Skip to content

Commit

Permalink
Convert src/asn1.rs to new pyo3 APIs (#10711)
Browse files Browse the repository at this point in the history
  • Loading branch information
alex authored Apr 4, 2024
1 parent c65793b commit f284aee
Show file tree
Hide file tree
Showing 6 changed files with 27 additions and 21 deletions.
36 changes: 21 additions & 15 deletions src/rust/src/asn1.rs
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ use cryptography_x509::certificate::Certificate;
use cryptography_x509::common::{DssSignature, SubjectPublicKeyInfo, Time};
use cryptography_x509::name::Name;
use pyo3::prelude::PyAnyMethods;
use pyo3::prelude::PyModuleMethods;
use pyo3::types::IntoPyDict;
use pyo3::ToPyObject;

Expand Down Expand Up @@ -97,11 +98,11 @@ pub(crate) fn encode_der_data<'p>(
pem_tag: String,
data: Vec<u8>,
encoding: &'p pyo3::PyAny,
) -> CryptographyResult<&'p pyo3::types::PyBytes> {
if encoding.is(types::ENCODING_DER.get(py)?) {
Ok(pyo3::types::PyBytes::new(py, &data))
} else if encoding.is(types::ENCODING_PEM.get(py)?) {
Ok(pyo3::types::PyBytes::new(
) -> CryptographyResult<pyo3::Bound<'p, pyo3::types::PyBytes>> {
if encoding.is(&types::ENCODING_DER.get_bound(py)?) {
Ok(pyo3::types::PyBytes::new_bound(py, &data))
} else if encoding.is(&types::ENCODING_PEM.get_bound(py)?) {
Ok(pyo3::types::PyBytes::new_bound(
py,
&pem::encode_config(
&pem::Pem::new(pem_tag, data),
Expand All @@ -118,17 +119,17 @@ pub(crate) fn encode_der_data<'p>(
}

#[pyo3::prelude::pyfunction]
fn encode_dss_signature(
py: pyo3::Python<'_>,
fn encode_dss_signature<'p>(
py: pyo3::Python<'p>,
r: pyo3::Bound<'_, pyo3::types::PyLong>,
s: pyo3::Bound<'_, pyo3::types::PyLong>,
) -> CryptographyResult<pyo3::PyObject> {
) -> CryptographyResult<pyo3::Bound<'p, pyo3::types::PyBytes>> {
let sig = DssSignature {
r: asn1::BigUint::new(py_uint_to_big_endian_bytes(py, r)?).unwrap(),
s: asn1::BigUint::new(py_uint_to_big_endian_bytes(py, s)?).unwrap(),
};
let result = asn1::write_single(&sig)?;
Ok(pyo3::types::PyBytes::new(py, &result).to_object(py))
Ok(pyo3::types::PyBytes::new_bound(py, &result))
}

#[pyo3::prelude::pyclass(frozen, module = "cryptography.hazmat.bindings._rust.asn1")]
Expand Down Expand Up @@ -173,14 +174,19 @@ fn test_parse_certificate(data: &[u8]) -> Result<TestCertificate, CryptographyEr
})
}

pub(crate) fn create_submodule(py: pyo3::Python<'_>) -> pyo3::PyResult<&pyo3::prelude::PyModule> {
let submod = pyo3::prelude::PyModule::new(py, "asn1")?;
submod.add_function(pyo3::wrap_pyfunction!(parse_spki_for_data, submod)?)?;
pub(crate) fn create_submodule(
py: pyo3::Python<'_>,
) -> pyo3::PyResult<pyo3::Bound<'_, pyo3::prelude::PyModule>> {
let submod = pyo3::prelude::PyModule::new_bound(py, "asn1")?;
submod.add_function(pyo3::wrap_pyfunction_bound!(parse_spki_for_data, &submod)?)?;

submod.add_function(pyo3::wrap_pyfunction!(decode_dss_signature, submod)?)?;
submod.add_function(pyo3::wrap_pyfunction!(encode_dss_signature, submod)?)?;
submod.add_function(pyo3::wrap_pyfunction_bound!(decode_dss_signature, &submod)?)?;
submod.add_function(pyo3::wrap_pyfunction_bound!(encode_dss_signature, &submod)?)?;

submod.add_function(pyo3::wrap_pyfunction!(test_parse_certificate, submod)?)?;
submod.add_function(pyo3::wrap_pyfunction_bound!(
test_parse_certificate,
&submod
)?)?;

Ok(submod)
}
2 changes: 1 addition & 1 deletion src/rust/src/backend/dh.rs
Original file line number Diff line number Diff line change
Expand Up @@ -343,7 +343,7 @@ impl DHParameters {
py: pyo3::Python<'p>,
encoding: &'p pyo3::PyAny,
format: &pyo3::PyAny,
) -> CryptographyResult<&'p pyo3::types::PyBytes> {
) -> CryptographyResult<pyo3::Bound<'p, pyo3::types::PyBytes>> {
if !format.is(types::PARAMETER_FORMAT_PKCS3.get(py)?) {
return Err(CryptographyError::from(
pyo3::exceptions::PyValueError::new_err("Only PKCS3 serialization is supported"),
Expand Down
2 changes: 1 addition & 1 deletion src/rust/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ fn _rust(py: pyo3::Python<'_>, m: &pyo3::types::PyModule) -> pyo3::PyResult<()>
m.add_function(pyo3::wrap_pyfunction!(padding::check_ansix923_padding, m)?)?;
m.add_class::<oid::ObjectIdentifier>()?;

m.add_submodule(asn1::create_submodule(py)?)?;
m.add_submodule(asn1::create_submodule(py)?.into_gil_ref())?;
m.add_submodule(pkcs7::create_submodule(py)?)?;
m.add_submodule(pkcs12::create_submodule(py)?.into_gil_ref())?;
m.add_submodule(exceptions::create_submodule(py)?.into_gil_ref())?;
Expand Down
4 changes: 2 additions & 2 deletions src/rust/src/pkcs7.rs
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ fn serialize_certificates<'p>(
py: pyo3::Python<'p>,
py_certs: Vec<pyo3::PyRef<'p, x509::certificate::Certificate>>,
encoding: &'p pyo3::PyAny,
) -> CryptographyResult<&'p pyo3::types::PyBytes> {
) -> CryptographyResult<pyo3::Bound<'p, pyo3::types::PyBytes>> {
if py_certs.is_empty() {
return Err(pyo3::exceptions::PyTypeError::new_err(
"certs must be a list of certs with length >= 1",
Expand Down Expand Up @@ -84,7 +84,7 @@ fn sign_and_serialize<'p>(
builder: &'p pyo3::PyAny,
encoding: &'p pyo3::PyAny,
options: &'p pyo3::types::PyList,
) -> CryptographyResult<&'p pyo3::types::PyBytes> {
) -> CryptographyResult<pyo3::Bound<'p, pyo3::types::PyBytes>> {
let raw_data: CffiBuf<'p> = builder.getattr(pyo3::intern!(py, "_data"))?.extract()?;
let text_mode = options.contains(types::PKCS7_TEXT.get(py)?)?;
let (data_with_header, data_without_header) =
Expand Down
2 changes: 1 addition & 1 deletion src/rust/src/x509/crl.rs
Original file line number Diff line number Diff line change
Expand Up @@ -235,7 +235,7 @@ impl CertificateRevocationList {
&self,
py: pyo3::Python<'p>,
encoding: &'p pyo3::PyAny,
) -> CryptographyResult<&'p pyo3::types::PyBytes> {
) -> CryptographyResult<pyo3::Bound<'p, pyo3::types::PyBytes>> {
let result = asn1::write_single(&self.owned.borrow_dependent())?;

encode_der_data(py, "X509 CRL".to_string(), result, encoding)
Expand Down
2 changes: 1 addition & 1 deletion src/rust/src/x509/csr.rs
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ impl CertificateSigningRequest {
&self,
py: pyo3::Python<'p>,
encoding: &'p pyo3::PyAny,
) -> CryptographyResult<&'p pyo3::types::PyBytes> {
) -> CryptographyResult<pyo3::Bound<'p, pyo3::types::PyBytes>> {
let result = asn1::write_single(self.raw.borrow_dependent())?;

encode_der_data(py, "CERTIFICATE REQUEST".to_string(), result, encoding)
Expand Down

0 comments on commit f284aee

Please sign in to comment.