diff --git a/src/rust/src/backend/dh.rs b/src/rust/src/backend/dh.rs index 5e84febbc..b0527fca1 100644 --- a/src/rust/src/backend/dh.rs +++ b/src/rust/src/backend/dh.rs @@ -259,8 +259,8 @@ impl DHPublicKey { fn public_bytes<'p>( slf: &pyo3::Bound<'p, Self>, py: pyo3::Python<'p>, - encoding: &pyo3::PyAny, - format: &pyo3::PyAny, + encoding: &pyo3::Bound<'p, pyo3::PyAny>, + format: &pyo3::Bound<'p, pyo3::PyAny>, ) -> CryptographyResult> { if !format.is(types::PUBLIC_FORMAT_SUBJECT_PUBLIC_KEY_INFO.get(py)?) { return Err(CryptographyError::from( diff --git a/src/rust/src/backend/dsa.rs b/src/rust/src/backend/dsa.rs index 0bcfd2bf7..9793da8a0 100644 --- a/src/rust/src/backend/dsa.rs +++ b/src/rust/src/backend/dsa.rs @@ -7,6 +7,7 @@ use crate::buf::CffiBuf; use crate::error::{CryptographyError, CryptographyResult}; use crate::exceptions; use pyo3::prelude::PyAnyMethods; +use pyo3::PyNativeType; #[pyo3::prelude::pyclass( frozen, @@ -71,7 +72,8 @@ impl DsaPrivateKey { data: CffiBuf<'_>, algorithm: &pyo3::PyAny, ) -> CryptographyResult<&'p pyo3::types::PyBytes> { - let (data, _) = utils::calculate_digest_and_algorithm(py, data.as_bytes(), algorithm)?; + let (data, _) = + utils::calculate_digest_and_algorithm(py, data.as_bytes(), &algorithm.as_borrowed())?; let mut signer = openssl::pkey_ctx::PkeyCtx::new(&self.pkey)?; signer.sign_init()?; @@ -157,7 +159,8 @@ impl DsaPublicKey { data: CffiBuf<'_>, algorithm: &pyo3::PyAny, ) -> CryptographyResult<()> { - let (data, _) = utils::calculate_digest_and_algorithm(py, data.as_bytes(), algorithm)?; + let (data, _) = + utils::calculate_digest_and_algorithm(py, data.as_bytes(), &algorithm.as_borrowed())?; let mut verifier = openssl::pkey_ctx::PkeyCtx::new(&self.pkey)?; verifier.verify_init()?; @@ -204,8 +207,8 @@ impl DsaPublicKey { fn public_bytes<'p>( slf: &pyo3::Bound<'p, Self>, py: pyo3::Python<'p>, - encoding: &pyo3::PyAny, - format: &pyo3::PyAny, + encoding: &pyo3::Bound<'p, pyo3::PyAny>, + format: &pyo3::Bound<'p, pyo3::PyAny>, ) -> CryptographyResult> { utils::pkey_public_bytes(py, slf, &slf.borrow().pkey, encoding, format, true, false) } diff --git a/src/rust/src/backend/ec.rs b/src/rust/src/backend/ec.rs index 500e0b6e7..a34fc131e 100644 --- a/src/rust/src/backend/ec.rs +++ b/src/rust/src/backend/ec.rs @@ -6,7 +6,7 @@ use std::collections::hash_map::DefaultHasher; use std::hash::{Hash, Hasher}; use pyo3::prelude::PyAnyMethods; -use pyo3::ToPyObject; +use pyo3::{PyNativeType, ToPyObject}; use crate::backend::utils; use crate::buf::CffiBuf; @@ -274,11 +274,11 @@ impl ECPrivateKey { )), )); } - let (data, algo) = utils::calculate_digest_and_algorithm( - py, - data.as_bytes(), - signature_algorithm.getattr(pyo3::intern!(py, "algorithm"))?, - )?; + let bound_algorithm = signature_algorithm + .getattr(pyo3::intern!(py, "algorithm"))? + .as_borrowed(); + let (data, algo) = + utils::calculate_digest_and_algorithm(py, data.as_bytes(), &bound_algorithm)?; let mut signer = openssl::pkey_ctx::PkeyCtx::new(&self.pkey)?; signer.sign_init()?; @@ -398,7 +398,9 @@ impl ECPublicKey { let (data, _) = utils::calculate_digest_and_algorithm( py, data.as_bytes(), - signature_algorithm.getattr(pyo3::intern!(py, "algorithm"))?, + &signature_algorithm + .as_borrowed() + .getattr(pyo3::intern!(py, "algorithm"))?, )?; let mut verifier = openssl::pkey_ctx::PkeyCtx::new(&self.pkey)?; @@ -437,8 +439,8 @@ impl ECPublicKey { fn public_bytes<'p>( slf: &pyo3::Bound<'p, Self>, py: pyo3::Python<'p>, - encoding: &pyo3::PyAny, - format: &pyo3::PyAny, + encoding: &pyo3::Bound<'p, pyo3::PyAny>, + format: &pyo3::Bound<'p, pyo3::PyAny>, ) -> CryptographyResult> { utils::pkey_public_bytes(py, slf, &slf.borrow().pkey, encoding, format, true, false) } diff --git a/src/rust/src/backend/ed25519.rs b/src/rust/src/backend/ed25519.rs index 55db28c30..383fa3a5f 100644 --- a/src/rust/src/backend/ed25519.rs +++ b/src/rust/src/backend/ed25519.rs @@ -143,8 +143,8 @@ impl Ed25519PublicKey { fn public_bytes<'p>( slf: &pyo3::Bound<'p, Self>, py: pyo3::Python<'p>, - encoding: &pyo3::PyAny, - format: &pyo3::PyAny, + encoding: &pyo3::Bound<'p, pyo3::PyAny>, + format: &pyo3::Bound<'p, pyo3::PyAny>, ) -> CryptographyResult> { utils::pkey_public_bytes(py, slf, &slf.borrow().pkey, encoding, format, true, true) } diff --git a/src/rust/src/backend/ed448.rs b/src/rust/src/backend/ed448.rs index a8678a6aa..9d9bf485c 100644 --- a/src/rust/src/backend/ed448.rs +++ b/src/rust/src/backend/ed448.rs @@ -140,8 +140,8 @@ impl Ed448PublicKey { fn public_bytes<'p>( slf: &pyo3::Bound<'p, Self>, py: pyo3::Python<'p>, - encoding: &pyo3::PyAny, - format: &pyo3::PyAny, + encoding: &pyo3::Bound<'p, pyo3::PyAny>, + format: &pyo3::Bound<'p, pyo3::PyAny>, ) -> CryptographyResult> { utils::pkey_public_bytes(py, slf, &slf.borrow().pkey, encoding, format, true, true) } diff --git a/src/rust/src/backend/rsa.rs b/src/rust/src/backend/rsa.rs index f1d9217d9..512b12ece 100644 --- a/src/rust/src/backend/rsa.rs +++ b/src/rust/src/backend/rsa.rs @@ -288,11 +288,8 @@ impl RsaPrivateKey { padding: &pyo3::Bound<'p, pyo3::PyAny>, algorithm: &pyo3::Bound<'p, pyo3::PyAny>, ) -> CryptographyResult> { - let (data, algorithm) = utils::calculate_digest_and_algorithm( - py, - data.as_bytes(), - algorithm.clone().into_gil_ref(), - )?; + let (data, algorithm) = + utils::calculate_digest_and_algorithm(py, data.as_bytes(), algorithm)?; let mut ctx = openssl::pkey_ctx::PkeyCtx::new(&self.pkey)?; ctx.sign_init().map_err(|_| { @@ -438,11 +435,8 @@ impl RsaPublicKey { padding: &pyo3::Bound<'_, pyo3::PyAny>, algorithm: &pyo3::Bound<'_, pyo3::PyAny>, ) -> CryptographyResult<()> { - let (data, algorithm) = utils::calculate_digest_and_algorithm( - py, - data.as_bytes(), - algorithm.clone().into_gil_ref(), - )?; + let (data, algorithm) = + utils::calculate_digest_and_algorithm(py, data.as_bytes(), algorithm)?; let mut ctx = openssl::pkey_ctx::PkeyCtx::new(&self.pkey)?; ctx.verify_init()?; @@ -534,8 +528,8 @@ impl RsaPublicKey { fn public_bytes<'p>( slf: &pyo3::Bound<'p, Self>, py: pyo3::Python<'p>, - encoding: &pyo3::PyAny, - format: &pyo3::PyAny, + encoding: &pyo3::Bound<'p, pyo3::PyAny>, + format: &pyo3::Bound<'p, pyo3::PyAny>, ) -> CryptographyResult> { utils::pkey_public_bytes(py, slf, &slf.borrow().pkey, encoding, format, true, false) } diff --git a/src/rust/src/backend/utils.rs b/src/rust/src/backend/utils.rs index 7c01e0be3..d3cc3b24b 100644 --- a/src/rust/src/backend/utils.rs +++ b/src/rust/src/backend/utils.rs @@ -6,7 +6,7 @@ use crate::backend::hashes::Hash; use crate::error::{CryptographyError, CryptographyResult}; use crate::{error, types}; use pyo3::prelude::PyAnyMethods; -use pyo3::{PyNativeType, ToPyObject}; +use pyo3::ToPyObject; pub(crate) fn py_int_to_bn( py: pyo3::Python<'_>, @@ -240,19 +240,19 @@ pub(crate) fn pkey_public_bytes<'p>( py: pyo3::Python<'p>, key_obj: &pyo3::Bound<'p, pyo3::PyAny>, pkey: &openssl::pkey::PKey, - encoding: &pyo3::PyAny, - format: &pyo3::PyAny, + encoding: &pyo3::Bound<'p, pyo3::PyAny>, + format: &pyo3::Bound<'p, pyo3::PyAny>, openssh_allowed: bool, raw_allowed: bool, ) -> CryptographyResult> { - if !encoding.is_instance(types::ENCODING.get(py)?)? { + if !encoding.is_instance(&types::ENCODING.get_bound(py)?)? { return Err(CryptographyError::from( pyo3::exceptions::PyTypeError::new_err( "encoding must be an item from the Encoding enum", ), )); } - if !format.is_instance(types::PUBLIC_FORMAT.get(py)?)? { + if !format.is_instance(&types::PUBLIC_FORMAT.get_bound(py)?)? { return Err(CryptographyError::from( pyo3::exceptions::PyTypeError::new_err( "format must be an item from the PublicFormat enum", @@ -355,10 +355,11 @@ pub(crate) fn pkey_public_bytes<'p>( pub(crate) fn calculate_digest_and_algorithm<'p>( py: pyo3::Python<'p>, mut data: &'p [u8], - mut algorithm: &'p pyo3::PyAny, -) -> CryptographyResult<(&'p [u8], &'p pyo3::PyAny)> { - if algorithm.is_instance(types::PREHASHED.get(py)?)? { - algorithm = algorithm.getattr("_algorithm")?; + algorithm: &pyo3::Bound<'p, pyo3::PyAny>, +) -> CryptographyResult<(&'p [u8], pyo3::Bound<'p, pyo3::PyAny>)> { + let mut algorithm_result = algorithm.clone(); + if algorithm.is_instance(&types::PREHASHED.get_bound(py)?)? { + algorithm_result = algorithm.getattr("_algorithm")?; } else { // Potential optimization: rather than allocate a PyBytes in // `h.finalize()`, have a way to get the `DigestBytes` directly. @@ -375,7 +376,7 @@ pub(crate) fn calculate_digest_and_algorithm<'p>( )); } - Ok((data, algorithm)) + Ok((data, algorithm_result)) } pub(crate) enum PasswordCallbackStatus { diff --git a/src/rust/src/backend/x25519.rs b/src/rust/src/backend/x25519.rs index 45d397e75..970f8b8ea 100644 --- a/src/rust/src/backend/x25519.rs +++ b/src/rust/src/backend/x25519.rs @@ -130,8 +130,8 @@ impl X25519PublicKey { fn public_bytes<'p>( slf: &pyo3::Bound<'p, Self>, py: pyo3::Python<'p>, - encoding: &pyo3::PyAny, - format: &pyo3::PyAny, + encoding: &pyo3::Bound<'p, pyo3::PyAny>, + format: &pyo3::Bound<'p, pyo3::PyAny>, ) -> CryptographyResult> { utils::pkey_public_bytes(py, slf, &slf.borrow().pkey, encoding, format, false, true) } diff --git a/src/rust/src/backend/x448.rs b/src/rust/src/backend/x448.rs index bd2833df4..517fc48c0 100644 --- a/src/rust/src/backend/x448.rs +++ b/src/rust/src/backend/x448.rs @@ -129,8 +129,8 @@ impl X448PublicKey { fn public_bytes<'p>( slf: &pyo3::Bound<'p, Self>, py: pyo3::Python<'p>, - encoding: &pyo3::PyAny, - format: &pyo3::PyAny, + encoding: &pyo3::Bound<'p, pyo3::PyAny>, + format: &pyo3::Bound<'p, pyo3::PyAny>, ) -> CryptographyResult> { utils::pkey_public_bytes(py, slf, &slf.borrow().pkey, encoding, format, false, true) }