diff --git a/src/rust/Cargo.lock b/src/rust/Cargo.lock index 6453ed9c698b5..c37ad04bbbad1 100644 --- a/src/rust/Cargo.lock +++ b/src/rust/Cargo.lock @@ -68,27 +68,6 @@ dependencies = [ "pyo3", ] -[[package]] -name = "ctor" -version = "0.1.20" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5e98e2ad1a782e33928b96fc3948e7c355e5af34ba4de7670fe8bac2a3b2006d" -dependencies = [ - "quote", - "syn", -] - -[[package]] -name = "ghost" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a5bcf1bbeab73aa4cf2fde60a846858dc036163c7c33bec309f8d17de785479" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - [[package]] name = "indoc" version = "0.3.6" @@ -121,28 +100,6 @@ dependencies = [ "cfg-if", ] -[[package]] -name = "inventory" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0f0f7efb804ec95e33db9ad49e4252f049e37e8b0a4652e3cd61f7999f2eff7f" -dependencies = [ - "ctor", - "ghost", - "inventory-impl", -] - -[[package]] -name = "inventory-impl" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "75c094e94816723ab936484666968f5b58060492e880f3c8d00489a1e244fa51" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - [[package]] name = "lazy_static" version = "1.4.0" @@ -183,6 +140,12 @@ dependencies = [ "autocfg", ] +[[package]] +name = "once_cell" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "692fcb63b64b1758029e0a96ee63e049ce8c5948587f2f7208df04625e5f6b56" + [[package]] name = "ouroboros" version = "0.9.5" @@ -291,26 +254,34 @@ dependencies = [ [[package]] name = "pyo3" -version = "0.13.2" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4837b8e8e18a102c23f79d1e9a110b597ea3b684c95e874eb1ad88f8683109c3" +checksum = "0b2fee5b9b746eccdaec45991347fd5565b3c3ea90abc99437f31fd8d6148a8d" dependencies = [ "cfg-if", - "ctor", "indoc", - "inventory", "libc", "parking_lot", "paste", + "pyo3-build-config", "pyo3-macros", "unindent", ] +[[package]] +name = "pyo3-build-config" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "905f7e52b894dfabd6d65287b8a9037a9e2b15f3ae5995340edf12e18a9f488e" +dependencies = [ + "once_cell", +] + [[package]] name = "pyo3-macros" -version = "0.13.2" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a47f2c300ceec3e58064fd5f8f5b61230f2ffd64bde4970c81fdd0563a2db1bb" +checksum = "3d33702750c42c99f6e3c062b59e5c3b6d93b2a91ee379f99028b43b92b05ebc" dependencies = [ "pyo3-macros-backend", "quote", @@ -319,11 +290,12 @@ dependencies = [ [[package]] name = "pyo3-macros-backend" -version = "0.13.2" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87b097e5d84fcbe3e167f400fbedd657820a375b034c78bd852050749a575d66" +checksum = "a07dcdedfc1ba4e6a929dec829eb0d5520490c7bd104a7a6201a9f2e8a60e082" dependencies = [ "proc-macro2", + "pyo3-build-config", "quote", "syn", ] diff --git a/src/rust/Cargo.toml b/src/rust/Cargo.toml index 6ea95be09f67c..50969bdd63d44 100644 --- a/src/rust/Cargo.toml +++ b/src/rust/Cargo.toml @@ -7,7 +7,7 @@ publish = false [dependencies] lazy_static = "1" -pyo3 = { version = "0.13.1" } +pyo3 = { version = "0.14.0" } asn1 = { version = "0.5.3", default-features = false, features = ["derive"] } chrono = { version = "0.4", default-features = false, features = ["alloc"] } ouroboros = "0.9" diff --git a/src/rust/src/ocsp.rs b/src/rust/src/ocsp.rs index e6436631950f2..e097aacc852ea 100644 --- a/src/rust/src/ocsp.rs +++ b/src/rust/src/ocsp.rs @@ -94,17 +94,14 @@ impl OCSPRequest { let hashes = py.import("cryptography.hazmat.primitives.hashes")?; match OIDS_TO_HASH.get(&cert_id.hash_algorithm.oid) { - Some(alg_name) => Ok(hashes.call0(alg_name)?), + Some(alg_name) => Ok(hashes.getattr(alg_name)?.call0()?), None => { let exceptions = py.import("cryptography.exceptions")?; Err(PyAsn1Error::from(pyo3::PyErr::from_instance( - exceptions.call1( - "UnsupportedAlgorithm", - (format!( - "Signature algorithm OID: {} not recognized", - cert_id.hash_algorithm.oid - ),), - )?, + exceptions.getattr("UnsupportedAlgorithm")?.call1((format!( + "Signature algorithm OID: {} not recognized", + cert_id.hash_algorithm.oid + ),))?, ))) } } @@ -233,7 +230,8 @@ fn parse_ocsp_singleresp_extension( let contents = asn1::parse_single::<&[u8]>(ext_data)?; let scts = x509::parse_scts(py, contents, x509::LogEntryType::Certificate)?; Ok(x509_module - .call1("SignedCertificateTimestamps", (scts,))? + .getattr("SignedCertificateTimestamps")? + .call1((scts,))? .to_object(py)) } else { x509::parse_crl_entry_extension(py, der_oid, ext_data) diff --git a/src/rust/src/x509.rs b/src/rust/src/x509.rs index f9bb51861b797..f23ae7dd7e818 100644 --- a/src/rust/src/x509.rs +++ b/src/rust/src/x509.rs @@ -240,17 +240,14 @@ fn chrono_to_py<'p>( dt: &chrono::DateTime, ) -> pyo3::PyResult<&'p pyo3::PyAny> { let datetime_module = py.import("datetime")?; - datetime_module.call1( - "datetime", - ( - dt.year(), - dt.month(), - dt.day(), - dt.hour(), - dt.minute(), - dt.second(), - ), - ) + datetime_module.getattr("datetime")?.call1(( + dt.year(), + dt.month(), + dt.day(), + dt.hour(), + dt.minute(), + dt.second(), + )) } struct UnvalidatedIA5String<'a>(&'a str); @@ -377,10 +374,8 @@ fn parse_distribution_point( }; let x509_module = py.import("cryptography.x509")?; Ok(x509_module - .call1( - "DistributionPoint", - (full_name, relative_name, reasons, crl_issuer), - )? + .getattr("DistributionPoint")? + .call1((full_name, relative_name, reasons, crl_issuer))? .to_object(py)) } @@ -486,10 +481,11 @@ fn parse_authority_key_identifier<'p>( Some(aci) => parse_general_names(py, aci)?, None => py.None(), }; - Ok(x509_module.call1( - "AuthorityKeyIdentifier", - (aki.key_identifier, issuer, serial), - )?) + Ok(x509_module.getattr("AuthorityKeyIdentifier")?.call1(( + aki.key_identifier, + issuer, + serial, + ))?) } fn parse_name_attribute( @@ -678,7 +674,8 @@ fn parse_access_descriptions( .to_object(py); let gn = parse_general_name(py, access.access_location)?; let ad = x509_module - .call1("AccessDescription", (py_oid, gn))? + .getattr("AccessDescription")? + .call1((py_oid, gn))? .to_object(py); ads.append(ad)?; } @@ -863,13 +860,15 @@ fn parse_x509_extension( let gn_seq = asn1::parse_single::>>(ext_data)?; let sans = parse_general_names(py, gn_seq)?; Ok(x509_module - .call1("SubjectAlternativeName", (sans,))? + .getattr("SubjectAlternativeName")? + .call1((sans,))? .to_object(py)) } else if oid == *ISSUER_ALTERNATIVE_NAME_OID { let gn_seq = asn1::parse_single::>>(ext_data)?; let ians = parse_general_names(py, gn_seq)?; Ok(x509_module - .call1("IssuerAlternativeName", (ians,))? + .getattr("IssuerAlternativeName")? + .call1((ians,))? .to_object(py)) } else if oid == *TLS_FEATURE_OID { let tls_feature_type_to_enum = py @@ -881,11 +880,15 @@ fn parse_x509_extension( let py_feature = tls_feature_type_to_enum.get_item(feature.to_object(py))?; features.append(py_feature)?; } - Ok(x509_module.call1("TLSFeature", (features,))?.to_object(py)) + Ok(x509_module + .getattr("TLSFeature")? + .call1((features,))? + .to_object(py)) } else if oid == *SUBJECT_KEY_IDENTIFIER_OID { let identifier = asn1::parse_single::<&[u8]>(ext_data)?; Ok(x509_module - .call1("SubjectKeyIdentifier", (identifier,))? + .getattr("SubjectKeyIdentifier")? + .call1((identifier,))? .to_object(py)) } else if oid == *EXTENDED_KEY_USAGE_OID { let ekus = pyo3::types::PyList::empty(py); @@ -895,7 +898,8 @@ fn parse_x509_extension( ekus.append(oid_obj)?; } Ok(x509_module - .call1("ExtendedKeyUsage", (ekus,))? + .getattr("ExtendedKeyUsage")? + .call1((ekus,))? .to_object(py)) } else if oid == *KEY_USAGE_OID { let kus = asn1::parse_single::>(ext_data)?; @@ -909,30 +913,30 @@ fn parse_x509_extension( let encipher_only = kus.has_bit_set(7); let decipher_only = kus.has_bit_set(8); Ok(x509_module - .call1( - "KeyUsage", - ( - digital_signature, - content_comitment, - key_encipherment, - data_encipherment, - key_agreement, - key_cert_sign, - crl_sign, - encipher_only, - decipher_only, - ), - )? + .getattr("KeyUsage")? + .call1(( + digital_signature, + content_comitment, + key_encipherment, + data_encipherment, + key_agreement, + key_cert_sign, + crl_sign, + encipher_only, + decipher_only, + ))? .to_object(py)) } else if oid == *AUTHORITY_INFORMATION_ACCESS_OID { let ads = parse_access_descriptions(py, ext_data)?; Ok(x509_module - .call1("AuthorityInformationAccess", (ads,))? + .getattr("AuthorityInformationAccess")? + .call1((ads,))? .to_object(py)) } else if oid == *SUBJECT_INFORMATION_ACCESS_OID { let ads = parse_access_descriptions(py, ext_data)?; Ok(x509_module - .call1("SubjectInformationAccess", (ads,))? + .getattr("SubjectInformationAccess")? + .call1((ads,))? .to_object(py)) } else if oid == *CERTIFICATE_POLICIES_OID { let cp = parse_cp(py, ext_data)?; @@ -942,44 +946,47 @@ fn parse_x509_extension( } else if oid == *POLICY_CONSTRAINTS_OID { let pc = asn1::parse_single::(ext_data)?; Ok(x509_module - .call1( - "PolicyConstraints", - (pc.require_explicit_policy, pc.inhibit_policy_mapping), - )? + .getattr("PolicyConstraints")? + .call1((pc.require_explicit_policy, pc.inhibit_policy_mapping))? .to_object(py)) } else if oid == *PRECERT_POISON_OID { asn1::parse_single::<()>(ext_data)?; - Ok(x509_module.call0("PrecertPoison")?.to_object(py)) + Ok(x509_module.getattr("PrecertPoison")?.call0()?.to_object(py)) } else if oid == *OCSP_NO_CHECK_OID { asn1::parse_single::<()>(ext_data)?; - Ok(x509_module.call0("OCSPNoCheck")?.to_object(py)) + Ok(x509_module.getattr("OCSPNoCheck")?.call0()?.to_object(py)) } else if oid == *INHIBIT_ANY_POLICY_OID { let bignum = asn1::parse_single::>(ext_data)?; let pynum = big_asn1_uint_to_py(py, bignum)?; Ok(x509_module - .call1("InhibitAnyPolicy", (pynum,))? + .getattr("InhibitAnyPolicy")? + .call1((pynum,))? .to_object(py)) } else if oid == *BASIC_CONSTRAINTS_OID { let bc = asn1::parse_single::(ext_data)?; Ok(x509_module - .call1("BasicConstraints", (bc.ca, bc.path_length))? + .getattr("BasicConstraints")? + .call1((bc.ca, bc.path_length))? .to_object(py)) } else if oid == *AUTHORITY_KEY_IDENTIFIER_OID { Ok(parse_authority_key_identifier(py, ext_data)?.to_object(py)) } else if oid == *CRL_DISTRIBUTION_POINTS_OID { let dp = parse_distribution_points(py, ext_data)?; Ok(x509_module - .call1("CRLDistributionPoints", (dp,))? + .getattr("CRLDistributionPoints")? + .call1((dp,))? .to_object(py)) } else if oid == *FRESHEST_CRL_OID { Ok(x509_module - .call1("FreshestCRL", (parse_distribution_points(py, ext_data)?,))? + .getattr("FreshestCRL")? + .call1((parse_distribution_points(py, ext_data)?,))? .to_object(py)) } else if oid == *PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS_OID { let contents = asn1::parse_single::<&[u8]>(ext_data)?; let scts = parse_scts(py, contents, LogEntryType::PreCertificate)?; Ok(x509_module - .call1("PrecertificateSignedCertificateTimestamps", (scts,))? + .getattr("PrecertificateSignedCertificateTimestamps")? + .call1((scts,))? .to_object(py)) } else if oid == *NAME_CONSTRAINTS_OID { let nc = asn1::parse_single::>(ext_data)?; @@ -992,7 +999,8 @@ fn parse_x509_extension( None => py.None(), }; Ok(x509_module - .call1("NameConstraints", (permitted_subtrees, excluded_subtrees))? + .getattr("NameConstraints")? + .call1((permitted_subtrees, excluded_subtrees))? .to_object(py)) } else { Ok(py.None()) @@ -1027,17 +1035,24 @@ pub(crate) fn parse_crl_entry_extension( } }; let flag = x509_module.getattr("ReasonFlags")?.getattr(flag_name)?; - Ok(x509_module.call1("CRLReason", (flag,))?.to_object(py)) + Ok(x509_module + .getattr("CRLReason")? + .call1((flag,))? + .to_object(py)) } else if oid == *CERTIFICATE_ISSUER_OID { let gn_seq = asn1::parse_single::>>(ext_data)?; let gns = parse_general_names(py, gn_seq)?; Ok(x509_module - .call1("CertificateIssuer", (gns,))? + .getattr("CertificateIssuer")? + .call1((gns,))? .to_object(py)) } else if oid == *INVALIDITY_DATE_OID { let time = asn1::parse_single::(ext_data)?; let py_dt = chrono_to_py(py, time.as_chrono())?; - Ok(x509_module.call1("InvalidityDate", (py_dt,))?.to_object(py)) + Ok(x509_module + .getattr("InvalidityDate")? + .call1((py_dt,))? + .to_object(py)) } else { Ok(py.None()) } @@ -1055,23 +1070,29 @@ fn parse_crl_extension( if oid == *CRL_NUMBER_OID { let bignum = asn1::parse_single::>(ext_data)?; let pynum = big_asn1_uint_to_py(py, bignum)?; - Ok(x509_module.call1("CRLNumber", (pynum,))?.to_object(py)) + Ok(x509_module + .getattr("CRLNumber")? + .call1((pynum,))? + .to_object(py)) } else if oid == *DELTA_CRL_INDICATOR_OID { let bignum = asn1::parse_single::>(ext_data)?; let pynum = big_asn1_uint_to_py(py, bignum)?; Ok(x509_module - .call1("DeltaCRLIndicator", (pynum,))? + .getattr("DeltaCRLIndicator")? + .call1((pynum,))? .to_object(py)) } else if oid == *ISSUER_ALTERNATIVE_NAME_OID { let gn_seq = asn1::parse_single::>>(ext_data)?; let ians = parse_general_names(py, gn_seq)?; Ok(x509_module - .call1("IssuerAlternativeName", (ians,))? + .getattr("IssuerAlternativeName")? + .call1((ians,))? .to_object(py)) } else if oid == *AUTHORITY_INFORMATION_ACCESS_OID { let ads = parse_access_descriptions(py, ext_data)?; Ok(x509_module - .call1("AuthorityInformationAccess", (ads,))? + .getattr("AuthorityInformationAccess")? + .call1((ads,))? .to_object(py)) } else if oid == *AUTHORITY_KEY_IDENTIFIER_OID { Ok(parse_authority_key_identifier(py, ext_data)?.to_object(py)) @@ -1083,22 +1104,21 @@ fn parse_crl_extension( }; let reasons = parse_distribution_point_reasons(py, idp.only_some_reasons)?; Ok(x509_module - .call1( - "IssuingDistributionPoint", - ( - full_name, - relative_name, - idp.only_contains_user_certs, - idp.only_contains_ca_certs, - reasons, - idp.indirect_crl, - idp.only_contains_attribute_certs, - ), - )? + .getattr("IssuingDistributionPoint")? + .call1(( + full_name, + relative_name, + idp.only_contains_user_certs, + idp.only_contains_ca_certs, + reasons, + idp.indirect_crl, + idp.only_contains_attribute_certs, + ))? .to_object(py)) } else if oid == *FRESHEST_CRL_OID { Ok(x509_module - .call1("FreshestCRL", (parse_distribution_points(py, ext_data)?,))? + .getattr("FreshestCRL")? + .call1((parse_distribution_points(py, ext_data)?,))? .to_object(py)) } else { Ok(py.None())