pyo3: bump to version 0.14.1 (#6154)

2026-05-14 20:37:55 +00:00 · 2021-07-04 17:01:10 -06:00 · 2021-07-04 17:01:10 -06:00 · 120e804d8a
commit 120e804d8a
parent 665126dd2b
4 changed files with 125 additions and 135 deletions
--- a/src/rust/Cargo.lock
+++ b/src/rust/Cargo.lock
@ -68,27 +68,6 @@ dependencies = [
 "pyo3",
 ]
 [[package]]
 name = "ctor"
 version = "0.1.20"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "5e98e2ad1a782e33928b96fc3948e7c355e5af34ba4de7670fe8bac2a3b2006d"
 dependencies = [
 "quote",
 "syn",
 ]
 [[package]]
 name = "ghost"
 version = "0.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1a5bcf1bbeab73aa4cf2fde60a846858dc036163c7c33bec309f8d17de785479"
 dependencies = [
 "proc-macro2",
 "quote",
 "syn",
 ]
 [[package]]
 name = "indoc"
 version = "0.3.6"
@ -121,28 +100,6 @@ dependencies = [
 "cfg-if",
 ]
 [[package]]
 name = "inventory"
 version = "0.1.10"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0f0f7efb804ec95e33db9ad49e4252f049e37e8b0a4652e3cd61f7999f2eff7f"
 dependencies = [
 "ctor",
 "ghost",
 "inventory-impl",
 ]
 [[package]]
 name = "inventory-impl"
 version = "0.1.10"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "75c094e94816723ab936484666968f5b58060492e880f3c8d00489a1e244fa51"
 dependencies = [
 "proc-macro2",
 "quote",
 "syn",
 ]
 [[package]]
 name = "lazy_static"
 version = "1.4.0"
@ -183,6 +140,12 @@ dependencies = [
 "autocfg",
 ]
 [[package]]
 name = "once_cell"
 version = "1.8.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "692fcb63b64b1758029e0a96ee63e049ce8c5948587f2f7208df04625e5f6b56"
 [[package]]
 name = "ouroboros"
 version = "0.9.5"
@ -291,26 +254,34 @@ dependencies = [
 [[package]]
 name = "pyo3"
-version = "0.13.2"
+version = "0.14.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4837b8e8e18a102c23f79d1e9a110b597ea3b684c95e874eb1ad88f8683109c3"
+checksum = "338f7f3701e11fd7f76508c91fbcaabc982564bcaf4d1ca7e1574ff2b4778aec"
 dependencies = [
 "cfg-if",
 "ctor",
 "indoc",
 "inventory",
 "libc",
 "parking_lot",
 "paste",
 "pyo3-build-config",
 "pyo3-macros",
 "unindent",
 ]
 [[package]]
-name = "pyo3-macros"
+name = "pyo3-build-config"
-version = "0.13.2"
+version = "0.14.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a47f2c300ceec3e58064fd5f8f5b61230f2ffd64bde4970c81fdd0563a2db1bb"
+checksum = "dcb2e98cc9ccc83d4f7115c8f925e0057e88c8d324b1bc4c2db4a7270c06ac9d"
 dependencies = [
 "once_cell",
 ]
 [[package]]
 name = "pyo3-macros"
 version = "0.14.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "cfb8671a42d0ecc4bec8cc107ae96d49292ca20cd1968e09b98af4aafd516adf"
 dependencies = [
 "pyo3-macros-backend",
 "quote",
@ -319,11 +290,12 @@ dependencies = [
 [[package]]
 name = "pyo3-macros-backend"
-version = "0.13.2"
+version = "0.14.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "87b097e5d84fcbe3e167f400fbedd657820a375b034c78bd852050749a575d66"
+checksum = "9addf6dc422f05d4949cc0990195ee74fa43e3c3780cc9a1972fe9e7b68a9f48"
 dependencies = [
 "proc-macro2",
 "pyo3-build-config",
 "quote",
 "syn",
 ]
--- a/src/rust/Cargo.toml
+++ b/src/rust/Cargo.toml
@ -7,7 +7,7 @@ publish = false
 [dependencies]
 lazy_static = "1"
-pyo3 = { version = "0.13.1" }
+pyo3 = { version = "0.14.1" }
 asn1 = { version = "0.5.3", default-features = false, features = ["derive"] }
 chrono = { version = "0.4", default-features = false, features = ["alloc"] }
 ouroboros = "0.9"
--- a/src/rust/src/ocsp.rs
+++ b/src/rust/src/ocsp.rs
@ -94,17 +94,14 @@ impl OCSPRequest {
        let hashes = py.import("cryptography.hazmat.primitives.hashes")?;
        match OIDS_TO_HASH.get(&cert_id.hash_algorithm.oid) {
-            Some(alg_name) => Ok(hashes.call0(alg_name)?),
+            Some(alg_name) => Ok(hashes.getattr(alg_name)?.call0()?),
            None => {
                let exceptions = py.import("cryptography.exceptions")?;
                Err(PyAsn1Error::from(pyo3::PyErr::from_instance(
-                    exceptions.call1(
+                    exceptions.getattr("UnsupportedAlgorithm")?.call1((format!(
-                        "UnsupportedAlgorithm",
+                        "Signature algorithm OID: {} not recognized",
-                        (format!(
+                        cert_id.hash_algorithm.oid
-                            "Signature algorithm OID: {} not recognized",
+                    ),))?,
                            cert_id.hash_algorithm.oid
                        ),),
                    )?,
                )))
            }
        }
@ -233,7 +230,8 @@ fn parse_ocsp_singleresp_extension(
        let contents = asn1::parse_single::<&[u8]>(ext_data)?;
        let scts = x509::parse_scts(py, contents, x509::LogEntryType::Certificate)?;
        Ok(x509_module
-            .call1("SignedCertificateTimestamps", (scts,))?
+            .getattr("SignedCertificateTimestamps")?
            .call1((scts,))?
            .to_object(py))
    } else {
        x509::parse_crl_entry_extension(py, der_oid, ext_data)
--- a/src/rust/src/x509.rs
+++ b/src/rust/src/x509.rs
@ -240,17 +240,14 @@ fn chrono_to_py<'p>(
    dt: &chrono::DateTime<chrono::Utc>,
 ) -> pyo3::PyResult<&'p pyo3::PyAny> {
    let datetime_module = py.import("datetime")?;
-    datetime_module.call1(
+    datetime_module.getattr("datetime")?.call1((
-        "datetime",
+        dt.year(),
-        (
+        dt.month(),
-            dt.year(),
+        dt.day(),
-            dt.month(),
+        dt.hour(),
-            dt.day(),
+        dt.minute(),
-            dt.hour(),
+        dt.second(),
-            dt.minute(),
+    ))
            dt.second(),
        ),
    )
 }
 struct UnvalidatedIA5String<'a>(&'a str);
@ -377,10 +374,8 @@ fn parse_distribution_point(
    };
    let x509_module = py.import("cryptography.x509")?;
    Ok(x509_module
-        .call1(
+        .getattr("DistributionPoint")?
-            "DistributionPoint",
+        .call1((full_name, relative_name, reasons, crl_issuer))?
            (full_name, relative_name, reasons, crl_issuer),
        )?
        .to_object(py))
 }
@ -486,10 +481,11 @@ fn parse_authority_key_identifier<'p>(
        Some(aci) => parse_general_names(py, aci)?,
        None => py.None(),
    };
-    Ok(x509_module.call1(
+    Ok(x509_module.getattr("AuthorityKeyIdentifier")?.call1((
-        "AuthorityKeyIdentifier",
+        aki.key_identifier,
-        (aki.key_identifier, issuer, serial),
+        issuer,
-    )?)
+        serial,
    ))?)
 }
 fn parse_name_attribute(
@ -678,7 +674,8 @@ fn parse_access_descriptions(
            .to_object(py);
        let gn = parse_general_name(py, access.access_location)?;
        let ad = x509_module
-            .call1("AccessDescription", (py_oid, gn))?
+            .getattr("AccessDescription")?
            .call1((py_oid, gn))?
            .to_object(py);
        ads.append(ad)?;
    }
@ -863,13 +860,15 @@ fn parse_x509_extension(
        let gn_seq = asn1::parse_single::<asn1::SequenceOf<'_, GeneralName<'_>>>(ext_data)?;
        let sans = parse_general_names(py, gn_seq)?;
        Ok(x509_module
-            .call1("SubjectAlternativeName", (sans,))?
+            .getattr("SubjectAlternativeName")?
            .call1((sans,))?
            .to_object(py))
    } else if oid == *ISSUER_ALTERNATIVE_NAME_OID {
        let gn_seq = asn1::parse_single::<asn1::SequenceOf<'_, GeneralName<'_>>>(ext_data)?;
        let ians = parse_general_names(py, gn_seq)?;
        Ok(x509_module
-            .call1("IssuerAlternativeName", (ians,))?
+            .getattr("IssuerAlternativeName")?
            .call1((ians,))?
            .to_object(py))
    } else if oid == *TLS_FEATURE_OID {
        let tls_feature_type_to_enum = py
@ -881,11 +880,15 @@ fn parse_x509_extension(
            let py_feature = tls_feature_type_to_enum.get_item(feature.to_object(py))?;
            features.append(py_feature)?;
        }
-        Ok(x509_module.call1("TLSFeature", (features,))?.to_object(py))
+        Ok(x509_module
            .getattr("TLSFeature")?
            .call1((features,))?
            .to_object(py))
    } else if oid == *SUBJECT_KEY_IDENTIFIER_OID {
        let identifier = asn1::parse_single::<&[u8]>(ext_data)?;
        Ok(x509_module
-            .call1("SubjectKeyIdentifier", (identifier,))?
+            .getattr("SubjectKeyIdentifier")?
            .call1((identifier,))?
            .to_object(py))
    } else if oid == *EXTENDED_KEY_USAGE_OID {
        let ekus = pyo3::types::PyList::empty(py);
@ -895,7 +898,8 @@ fn parse_x509_extension(
            ekus.append(oid_obj)?;
        }
        Ok(x509_module
-            .call1("ExtendedKeyUsage", (ekus,))?
+            .getattr("ExtendedKeyUsage")?
            .call1((ekus,))?
            .to_object(py))
    } else if oid == *KEY_USAGE_OID {
        let kus = asn1::parse_single::<asn1::BitString<'_>>(ext_data)?;
@ -909,30 +913,30 @@ fn parse_x509_extension(
        let encipher_only = kus.has_bit_set(7);
        let decipher_only = kus.has_bit_set(8);
        Ok(x509_module
-            .call1(
+            .getattr("KeyUsage")?
-                "KeyUsage",
+            .call1((
-                (
+                digital_signature,
-                    digital_signature,
+                content_comitment,
-                    content_comitment,
+                key_encipherment,
-                    key_encipherment,
+                data_encipherment,
-                    data_encipherment,
+                key_agreement,
-                    key_agreement,
+                key_cert_sign,
-                    key_cert_sign,
+                crl_sign,
-                    crl_sign,
+                encipher_only,
-                    encipher_only,
+                decipher_only,
-                    decipher_only,
+            ))?
                ),
            )?
            .to_object(py))
    } else if oid == *AUTHORITY_INFORMATION_ACCESS_OID {
        let ads = parse_access_descriptions(py, ext_data)?;
        Ok(x509_module
-            .call1("AuthorityInformationAccess", (ads,))?
+            .getattr("AuthorityInformationAccess")?
            .call1((ads,))?
            .to_object(py))
    } else if oid == *SUBJECT_INFORMATION_ACCESS_OID {
        let ads = parse_access_descriptions(py, ext_data)?;
        Ok(x509_module
-            .call1("SubjectInformationAccess", (ads,))?
+            .getattr("SubjectInformationAccess")?
            .call1((ads,))?
            .to_object(py))
    } else if oid == *CERTIFICATE_POLICIES_OID {
        let cp = parse_cp(py, ext_data)?;
@ -942,44 +946,47 @@ fn parse_x509_extension(
    } else if oid == *POLICY_CONSTRAINTS_OID {
        let pc = asn1::parse_single::<PolicyConstraints>(ext_data)?;
        Ok(x509_module
-            .call1(
+            .getattr("PolicyConstraints")?
-                "PolicyConstraints",
+            .call1((pc.require_explicit_policy, pc.inhibit_policy_mapping))?
                (pc.require_explicit_policy, pc.inhibit_policy_mapping),
            )?
            .to_object(py))
    } else if oid == *PRECERT_POISON_OID {
        asn1::parse_single::<()>(ext_data)?;
-        Ok(x509_module.call0("PrecertPoison")?.to_object(py))
+        Ok(x509_module.getattr("PrecertPoison")?.call0()?.to_object(py))
    } else if oid == *OCSP_NO_CHECK_OID {
        asn1::parse_single::<()>(ext_data)?;
-        Ok(x509_module.call0("OCSPNoCheck")?.to_object(py))
+        Ok(x509_module.getattr("OCSPNoCheck")?.call0()?.to_object(py))
    } else if oid == *INHIBIT_ANY_POLICY_OID {
        let bignum = asn1::parse_single::<asn1::BigUint<'_>>(ext_data)?;
        let pynum = big_asn1_uint_to_py(py, bignum)?;
        Ok(x509_module
-            .call1("InhibitAnyPolicy", (pynum,))?
+            .getattr("InhibitAnyPolicy")?
            .call1((pynum,))?
            .to_object(py))
    } else if oid == *BASIC_CONSTRAINTS_OID {
        let bc = asn1::parse_single::<BasicConstraints>(ext_data)?;
        Ok(x509_module
-            .call1("BasicConstraints", (bc.ca, bc.path_length))?
+            .getattr("BasicConstraints")?
            .call1((bc.ca, bc.path_length))?
            .to_object(py))
    } else if oid == *AUTHORITY_KEY_IDENTIFIER_OID {
        Ok(parse_authority_key_identifier(py, ext_data)?.to_object(py))
    } else if oid == *CRL_DISTRIBUTION_POINTS_OID {
        let dp = parse_distribution_points(py, ext_data)?;
        Ok(x509_module
-            .call1("CRLDistributionPoints", (dp,))?
+            .getattr("CRLDistributionPoints")?
            .call1((dp,))?
            .to_object(py))
    } else if oid == *FRESHEST_CRL_OID {
        Ok(x509_module
-            .call1("FreshestCRL", (parse_distribution_points(py, ext_data)?,))?
+            .getattr("FreshestCRL")?
            .call1((parse_distribution_points(py, ext_data)?,))?
            .to_object(py))
    } else if oid == *PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS_OID {
        let contents = asn1::parse_single::<&[u8]>(ext_data)?;
        let scts = parse_scts(py, contents, LogEntryType::PreCertificate)?;
        Ok(x509_module
-            .call1("PrecertificateSignedCertificateTimestamps", (scts,))?
+            .getattr("PrecertificateSignedCertificateTimestamps")?
            .call1((scts,))?
            .to_object(py))
    } else if oid == *NAME_CONSTRAINTS_OID {
        let nc = asn1::parse_single::<NameConstraints<'_>>(ext_data)?;
@ -992,7 +999,8 @@ fn parse_x509_extension(
            None => py.None(),
        };
        Ok(x509_module
-            .call1("NameConstraints", (permitted_subtrees, excluded_subtrees))?
+            .getattr("NameConstraints")?
            .call1((permitted_subtrees, excluded_subtrees))?
            .to_object(py))
    } else {
        Ok(py.None())
@ -1027,17 +1035,24 @@ pub(crate) fn parse_crl_entry_extension(
            }
        };
        let flag = x509_module.getattr("ReasonFlags")?.getattr(flag_name)?;
-        Ok(x509_module.call1("CRLReason", (flag,))?.to_object(py))
+        Ok(x509_module
            .getattr("CRLReason")?
            .call1((flag,))?
            .to_object(py))
    } else if oid == *CERTIFICATE_ISSUER_OID {
        let gn_seq = asn1::parse_single::<asn1::SequenceOf<'_, GeneralName<'_>>>(ext_data)?;
        let gns = parse_general_names(py, gn_seq)?;
        Ok(x509_module
-            .call1("CertificateIssuer", (gns,))?
+            .getattr("CertificateIssuer")?
            .call1((gns,))?
            .to_object(py))
    } else if oid == *INVALIDITY_DATE_OID {
        let time = asn1::parse_single::<asn1::GeneralizedTime>(ext_data)?;
        let py_dt = chrono_to_py(py, time.as_chrono())?;
-        Ok(x509_module.call1("InvalidityDate", (py_dt,))?.to_object(py))
+        Ok(x509_module
            .getattr("InvalidityDate")?
            .call1((py_dt,))?
            .to_object(py))
    } else {
        Ok(py.None())
    }
@ -1055,23 +1070,29 @@ fn parse_crl_extension(
    if oid == *CRL_NUMBER_OID {
        let bignum = asn1::parse_single::<asn1::BigUint<'_>>(ext_data)?;
        let pynum = big_asn1_uint_to_py(py, bignum)?;
-        Ok(x509_module.call1("CRLNumber", (pynum,))?.to_object(py))
+        Ok(x509_module
            .getattr("CRLNumber")?
            .call1((pynum,))?
            .to_object(py))
    } else if oid == *DELTA_CRL_INDICATOR_OID {
        let bignum = asn1::parse_single::<asn1::BigUint<'_>>(ext_data)?;
        let pynum = big_asn1_uint_to_py(py, bignum)?;
        Ok(x509_module
-            .call1("DeltaCRLIndicator", (pynum,))?
+            .getattr("DeltaCRLIndicator")?
            .call1((pynum,))?
            .to_object(py))
    } else if oid == *ISSUER_ALTERNATIVE_NAME_OID {
        let gn_seq = asn1::parse_single::<asn1::SequenceOf<'_, GeneralName<'_>>>(ext_data)?;
        let ians = parse_general_names(py, gn_seq)?;
        Ok(x509_module
-            .call1("IssuerAlternativeName", (ians,))?
+            .getattr("IssuerAlternativeName")?
            .call1((ians,))?
            .to_object(py))
    } else if oid == *AUTHORITY_INFORMATION_ACCESS_OID {
        let ads = parse_access_descriptions(py, ext_data)?;
        Ok(x509_module
-            .call1("AuthorityInformationAccess", (ads,))?
+            .getattr("AuthorityInformationAccess")?
            .call1((ads,))?
            .to_object(py))
    } else if oid == *AUTHORITY_KEY_IDENTIFIER_OID {
        Ok(parse_authority_key_identifier(py, ext_data)?.to_object(py))
@ -1083,22 +1104,21 @@ fn parse_crl_extension(
        };
        let reasons = parse_distribution_point_reasons(py, idp.only_some_reasons)?;
        Ok(x509_module
-            .call1(
+            .getattr("IssuingDistributionPoint")?
-                "IssuingDistributionPoint",
+            .call1((
-                (
+                full_name,
-                    full_name,
+                relative_name,
-                    relative_name,
+                idp.only_contains_user_certs,
-                    idp.only_contains_user_certs,
+                idp.only_contains_ca_certs,
-                    idp.only_contains_ca_certs,
+                reasons,
-                    reasons,
+                idp.indirect_crl,
-                    idp.indirect_crl,
+                idp.only_contains_attribute_certs,
-                    idp.only_contains_attribute_certs,
+            ))?
                ),
            )?
            .to_object(py))
    } else if oid == *FRESHEST_CRL_OID {
        Ok(x509_module
-            .call1("FreshestCRL", (parse_distribution_points(py, ext_data)?,))?
+            .getattr("FreshestCRL")?
            .call1((parse_distribution_points(py, ext_data)?,))?
            .to_object(py))
    } else {
        Ok(py.None())