelude::PyModuleMethods; use pyo3::IntoPy; struct CipherContext { @@ -29,7 +30,7 @@ impl CipherContext { format!( "cipher {} in {} mode is not supported ", algorithm.getattr(pyo3::intern!(py, "name"))?, - if mode.is_true()? { + if mode.is_truthy()? { mode.getattr(pyo3::intern!(py, "name"))? } else { mode @@ -550,14 +551,16 @@ fn _advance_aad(ctx: &pyo3::PyAny, n: u64) { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "ciphers")?; - m.add_function(pyo3::wrap_pyfunction!(create_encryption_ctx, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(create_decryption_ctx, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(cipher_supported, m)?)?; - - m.add_function(pyo3::wrap_pyfunction!(_advance, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(_advance_aad, m)?)?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "ciphers")?; + m.add_function(pyo3::wrap_pyfunction!(create_encryption_ctx, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(create_decryption_ctx, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(cipher_supported, &m)?)?; + + m.add_function(pyo3::wrap_pyfunction!(_advance, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(_advance_aad, &m)?)?; m.add_class::()?; m.add_class::()?; diff --git a/src/rust/src/backend/cmac.rs b/src/rust/src/backend/cmac.rs index acacbf02f6ad..f8d32e554508 100644 --- a/src/rust/src/backend/cmac.rs +++ b/src/rust/src/backend/cmac.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use crate::backend::cipher_registry; use crate::backend::hashes::already_finalized_error; @@ -97,8 +98,10 @@ impl Cmac { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "cmac")?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "cmac")?; m.add_class::()?; diff --git a/src/rust/src/backend/dh.rs b/src/rust/src/backend/dh.rs index eb6cbdcdc9e4..9b2d179598c3 100644 --- a/src/rust/src/backend/dh.rs +++ b/src/rust/src/backend/dh.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use cryptography_x509::common; @@ -545,11 +546,13 @@ impl DHParameterNumbers { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "dh")?; - m.add_function(pyo3::wrap_pyfunction!(generate_parameters, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(from_der_parameters, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(from_pem_parameters, m)?)?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "dh")?; + m.add_function(pyo3::wrap_pyfunction!(generate_parameters, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(from_der_parameters, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(from_pem_parameters, &m)?)?; m.add_class::()?; m.add_class::()?; diff --git a/src/rust/src/backend/dsa.rs b/src/rust/src/backend/dsa.rs index bf341ac71314..dd7eae133f8e 100644 --- a/src/rust/src/backend/dsa.rs +++ b/src/rust/src/backend/dsa.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use crate::backend::utils; use crate::buf::CffiBuf; @@ -497,9 +498,11 @@ impl DsaParameterNumbers { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "dsa")?; - m.add_function(pyo3::wrap_pyfunction!(generate_parameters, m)?)?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "dsa")?; + m.add_function(pyo3::wrap_pyfunction!(generate_parameters, &m)?)?; m.add_class::()?; m.add_class::()?; diff --git a/src/rust/src/backend/ec.rs b/src/rust/src/backend/ec.rs index 1c4cf95d0f61..6086cb4f6e1c 100644 --- a/src/rust/src/backend/ec.rs +++ b/src/rust/src/backend/ec.rs @@ -5,6 +5,7 @@ use std::collections::hash_map::DefaultHasher; use std::hash::{Hash, Hasher}; +use pyo3::prelude::PyModuleMethods; use pyo3::ToPyObject; use crate::backend::utils; @@ -660,12 +661,14 @@ impl EllipticCurvePublicNumbers { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "ec")?; - m.add_function(pyo3::wrap_pyfunction!(curve_supported, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(generate_private_key, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(derive_private_key, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(from_public_bytes, m)?)?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "ec")?; + m.add_function(pyo3::wrap_pyfunction!(curve_supported, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(generate_private_key, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(derive_private_key, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(from_public_bytes, &m)?)?; m.add_class::()?; m.add_class::()?; diff --git a/src/rust/src/backend/ed25519.rs b/src/rust/src/backend/ed25519.rs index 81ca3230088e..d6888d00ed98 100644 --- a/src/rust/src/backend/ed25519.rs +++ b/src/rust/src/backend/ed25519.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use crate::backend::utils; use crate::buf::CffiBuf; @@ -158,11 +159,13 @@ impl Ed25519PublicKey { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "ed25519")?; - m.add_function(pyo3::wrap_pyfunction!(generate_key, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(from_private_bytes, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(from_public_bytes, m)?)?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "ed25519")?; + m.add_function(pyo3::wrap_pyfunction!(generate_key, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(from_private_bytes, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(from_public_bytes, &m)?)?; m.add_class::()?; m.add_class::()?; diff --git a/src/rust/src/backend/ed448.rs b/src/rust/src/backend/ed448.rs index 15b679d5f993..54ed92a508b2 100644 --- a/src/rust/src/backend/ed448.rs +++ b/src/rust/src/backend/ed448.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use crate::backend::utils; use crate::buf::CffiBuf; @@ -155,11 +156,13 @@ impl Ed448PublicKey { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "ed448")?; - m.add_function(pyo3::wrap_pyfunction!(generate_key, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(from_private_bytes, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(from_public_bytes, m)?)?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "ed448")?; + m.add_function(pyo3::wrap_pyfunction!(generate_key, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(from_private_bytes, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(from_public_bytes, &m)?)?; m.add_class::()?; m.add_class::()?; diff --git a/src/rust/src/backend/hashes.rs b/src/rust/src/backend/hashes.rs index ac5de597c354..1fb937319931 100644 --- a/src/rust/src/backend/hashes.rs +++ b/src/rust/src/backend/hashes.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use std::borrow::Cow; @@ -136,8 +137,10 @@ impl Hash { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "hashes")?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "hashes")?; m.add_class::()?; Ok(m) diff --git a/src/rust/src/backend/hmac.rs b/src/rust/src/backend/hmac.rs index f8572f9103c9..d8cb08f0f8e7 100644 --- a/src/rust/src/backend/hmac.rs +++ b/src/rust/src/backend/hmac.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use crate::backend::hashes::{already_finalized_error, message_digest_from_algorithm}; use crate::buf::CffiBuf; @@ -104,8 +105,10 @@ impl Hmac { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "hmac")?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "hmac")?; m.add_class::()?; Ok(m) diff --git a/src/rust/src/backend/kdf.rs b/src/rust/src/backend/kdf.rs index 35cf0eb266a3..90576e3af391 100644 --- a/src/rust/src/backend/kdf.rs +++ b/src/rust/src/backend/kdf.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use crate::backend::hashes; use crate::buf::CffiBuf; @@ -48,12 +49,14 @@ fn derive_scrypt<'p>( })?) } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "kdf")?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "kdf")?; - m.add_function(pyo3::wrap_pyfunction!(derive_pbkdf2_hmac, m)?)?; + m.add_function(pyo3::wrap_pyfunction!(derive_pbkdf2_hmac, &m)?)?; #[cfg(not(CRYPTOGRAPHY_IS_LIBRESSL))] - m.add_function(pyo3::wrap_pyfunction!(derive_scrypt, m)?)?; + m.add_function(pyo3::wrap_pyfunction!(derive_scrypt, &m)?)?; Ok(m) } diff --git a/src/rust/src/backend/keys.rs b/src/rust/src/backend/keys.rs index a41b6805695f..cb21def3159f 100644 --- a/src/rust/src/backend/keys.rs +++ b/src/rust/src/backend/keys.rs @@ -2,6 +2,7 @@ // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use pyo3::IntoPy; use crate::backend::utils; @@ -216,13 +217,15 @@ fn public_key_from_pkey( } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "keys")?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "keys")?; - m.add_function(pyo3::wrap_pyfunction!(load_pem_private_key, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(load_der_private_key, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(load_der_public_key, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(load_pem_public_key, m)?)?; + m.add_function(pyo3::wrap_pyfunction!(load_pem_private_key, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(load_der_private_key, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(load_der_public_key, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(load_pem_public_key, &m)?)?; Ok(m) } diff --git a/src/rust/src/backend/mod.rs b/src/rust/src/backend/mod.rs index be7b2d0ac280..a3143e4263f3 100644 --- a/src/rust/src/backend/mod.rs +++ b/src/rust/src/backend/mod.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; pub(crate) mod aead; pub(crate) mod cipher_registry; @@ -23,29 +24,31 @@ pub(crate) mod x25519; #[cfg(all(not(CRYPTOGRAPHY_IS_LIBRESSL), not(CRYPTOGRAPHY_IS_BORINGSSL)))] pub(crate) mod x448; -pub(crate) fn add_to_module(module: &pyo3::prelude::PyModule) -> pyo3::PyResult<()> { - module.add_submodule(aead::create_module(module.py())?)?; - module.add_submodule(ciphers::create_module(module.py())?)?; - module.add_submodule(cmac::create_module(module.py())?)?; - module.add_submodule(dh::create_module(module.py())?)?; - module.add_submodule(dsa::create_module(module.py())?)?; - module.add_submodule(ec::create_module(module.py())?)?; - module.add_submodule(keys::create_module(module.py())?)?; +pub(crate) fn add_to_module( + module: &pyo3::Bound<'_, pyo3::prelude::PyModule>, +) -> pyo3::PyResult<()> { + module.add_submodule(&aead::create_module(module.py())?)?; + module.add_submodule(&ciphers::create_module(module.py())?)?; + module.add_submodule(&cmac::create_module(module.py())?)?; + module.add_submodule(&dh::create_module(module.py())?)?; + module.add_submodule(&dsa::create_module(module.py())?)?; + module.add_submodule(&ec::create_module(module.py())?)?; + module.add_submodule(&keys::create_module(module.py())?)?; - module.add_submodule(ed25519::create_module(module.py())?)?; + module.add_submodule(&ed25519::create_module(module.py())?)?; #[cfg(all(not(CRYPTOGRAPHY_IS_LIBRESSL), not(CRYPTOGRAPHY_IS_BORINGSSL)))] - module.add_submodule(ed448::create_module(module.py())?)?; + module.add_submodule(&ed448::create_module(module.py())?)?; - module.add_submodule(x25519::create_module(module.py())?)?; + module.add_submodule(&x25519::create_module(module.py())?)?; #[cfg(all(not(CRYPTOGRAPHY_IS_LIBRESSL), not(CRYPTOGRAPHY_IS_BORINGSSL)))] - module.add_submodule(x448::create_module(module.py())?)?; + module.add_submodule(&x448::create_module(module.py())?)?; - module.add_submodule(poly1305::create_module(module.py())?)?; + module.add_submodule(&poly1305::create_module(module.py())?)?; - module.add_submodule(hashes::create_module(module.py())?)?; - module.add_submodule(hmac::create_module(module.py())?)?; - module.add_submodule(kdf::create_module(module.py())?)?; - module.add_submodule(rsa::create_module(module.py())?)?; + module.add_submodule(&hashes::create_module(module.py())?)?; + module.add_submodule(&hmac::create_module(module.py())?)?; + module.add_submodule(&kdf::create_module(module.py())?)?; + module.add_submodule(&rsa::create_module(module.py())?)?; Ok(()) } diff --git a/src/rust/src/backend/poly1305.rs b/src/rust/src/backend/poly1305.rs index 66fc6239fa02..afd747b6b640 100644 --- a/src/rust/src/backend/poly1305.rs +++ b/src/rust/src/backend/poly1305.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use crate::backend::hashes::already_finalized_error; use crate::buf::CffiBuf; @@ -163,8 +164,10 @@ impl Poly1305 { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "poly1305")?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "poly1305")?; m.add_class::()?; diff --git a/src/rust/src/backend/rsa.rs b/src/rust/src/backend/rsa.rs index 662f30aff084..a3a75f865b8f 100644 --- a/src/rust/src/backend/rsa.rs +++ b/src/rust/src/backend/rsa.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use std::collections::hash_map::DefaultHasher; use std::hash::{Hash, Hasher}; @@ -815,9 +816,11 @@ impl RsaPublicNumbers { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "rsa")?; - m.add_function(pyo3::wrap_pyfunction!(generate_private_key, m)?)?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "rsa")?; + m.add_function(pyo3::wrap_pyfunction!(generate_private_key, &m)?)?; m.add_class::()?; m.add_class::()?; diff --git a/src/rust/src/backend/x25519.rs b/src/rust/src/backend/x25519.rs index b193e18b0483..f47f1dd68c5c 100644 --- a/src/rust/src/backend/x25519.rs +++ b/src/rust/src/backend/x25519.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use crate::backend::utils; use crate::buf::CffiBuf; @@ -145,11 +146,13 @@ impl X25519PublicKey { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "x25519")?; - m.add_function(pyo3::wrap_pyfunction!(generate_key, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(from_private_bytes, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(from_public_bytes, m)?)?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "x25519")?; + m.add_function(pyo3::wrap_pyfunction!(generate_key, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(from_private_bytes, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(from_public_bytes, &m)?)?; m.add_class::()?; m.add_class::()?; diff --git a/src/rust/src/backend/x448.rs b/src/rust/src/backend/x448.rs index 7a64002d943d..97b46bc24b12 100644 --- a/src/rust/src/backend/x448.rs +++ b/src/rust/src/backend/x448.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; use crate::backend::utils; use crate::buf::CffiBuf; @@ -144,11 +145,13 @@ impl X448PublicKey { } } -pub(crate) fn create_module(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let m = pyo3::prelude::PyModule::new(py, "x448")?; - m.add_function(pyo3::wrap_pyfunction!(generate_key, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(from_private_bytes, m)?)?; - m.add_function(pyo3::wrap_pyfunction!(from_public_bytes, m)?)?; +pub(crate) fn create_module( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let m = pyo3::prelude::PyModule::new_bound(py, "x448")?; + m.add_function(pyo3::wrap_pyfunction!(generate_key, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(from_private_bytes, &m)?)?; + m.add_function(pyo3::wrap_pyfunction!(from_public_bytes, &m)?)?; m.add_class::()?; m.add_class::()?; diff --git a/src/rust/src/exceptions.rs b/src/rust/src/exceptions.rs index 67f57b9adcb5..adb5f8594a53 100644 --- a/src/rust/src/exceptions.rs +++ b/src/rust/src/exceptions.rs @@ -1,6 +1,7 @@ // This file is dual licensed under the terms of the Apache License, Version // 2.0, and the BSD License. See the LICENSE file in the root of this repository // for complete details. +use pyo3::prelude::PyModuleMethods; #[pyo3::prelude::pyclass( frozen, @@ -35,8 +36,10 @@ pyo3::import_exception!(cryptography.x509, DuplicateExtension); pyo3::import_exception!(cryptography.x509, UnsupportedGeneralNameType); pyo3::import_exception!(cryptography.x509, InvalidVersion); -pub(crate) fn create_submodule(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let submod = pyo3::prelude::PyModule::new(py, "exceptions")?; +pub(crate) fn create_submodule( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let submod = pyo3::prelude::PyModule::new_bound(py, "exceptions")?; submod.add_class::()?; diff --git a/src/rust/src/lib.rs b/src/rust/src/lib.rs index 47102dfde1dd..b503779133e0 100644 --- a/src/rust/src/lib.rs +++ b/src/rust/src/lib.rs @@ -91,33 +91,33 @@ fn enable_fips(providers: &mut LoadedProviders) -> CryptographyResult<()> { } #[pyo3::prelude::pymodule] -fn _rust(py: pyo3::Python<'_>, m: &pyo3::types::PyModule) -> pyo3::PyResult<()> { +fn _rust(py: pyo3::Python<'_>, m: &pyo3::Bound<'_, pyo3::types::PyModule>) -> pyo3::PyResult<()> { m.add_function(pyo3::wrap_pyfunction!(padding::check_pkcs7_padding, m)?)?; m.add_function(pyo3::wrap_pyfunction!(padding::check_ansix923_padding, m)?)?; m.add_class::()?; - m.add_submodule(asn1::create_submodule(py)?)?; - m.add_submodule(pkcs7::create_submodule(py)?)?; - m.add_submodule(pkcs12::create_submodule(py)?)?; - m.add_submodule(exceptions::create_submodule(py)?)?; + m.add_submodule(&asn1::create_submodule(py)?)?; + m.add_submodule(&pkcs7::create_submodule(py)?)?; + m.add_submodule(&pkcs12::create_submodule(py)?)?; + m.add_submodule(&exceptions::create_submodule(py)?)?; - let x509_mod = pyo3::prelude::PyModule::new(py, "x509")?; - crate::x509::certificate::add_to_module(x509_mod)?; - crate::x509::common::add_to_module(x509_mod)?; - crate::x509::crl::add_to_module(x509_mod)?; - crate::x509::csr::add_to_module(x509_mod)?; - crate::x509::sct::add_to_module(x509_mod)?; - crate::x509::verify::add_to_module(x509_mod)?; - m.add_submodule(x509_mod)?; + let x509_mod = pyo3::prelude::PyModule::new_bound(py, "x509")?; + crate::x509::certificate::add_to_module(&x509_mod)?; + crate::x509::common::add_to_module(&x509_mod)?; + crate::x509::crl::add_to_module(&x509_mod)?; + crate::x509::csr::add_to_module(&x509_mod)?; + crate::x509::sct::add_to_module(&x509_mod)?; + crate::x509::verify::add_to_module(&x509_mod)?; + m.add_submodule(&x509_mod)?; - let ocsp_mod = pyo3::prelude::PyModule::new(py, "ocsp")?; - crate::x509::ocsp_req::add_to_module(ocsp_mod)?; - crate::x509::ocsp_resp::add_to_module(ocsp_mod)?; - m.add_submodule(ocsp_mod)?; + let ocsp_mod = pyo3::prelude::PyModule::new_bound(py, "ocsp")?; + crate::x509::ocsp_req::add_to_module(&ocsp_mod)?; + crate::x509::ocsp_resp::add_to_module(&ocsp_mod)?; + m.add_submodule(&ocsp_mod)?; - m.add_submodule(cryptography_cffi::create_module(py)?)?; + m.add_submodule(&cryptography_cffi::create_module(py)?)?; - let openssl_mod = pyo3::prelude::PyModule::new(py, "openssl")?; + let openssl_mod = pyo3::prelude::PyModule::new_bound(py, "openssl")?; openssl_mod.add( "CRYPTOGRAPHY_OPENSSL_300_OR_GREATER", cfg!(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER), @@ -152,8 +152,8 @@ fn _rust(py: pyo3::Python<'_>, m: &pyo3::types::PyModule) -> pyo3::PyResult<()> openssl_mod.add_function(pyo3::wrap_pyfunction!(error::capture_error_stack, m)?)?; openssl_mod.add_function(pyo3::wrap_pyfunction!(is_fips_enabled, m)?)?; openssl_mod.add_class::()?; - crate::backend::add_to_module(openssl_mod)?; - m.add_submodule(openssl_mod)?; + crate::backend::add_to_module(&openssl_mod)?; + m.add_submodule(&openssl_mod)?; Ok(()) } diff --git a/src/rust/src/pkcs12.rs b/src/rust/src/pkcs12.rs index 1df4d51ae2e8..f77cf1c53e90 100644 --- a/src/rust/src/pkcs12.rs +++ b/src/rust/src/pkcs12.rs @@ -7,6 +7,7 @@ use crate::buf::CffiBuf; use crate::error::CryptographyResult; use crate::x509::certificate::Certificate; use crate::{types, x509}; +use pyo3::prelude::PyModuleMethods; use pyo3::IntoPy; use std::collections::hash_map::DefaultHasher; use std::hash::{Hash, Hasher}; @@ -309,11 +310,13 @@ fn load_pkcs12<'p>( .call1((private_key, cert, additional_certs))?) } -pub(crate) fn create_submodule(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let submod = pyo3::prelude::PyModule::new(py, "pkcs12")?; +pub(crate) fn create_submodule( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let submod = pyo3::prelude::PyModule::new_bound(py, "pkcs12")?; - submod.add_function(pyo3::wrap_pyfunction!(load_key_and_certificates, submod)?)?; - submod.add_function(pyo3::wrap_pyfunction!(load_pkcs12, submod)?)?; + submod.add_function(pyo3::wrap_pyfunction!(load_key_and_certificates, &submod)?)?; + submod.add_function(pyo3::wrap_pyfunction!(load_pkcs12, &submod)?)?; submod.add_class::()?; diff --git a/src/rust/src/pkcs7.rs b/src/rust/src/pkcs7.rs index 9732b6b93b9b..6d170d4f8f26 100644 --- a/src/rust/src/pkcs7.rs +++ b/src/rust/src/pkcs7.rs @@ -11,6 +11,7 @@ use cryptography_x509::{common, oid, pkcs7}; use once_cell::sync::Lazy; #[cfg(not(CRYPTOGRAPHY_IS_BORINGSSL))] use openssl::pkcs7::Pkcs7; +use pyo3::prelude::PyModuleMethods; #[cfg(not(CRYPTOGRAPHY_IS_BORINGSSL))] use pyo3::IntoPy; @@ -403,13 +404,21 @@ fn load_der_pkcs7_certificates<'p>( } } -pub(crate) fn create_submodule(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> { - let submod = pyo3::prelude::PyModule::new(py, "pkcs7")?; - - submod.add_function(pyo3::wrap_pyfunction!(serialize_certificates, submod)?)?; - submod.add_function(pyo3::wrap_pyfunction!(sign_and_serialize, submod)?)?; - submod.add_function(pyo3::wrap_pyfunction!(load_pem_pkcs7_certificates, submod)?)?; - submod.add_function(pyo3::wrap_pyfunction!(load_der_pkcs7_certificates, submod)?)?; +pub(crate) fn create_submodule( + py: pyo3::Python<'_>, +) -> pyo3::PyResult> { + let submod = pyo3::prelude::PyModule::new_bound(py, "pkcs7")?; + + submod.add_function(pyo3::wrap_pyfunction!(serialize_certificates, &submod)?)?; + submod.add_function(pyo3::wrap_pyfunction!(sign_and_serialize, &submod)?)?; + submod.add_function(pyo3::wrap_pyfunction!( + load_pem_pkcs7_certificates, + &submod + )?)?; + submod.add_function(pyo3::wrap_pyfunction!( + load_der_pkcs7_certificates, + &submod + )?)?; Ok(submod) } diff --git a/src/rust/src/x509/certificate.rs b/src/rust/src/x509/certificate.rs index 552f4eda7d81..5d54ce6e08fb 100644 --- a/src/rust/src/x509/certificate.rs +++ b/src/rust/src/x509/certificate.rs @@ -17,6 +17,7 @@ use cryptography_x509::extensions::{ use cryptography_x509::extensions::{Extension, SubjectAlternativeName}; use cryptography_x509::{common, oid}; use cryptography_x509_verification::ops::CryptoOps; +use pyo3::prelude::PyModuleMethods; use pyo3::{IntoPy, ToPyObject}; use crate::asn1::{ @@ -919,7 +920,9 @@ pub(crate) fn set_bit(vals: &mut [u8], n: usize, set: bool) { } } -pub(crate) fn add_to_module(module: &pyo3::prelude::PyModule) -> pyo3::PyResult<()> { +pub(crate) fn add_to_module( + module: &pyo3::Bound<'_, pyo3::prelude::PyModule>, +) -> pyo3::PyResult<()> { module.add_function(pyo3::wrap_pyfunction!(load_der_x509_certificate, module)?)?; module.add_function(pyo3::wrap_pyfunction!(load_pem_x509_certificate, module)?)?; module.add_function(pyo3::wrap_pyfunction!(load_pem_x509_certificates, module)?)?; diff --git a/src/rust/src/x509/common.rs b/src/rust/src/x509/common.rs index d838c2f8dfe1..644d9ce27aba 100644 --- a/src/rust/src/x509/common.rs +++ b/src/rust/src/x509/common.rs @@ -7,6 +7,7 @@ use cryptography_x509::extensions::{ AccessDescription, DuplicateExtensionsError, Extension, Extensions, RawExtensions, }; use cryptography_x509::name::{GeneralName, Name, NameReadable, OtherName, UnvalidatedIA5String}; +use pyo3::prelude::PyModuleMethods; use pyo3::types::IntoPyDict; use pyo3::{IntoPy, ToPyObject}; @@ -534,7 +535,9 @@ pub(crate) fn datetime_now(py: pyo3::Python<'_>) -> pyo3::PyResult pyo3::PyResult<()> { +pub(crate) fn add_to_module( + module: &pyo3::Bound<'_, pyo3::prelude::PyModule>, +) -> pyo3::PyResult<()> { module.add_function(pyo3::wrap_pyfunction!(encode_extension_value, module)?)?; module.add_function(pyo3::wrap_pyfunction!(encode_name_bytes, module)?)?; diff --git a/src/rust/src/x509/crl.rs b/src/rust/src/x509/crl.rs index 8e43832986c2..d9e5cb69ab7e 100644 --- a/src/rust/src/x509/crl.rs +++ b/src/rust/src/x509/crl.rs @@ -13,6 +13,7 @@ use cryptography_x509::{ }, name, oid, }; +use pyo3::prelude::PyModuleMethods; use pyo3::{IntoPy, ToPyObject}; use crate::asn1::{ @@ -675,7 +676,9 @@ fn create_x509_crl( load_der_x509_crl(py, pyo3::types::PyBytes::new(py, &data).into_py(py), None) } -pub(crate) fn add_to_module(module: &pyo3::prelude::PyModule) -> pyo3::PyResult<()> { +pub(crate) fn add_to_module( + module: &pyo3::Bound<'_, pyo3::prelude::PyModule>, +) -> pyo3::PyResult<()> { module.add_function(pyo3::wrap_pyfunction!(load_der_x509_crl, module)?)?; module.add_function(pyo3::wrap_pyfunction!(load_pem_x509_crl, module)?)?; module.add_function(pyo3::wrap_pyfunction!(create_x509_crl, module)?)?; diff --git a/src/rust/src/x509/csr.rs b/src/rust/src/x509/csr.rs index c49f6e04421a..1aa4907fc747 100644 --- a/src/rust/src/x509/csr.rs +++ b/src/rust/src/x509/csr.rs @@ -8,6 +8,7 @@ use std::hash::{Hash, Hasher}; use asn1::SimpleAsn1Readable; use cryptography_x509::csr::{check_attribute_length, Attribute, CertificationRequestInfo, Csr}; use cryptography_x509::{common, oid}; +use pyo3::prelude::PyModuleMethods; use pyo3::IntoPy; use crate::asn1::{encode_der_data, oid_to_py_oid, py_oid_to_oid}; @@ -346,7 +347,9 @@ fn create_x509_csr( load_der_x509_csr(py, pyo3::types::PyBytes::new(py, &data).into_py(py), None) } -pub(crate) fn add_to_module(module: &pyo3::prelude::PyModule) -> pyo3::PyResult<()> { +pub(crate) fn add_to_module( + module: &pyo3::Bound<'_, pyo3::prelude::PyModule>, +) -> pyo3::PyResult<()> { module.add_function(pyo3::wrap_pyfunction!(load_der_x509_csr, module)?)?; module.add_function(pyo3::wrap_pyfunction!(load_pem_x509_csr, module)?)?; module.add_function(pyo3::wrap_pyfunction!(create_x509_csr, module)?)?; diff --git a/src/rust/src/x509/extensions.rs b/src/rust/src/x509/extensions.rs index 03fd1da9ff07..76bdf3c388d5 100644 --- a/src/rust/src/x509/extensions.rs +++ b/src/rust/src/x509/extensions.rs @@ -139,51 +139,58 @@ fn encode_key_usage(py: pyo3::Python<'_>, ext: &pyo3::PyAny) -> CryptographyResu &mut bs, 0, ext.getattr(pyo3::intern!(py, "digital_signature"))? - .is_true()?, + .is_truthy()?, ); certificate::set_bit( &mut bs, 1, ext.getattr(pyo3::intern!(py, "content_commitment"))? - .is_true()?, + .is_truthy()?, ); certificate::set_bit( &mut bs, 2, ext.getattr(pyo3::intern!(py, "key_encipherment"))? - .is_true()?, + .is_truthy()?, ); certificate::set_bit( &mut bs, 3, ext.getattr(pyo3::intern!(py, "data_encipherment"))? - .is_true()?, + .is_truthy()?, ); certificate::set_bit( &mut bs, 4, - ext.getattr(pyo3::intern!(py, "key_agreement"))?.is_true()?, + ext.getattr(pyo3::intern!(py, "key_agreement"))? + .is_truthy()?, ); certificate::set_bit( &mut bs, 5, - ext.getattr(pyo3::intern!(py, "key_cert_sign"))?.is_true()?, + ext.getattr(pyo3::intern!(py, "key_cert_sign"))? + .is_truthy()?, ); certificate::set_bit( &mut bs, 6, - ext.getattr(pyo3::intern!(py, "crl_sign"))?.is_true()?, + ext.getattr(pyo3::intern!(py, "crl_sign"))?.is_truthy()?, ); - if ext.getattr(pyo3::intern!(py, "key_agreement"))?.is_true()? { + if ext + .getattr(pyo3::intern!(py, "key_agreement"))? + .is_truthy()? + { certificate::set_bit( &mut bs, 7, - ext.getattr(pyo3::intern!(py, "encipher_only"))?.is_true()?, + ext.getattr(pyo3::intern!(py, "encipher_only"))? + .is_truthy()?, ); certificate::set_bit( &mut bs, 8, - ext.getattr(pyo3::intern!(py, "decipher_only"))?.is_true()?, + ext.getattr(pyo3::intern!(py, "decipher_only"))? + .is_truthy()?, ); } let (bits, unused_bits) = if bs[1] == 0 { @@ -208,7 +215,7 @@ fn encode_certificate_policies( let py_policy_info = py_policy_info?; let py_policy_qualifiers = py_policy_info.getattr(pyo3::intern!(py, "policy_qualifiers"))?; - let qualifiers = if py_policy_qualifiers.is_true()? { + let qualifiers = if py_policy_qualifiers.is_truthy()? { let mut qualifiers = vec![]; for py_qualifier in py_policy_qualifiers.iter()? { let py_qualifier = py_qualifier?; @@ -228,7 +235,7 @@ fn encode_certificate_policies( } } else { let py_notice = py_qualifier.getattr(pyo3::intern!(py, "notice_reference"))?; - let notice_ref = if py_notice.is_true()? { + let notice_ref = if py_notice.is_truthy()? { let mut notice_numbers = vec![]; for py_num in py_notice .getattr(pyo3::intern!(py, "notice_numbers"))? @@ -255,7 +262,7 @@ fn encode_certificate_policies( }; let py_explicit_text = py_qualifier.getattr(pyo3::intern!(py, "explicit_text"))?; - let explicit_text = if py_explicit_text.is_true()? { + let explicit_text = if py_explicit_text.is_truthy()? { Some(extensions::DisplayText::Utf8String(asn1::Utf8String::new( py_explicit_text.extract()?, ))) @@ -296,7 +303,7 @@ fn encode_issuing_distribution_point( ) -> CryptographyResult> { let only_some_reasons = if ext .getattr(pyo3::intern!(py, "only_some_reasons"))? - .is_true()? + .is_truthy()? { let py_reasons = ext.getattr(pyo3::intern!(py, "only_some_reasons"))?; let reasons = certificate::encode_distribution_point_reasons(ext.py(), py_reasons)?; @@ -304,13 +311,16 @@ fn encode_issuing_distribution_point( } else { None }; - let distribution_point = if ext.getattr(pyo3::intern!(py, "full_name"))?.is_true()? { + let distribution_point = if ext.getattr(pyo3::intern!(py, "full_name"))?.is_truthy()? { let py_full_name = ext.getattr(pyo3::intern!(py, "full_name"))?; let gns = x509::common::encode_general_names(ext.py(), py_full_name)?; Some(extensions::DistributionPointName::FullName( common::Asn1ReadableOrWritable::new_write(asn1::SequenceOfWriter::new(gns)), )) - } else if ext.getattr(pyo3::intern!(py, "relative_name"))?.is_true()? { + } else if ext + .getattr(pyo3::intern!(py, "relative_name"))? + .is_truthy()? + { let mut name_entries = vec![]; for py_name_entry in ext.getattr(pyo3::intern!(py, "relative_name"))?.iter()? { name_entries.push(x509::common::encode_name_entry(ext.py(), py_name_entry?)?); diff --git a/src/rust/src/x509/ocsp_req.rs b/src/rust/src/x509/ocsp_req.rs index baa2dd00dfb4..f3d6b675bfdb 100644 --- a/src/rust/src/x509/ocsp_req.rs +++ b/src/rust/src/x509/ocsp_req.rs @@ -7,6 +7,7 @@ use cryptography_x509::{ ocsp_req::{self, OCSPRequest as RawOCSPRequest}, oid, }; +use pyo3::prelude::PyModuleMethods; use pyo3::IntoPy; use crate::asn1::{big_byte_slice_to_py_int, oid_to_py_oid, py_uint_to_big_endian_bytes}; @@ -231,7 +232,9 @@ fn create_ocsp_request( load_der_ocsp_request(py, pyo3::types::PyBytes::new(py, &data).into_py(py)) } -pub(crate) fn add_to_module(module: &pyo3::prelude::PyModule) -> pyo3::PyResult<()> { +pub(crate) fn add_to_module( + module: &pyo3::Bound<'_, pyo3::prelude::PyModule>, +) -> pyo3::PyResult<()> { module.add_function(pyo3::wrap_pyfunction!(load_der_ocsp_request, module)?)?; module.add_function(pyo3::wrap_pyfunction!(create_ocsp_request, module)?)?; diff --git a/src/rust/src/x509/ocsp_resp.rs b/src/rust/src/x509/ocsp_resp.rs index e5f8b479576a..6d1bfd304291 100644 --- a/src/rust/src/x509/ocsp_resp.rs +++ b/src/rust/src/x509/ocsp_resp.rs @@ -10,6 +10,7 @@ use cryptography_x509::{ ocsp_resp::{self, OCSPResponse as RawOCSPResponse, SingleResponse as RawSingleResponse}, oid, }; +use pyo3::prelude::PyModuleMethods; use pyo3::IntoPy; use crate::asn1::{big_byte_slice_to_py_int, oid_to_py_oid}; @@ -715,7 +716,9 @@ fn create_ocsp_response( load_der_ocsp_response(py, pyo3::types::PyBytes::new(py, &data).into_py(py)) } -pub(crate) fn add_to_module(module: &pyo3::prelude::PyModule) -> pyo3::PyResult<()> { +pub(crate) fn add_to_module( + module: &pyo3::Bound<'_, pyo3::prelude::PyModule>, +) -> pyo3::PyResult<()> { module.add_function(pyo3::wrap_pyfunction!(load_der_ocsp_response, module)?)?; module.add_function(pyo3::wrap_pyfunction!(create_ocsp_response, module)?)?; diff --git a/src/rust/src/x509/sct.rs b/src/rust/src/x509/sct.rs index b7cce3ff4036..11502b92adae 100644 --- a/src/rust/src/x509/sct.rs +++ b/src/rust/src/x509/sct.rs @@ -5,6 +5,7 @@ use std::collections::hash_map::DefaultHasher; use std::hash::{Hash, Hasher}; +use pyo3::prelude::PyModuleMethods; use pyo3::ToPyObject; use crate::error::CryptographyError; @@ -255,7 +256,9 @@ pub(crate) fn parse_scts( Ok(py_scts.to_object(py)) } -pub(crate) fn add_to_module(module: &pyo3::prelude::PyModule) -> pyo3::PyResult<()> { +pub(crate) fn add_to_module( + module: &pyo3::Bound<'_, pyo3::prelude::PyModule>, +) -> pyo3::PyResult<()> { module.add_class::()?; Ok(()) diff --git a/src/rust/src/x509/verify.rs b/src/rust/src/x509/verify.rs index 2c65f6327103..800da5b347dd 100644 --- a/src/rust/src/x509/verify.rs +++ b/src/rust/src/x509/verify.rs @@ -13,6 +13,8 @@ use cryptography_x509_verification::{ }; use pyo3::IntoPy; +use pyo3::prelude::PyModuleMethods; + use crate::backend::keys; use crate::error::{CryptographyError, CryptographyResult}; use crate::types; @@ -450,7 +452,9 @@ impl PyStore { } } -pub(crate) fn add_to_module(module: &pyo3::prelude::PyModule) -> pyo3::PyResult<()> { +pub(crate) fn add_to_module( + module: &pyo3::Bound<'_, pyo3::prelude::PyModule>, +) -> pyo3::PyResult<()> { module.add_class::()?; module.add_class::()?; module.add_class::()?;