[Python-modules-commits] [pyopenssl] 01/07: Import pyopenssl_16.2.0.orig.tar.gz
Sandro Tosi
morph at moszumanska.debian.org
Wed Nov 9 19:24:51 UTC 2016
This is an automated email from the git hooks/post-receive script.
morph pushed a commit to branch master
in repository pyopenssl.
commit d4eb534a46ebf3546919bfd415a97288e71ab4a1
Author: Sandro Tosi <morph at debian.org>
Date: Wed Nov 9 14:12:56 2016 -0500
Import pyopenssl_16.2.0.orig.tar.gz
---
CHANGELOG.rst | 31 +++-
CONTRIBUTING.rst | 4 +-
PKG-INFO | 14 +-
doc/api/crypto.rst | 6 +-
doc/api/rand.rst | 2 +-
doc/api/ssl.rst | 2 +-
src/OpenSSL/SSL.py | 22 +--
src/OpenSSL/crypto.py | 24 ++-
src/OpenSSL/rand.py | 2 +-
src/OpenSSL/version.py | 2 +-
src/pyOpenSSL.egg-info/PKG-INFO | 14 +-
tests/test_crypto.py | 360 ++++++++++++++++++++--------------------
tests/test_rand.py | 12 +-
tests/test_ssl.py | 182 +++++++++++---------
tests/util.py | 4 +-
15 files changed, 373 insertions(+), 308 deletions(-)
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 564abeb..2962dd7 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -4,6 +4,31 @@ Changelog
Versions are year-based with a strict backward-compatibility policy.
The third digit is only for regressions.
+16.2.0 (2016-10-15)
+-------------------
+
+Backward-incompatible changes:
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+*none*
+
+
+Deprecations:
+^^^^^^^^^^^^^
+
+*none*
+
+
+Changes:
+^^^^^^^^
+
+- Fixed compatibility errors with OpenSSL 1.1.0.
+- Fixed an issue that caused failures with subinterpreters and embedded Pythons.
+ `#552 <https://github.com/pyca/pyopenssl/pull/552>`_
+
+
+----
+
16.1.0 (2016-08-26)
-------------------
@@ -17,7 +42,7 @@ Backward-incompatible changes:
Deprecations:
^^^^^^^^^^^^^
-*none*
+- Dropped support for OpenSSL 0.9.8.
Changes:
@@ -41,7 +66,7 @@ Changes:
This is the first release under full stewardship of PyCA.
We have made *many* changes to make local development more pleasing.
The test suite now passes both on Linux and OS X with OpenSSL 0.9.8, 1.0.1, and 1.0.2.
-It has been moved to `py.test <https://pytest.org/>`_, all CI test runs are part of `tox <https://testrun.org/tox/>`_ and the source code has been made fully `flake8 <https://flake8.readthedocs.io/>`_ compliant.
+It has been moved to `pytest <https://pytest.org/>`_, all CI test runs are part of `tox <https://testrun.org/tox/>`_ and the source code has been made fully `flake8 <https://flake8.readthedocs.io/>`_ compliant.
We hope to have lowered the barrier for contributions significantly but are open to hear about any remaining frustrations.
@@ -62,7 +87,7 @@ Deprecations:
Please see `pyca/cryptography#1636 <https://github.com/pyca/cryptography/pull/1636>`_ for more background information on this decision.
In accordance with our backward compatibility policy ``OpenSSL.rand.egd()`` will be *removed* no sooner than a year from the release of 16.0.0.
- Please note that you should `use urandom <http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/>`_ for all your secure random number needs.
+ Please note that you should `use urandom <https://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/>`_ for all your secure random number needs.
- Python 2.6 support has been deprecated.
Our main dependency ``cryptography`` deprecated 2.6 in version 0.9 (2015-05-14) with no time table for actually dropping it.
pyOpenSSL will drop Python 2.6 support once ``cryptography`` does.
diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst
index 558e142..8539f61 100644
--- a/CONTRIBUTING.rst
+++ b/CONTRIBUTING.rst
@@ -28,7 +28,7 @@ Code
Create different pull requests for unrelated features or bugfixes.
- Code should follow `PEP 8`_, especially in the "do what code around you does" sense.
Follow OpenSSL naming for callables whenever possible is preferred.
-- New tests should use `py.test-style assertions`_ instead of the old ``self.assertXYZ``-style.
+- New tests should use `pytest-style assertions`_ instead of the old ``self.assertXYZ``-style.
- Pull requests that introduce code must test all new behavior they introduce as well as for previously untested or poorly tested behavior that they touch.
- Pull requests are not allowed to break existing tests.
We usually don't comment on pull requests that are breaking the CI because we consider them work in progress.
@@ -111,7 +111,7 @@ Feel free to cross-check this information with Keybase_.
.. _Keybase: https://keybase.io/hynek
.. _pyca/pyopenssl: https://github.com/pyca/pyopenssl
.. _PEP 8: https://www.python.org/dev/peps/pep-0008/
-.. _py.test-style assertions: https://pytest.org/latest/assert.html
+.. _pytest-style assertions: http://docs.pytest.org/en/latest/assert.html
.. _cryptography code review process: https://cryptography.io/en/latest/development/reviewing-patches/
.. _freenode: https://freenode.net
.. _mailing list: https://mail.python.org/mailman/listinfo/cryptography-dev
diff --git a/PKG-INFO b/PKG-INFO
index a0cb731..4e4859d 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: pyOpenSSL
-Version: 16.1.0
+Version: 16.2.0
Summary: Python wrapper module around the OpenSSL library
Home-page: https://pyopenssl.readthedocs.io/
Author: Hynek Schlawack
@@ -54,7 +54,7 @@ Description: ========================================================
Release Information
===================
- 16.1.0 (2016-08-26)
+ 16.2.0 (2016-10-15)
-------------------
Backward-incompatible changes:
@@ -72,13 +72,9 @@ Description: ========================================================
Changes:
^^^^^^^^
- - Fix memory leak in ``OpenSSL.crypto.dump_privatekey()`` with ``FILETYPE_TEXT``.
- `#496 <https://github.com/pyca/pyopenssl/pull/496>`_
- - Enable use of CRL (and more) in verify context.
- `#483 <https://github.com/pyca/pyopenssl/pull/483>`_
- - ``OpenSSL.crypto.PKey`` can now be constructed from ``cryptography`` objects and also exported as such.
- `#439 <https://github.com/pyca/pyopenssl/pull/439>`_
- - Support newer versions of ``cryptography`` which use opaque structs for OpenSSL 1.1.0 compatibility.
+ - Fixed compatibility errors with OpenSSL 1.1.0.
+ - Fixed an issue that caused failures with subinterpreters and embedded Pythons.
+ `#552 <https://github.com/pyca/pyopenssl/pull/552>`_
`Full changelog <https://pyopenssl.readthedocs.io/en/stable/changelog.html>`_.
diff --git a/doc/api/crypto.rst b/doc/api/crypto.rst
index c6501b4..cac9dd9 100644
--- a/doc/api/crypto.rst
+++ b/doc/api/crypto.rst
@@ -127,7 +127,7 @@ Signing and verifying signatures
*key* is a :py:class:`PKey` instance. *data* is a ``str`` instance.
*digest* is a ``str`` naming a supported message digest type, for example
- :py:const:`sha1`.
+ :py:const:`b"sha256"`.
.. versionadded:: 0.11
@@ -140,7 +140,7 @@ Signing and verifying signatures
key which generated the signature. *signature* is a *str* instance giving
the signature itself. *data* is a *str* instance giving the data to which
the signature applies. *digest* is a *str* instance naming the message
- digest type of the signature, for example :py:const:`sha1`.
+ digest type of the signature, for example :py:const:`b"sha256"`.
.. versionadded:: 0.11
@@ -315,7 +315,7 @@ Digest names
Several of the functions and methods in this module take a digest name.
These must be strings describing a digest algorithm supported by OpenSSL (by ``EVP_get_digestbyname``, specifically).
-For example, :const:`b"md5"` or :const:`b"sha1"`.
+For example, :const:`b"sha256"` or :const:`b"sha384"`.
More information and a list of these digest names can be found in the ``EVP_DigestInit(3)`` man page of your OpenSSL installation.
This page can be found online for the latest version of OpenSSL:
diff --git a/doc/api/rand.rst b/doc/api/rand.rst
index 9c86ae6..83aec1e 100644
--- a/doc/api/rand.rst
+++ b/doc/api/rand.rst
@@ -5,7 +5,7 @@
.. warning::
Functions from this module shouldn't be used.
- `Use urandom <http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/>`_ instead.
+ `Use urandom <https://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/>`_ instead.
.. py:module:: OpenSSL.rand
diff --git a/doc/api/ssl.rst b/doc/api/ssl.rst
index 0edf1ab..00cae9b 100644
--- a/doc/api/ssl.rst
+++ b/doc/api/ssl.rst
@@ -465,7 +465,7 @@ Context objects have the following methods:
Specify a callback function that will be called when offering `Next
Protocol Negotiation
- <https://technotes.googlecode.com/git/nextprotoneg.html>`_ as a server.
+ <https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-03>`_ as a server.
*callback* should be the callback function. It will be invoked with one
argument, the :py:class:`Connection` instance. It should return a list of
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
index 3f97ccb..7ebf7e0 100644
--- a/src/OpenSSL/SSL.py
+++ b/src/OpenSSL/SSL.py
@@ -109,10 +109,11 @@ SESS_CACHE_NO_INTERNAL = _lib.SSL_SESS_CACHE_NO_INTERNAL
SSL_ST_CONNECT = _lib.SSL_ST_CONNECT
SSL_ST_ACCEPT = _lib.SSL_ST_ACCEPT
SSL_ST_MASK = _lib.SSL_ST_MASK
-SSL_ST_INIT = _lib.SSL_ST_INIT
-SSL_ST_BEFORE = _lib.SSL_ST_BEFORE
-SSL_ST_OK = _lib.SSL_ST_OK
-SSL_ST_RENEGOTIATE = _lib.SSL_ST_RENEGOTIATE
+if _lib.Cryptography_HAS_SSL_ST:
+ SSL_ST_INIT = _lib.SSL_ST_INIT
+ SSL_ST_BEFORE = _lib.SSL_ST_BEFORE
+ SSL_ST_OK = _lib.SSL_ST_OK
+ SSL_ST_RENEGOTIATE = _lib.SSL_ST_RENEGOTIATE
SSL_CB_LOOP = _lib.SSL_CB_LOOP
SSL_CB_EXIT = _lib.SSL_CB_EXIT
@@ -1160,9 +1161,10 @@ class Connection(object):
errno = _ffi.getwinerror()[0]
else:
errno = _ffi.errno
- raise SysCallError(errno, errorcode.get(errno))
- else:
- raise SysCallError(-1, "Unexpected EOF")
+
+ if errno != 0:
+ raise SysCallError(errno, errorcode.get(errno))
+ raise SysCallError(-1, "Unexpected EOF")
else:
# TODO: This is untested.
_raise_current_error()
@@ -1613,7 +1615,7 @@ class Connection(object):
return None
length = _lib.SSL_get_server_random(self._ssl, _ffi.NULL, 0)
assert length > 0
- outp = _ffi.new("char[]", length)
+ outp = _ffi.new("unsigned char[]", length)
_lib.SSL_get_server_random(self._ssl, outp, length)
return _ffi.buffer(outp, length)[:]
@@ -1629,7 +1631,7 @@ class Connection(object):
length = _lib.SSL_get_client_random(self._ssl, _ffi.NULL, 0)
assert length > 0
- outp = _ffi.new("char[]", length)
+ outp = _ffi.new("unsigned char[]", length)
_lib.SSL_get_client_random(self._ssl, outp, length)
return _ffi.buffer(outp, length)[:]
@@ -1645,7 +1647,7 @@ class Connection(object):
length = _lib.SSL_SESSION_get_master_key(session, _ffi.NULL, 0)
assert length > 0
- outp = _ffi.new("char[]", length)
+ outp = _ffi.new("unsigned char[]", length)
_lib.SSL_SESSION_get_master_key(session, outp, length)
return _ffi.buffer(outp, length)[:]
diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py
index 116cc51..52fcdaf 100644
--- a/src/OpenSSL/crypto.py
+++ b/src/OpenSSL/crypto.py
@@ -10,7 +10,6 @@ from six import (
text_type as _text_type,
PY3 as _PY3)
-from cryptography.hazmat.backends.openssl.backend import backend
from cryptography.hazmat.primitives.asymmetric import dsa, rsa
from OpenSSL._util import (
@@ -44,6 +43,18 @@ _raise_current_error = partial(_exception_from_error_queue, Error)
_openssl_assert = _make_assert(Error)
+def _get_backend():
+ """
+ Importing the backend from cryptography has the side effect of activating
+ the osrandom engine. This mutates the global state of OpenSSL in the
+ process and causes issues for various programs that use subinterpreters or
+ embed Python. By putting the import in this function we can avoid
+ triggering this side effect unless _get_backend is called.
+ """
+ from cryptography.hazmat.backends.openssl.backend import backend
+ return backend
+
+
def _untested_error(where):
"""
An OpenSSL API failed somehow. Additionally, the failure which was
@@ -181,6 +192,7 @@ class PKey(object):
.. versionadded:: 16.1.0
"""
+ backend = _get_backend()
if self._only_public:
return backend._evp_pkey_to_public_key(self._pkey)
else:
@@ -668,7 +680,7 @@ class X509Extension(object):
:param issuer: Optional X509 certificate to use as issuer.
:type issuer: :py:class:`X509`
- .. _extension: https://openssl.org/docs/manmaster/apps/
+ .. _extension: https://www.openssl.org/docs/manmaster/apps/
x509v3_config.html#STANDARD-EXTENSIONS
"""
ctx = _ffi.new("X509V3_CTX*")
@@ -820,6 +832,8 @@ class X509Req(object):
def __init__(self):
req = _lib.X509_REQ_new()
self._req = _ffi.gc(req, _lib.X509_REQ_free)
+ # Default to version 0.
+ self.set_version(0)
def set_pubkey(self, pkey):
"""
@@ -937,7 +951,7 @@ class X509Req(object):
:param pkey: The key pair to sign with.
:type pkey: :py:class:`PKey`
:param digest: The name of the message digest to use for the signature,
- e.g. :py:data:`b"sha1"`.
+ e.g. :py:data:`b"sha256"`.
:type digest: :py:class:`bytes`
:return: ``None``
"""
@@ -1100,7 +1114,7 @@ class X509(object):
if digest == _ffi.NULL:
raise ValueError("No such digest method")
- result_buffer = _ffi.new("char[]", _lib.EVP_MAX_MD_SIZE)
+ result_buffer = _ffi.new("unsigned char[]", _lib.EVP_MAX_MD_SIZE)
result_length = _ffi.new("unsigned int[]", 1)
result_length[0] = len(result_buffer)
@@ -2071,7 +2085,7 @@ class CRL(object):
:data:`FILETYPE_ASN1`, or :data:`FILETYPE_TEXT`.
:param int days: The number of days until the next update of this CRL.
:param bytes digest: The name of the message digest to use (eg
- ``b"sha1"``).
+ ``b"sha2566"``).
:rtype: bytes
"""
diff --git a/src/OpenSSL/rand.py b/src/OpenSSL/rand.py
index 087b243..cce1327 100644
--- a/src/OpenSSL/rand.py
+++ b/src/OpenSSL/rand.py
@@ -54,7 +54,7 @@ def bytes(num_bytes):
if num_bytes < 0:
raise ValueError("num_bytes must not be negative")
- result_buffer = _ffi.new("char[]", num_bytes)
+ result_buffer = _ffi.new("unsigned char[]", num_bytes)
result_code = _lib.RAND_bytes(result_buffer, num_bytes)
if result_code == -1:
# TODO: No tests for this code path. Triggering a RAND_bytes failure
diff --git a/src/OpenSSL/version.py b/src/OpenSSL/version.py
index 1a94d87..29103d2 100644
--- a/src/OpenSSL/version.py
+++ b/src/OpenSSL/version.py
@@ -11,7 +11,7 @@ __all__ = [
"__title__", "__uri__", "__version__",
]
-__version__ = "16.1.0"
+__version__ = "16.2.0"
__title__ = "pyOpenSSL"
__uri__ = "https://pyopenssl.readthedocs.io/"
diff --git a/src/pyOpenSSL.egg-info/PKG-INFO b/src/pyOpenSSL.egg-info/PKG-INFO
index a0cb731..4e4859d 100644
--- a/src/pyOpenSSL.egg-info/PKG-INFO
+++ b/src/pyOpenSSL.egg-info/PKG-INFO
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: pyOpenSSL
-Version: 16.1.0
+Version: 16.2.0
Summary: Python wrapper module around the OpenSSL library
Home-page: https://pyopenssl.readthedocs.io/
Author: Hynek Schlawack
@@ -54,7 +54,7 @@ Description: ========================================================
Release Information
===================
- 16.1.0 (2016-08-26)
+ 16.2.0 (2016-10-15)
-------------------
Backward-incompatible changes:
@@ -72,13 +72,9 @@ Description: ========================================================
Changes:
^^^^^^^^
- - Fix memory leak in ``OpenSSL.crypto.dump_privatekey()`` with ``FILETYPE_TEXT``.
- `#496 <https://github.com/pyca/pyopenssl/pull/496>`_
- - Enable use of CRL (and more) in verify context.
- `#483 <https://github.com/pyca/pyopenssl/pull/483>`_
- - ``OpenSSL.crypto.PKey`` can now be constructed from ``cryptography`` objects and also exported as such.
- `#439 <https://github.com/pyca/pyopenssl/pull/439>`_
- - Support newer versions of ``cryptography`` which use opaque structs for OpenSSL 1.1.0 compatibility.
+ - Fixed compatibility errors with OpenSSL 1.1.0.
+ - Fixed an issue that caused failures with subinterpreters and embedded Pythons.
+ `#552 <https://github.com/pyca/pyopenssl/pull/552>`_
`Full changelog <https://pyopenssl.readthedocs.io/en/stable/changelog.html>`_.
diff --git a/tests/test_crypto.py b/tests/test_crypto.py
index 7f83e67..a44ac14 100644
--- a/tests/test_crypto.py
+++ b/tests/test_crypto.py
@@ -15,7 +15,7 @@ from datetime import datetime, timedelta
import pytest
-from six import u, b, binary_type
+from six import binary_type
from cryptography.hazmat.backends.openssl.backend import backend
from cryptography.hazmat.primitives import serialization
@@ -60,7 +60,7 @@ BAD_CIPHER = "zippers"
GOOD_DIGEST = "SHA1"
BAD_DIGEST = "monkeys"
-root_cert_pem = b("""-----BEGIN CERTIFICATE-----
+root_cert_pem = b"""-----BEGIN CERTIFICATE-----
MIIC7TCCAlagAwIBAgIIPQzE4MbeufQwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UE
BhMCVVMxCzAJBgNVBAgTAklMMRAwDgYDVQQHEwdDaGljYWdvMRAwDgYDVQQKEwdU
ZXN0aW5nMRgwFgYDVQQDEw9UZXN0aW5nIFJvb3QgQ0EwIhgPMjAwOTAzMjUxMjM2
@@ -78,9 +78,9 @@ AGGCDazMJGoWNBpc03u6+smc95dEead2KlZXBATOdFT1VesY3+nUOqZhEhTGlDMi
hkgaZnzoIq/Uamidegk4hirsCT/R+6vsKAAxNTcBjUeZjlykCJWy5ojShGftXIKY
w/njVbKMXrvc83qmTdGl3TAM0fxQIpqgcglFLveEBgzn
-----END CERTIFICATE-----
-""")
+"""
-root_key_pem = b("""-----BEGIN RSA PRIVATE KEY-----
+root_key_pem = b"""-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQD5mkLpi7q6ROdu7khB3S9aanA0Zls7vvfGOmB80/yeylhGpsjA
jWen0VtSQke/NlEPGtO38tsV7CsuFnSmschvAnGrcJl76b0UOOHUgDTIoRxC6QDU
3claegwsrBA+sJEBbqx5RdXbIRGicPG/8qQ4Zm1SKOgotcbwiaor2yxZ2wIDAQAB
@@ -95,9 +95,9 @@ ttXigLnCqR486JDPTi9ZscoZkZ+w7y6e/hH8t6d5Vjt48JVyfjPIaJY+km58LcN3
6AWSeGAdtRFHVzR7oHjVAkB4hutvxiOeiIVQNBhM6RSI9aBPMI21DoX2JRoxvNW2
cbvAhow217X9V0dVerEOKxnNYspXRrh36h7k4mQA+sDq
-----END RSA PRIVATE KEY-----
-""")
+"""
-intermediate_cert_pem = b("""-----BEGIN CERTIFICATE-----
+intermediate_cert_pem = b"""-----BEGIN CERTIFICATE-----
MIICVzCCAcCgAwIBAgIRAMPzhm6//0Y/g2pmnHR2C4cwDQYJKoZIhvcNAQENBQAw
WDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAklMMRAwDgYDVQQHEwdDaGljYWdvMRAw
DgYDVQQKEwdUZXN0aW5nMRgwFgYDVQQDEw9UZXN0aW5nIFJvb3QgQ0EwHhcNMTQw
@@ -112,9 +112,9 @@ QRMApOjjyC+tMxumT5e2pMqChHmxobQK4NMdrf2VCx+cRT6EmY8sK3/Xl/X8UBQ+
9n5zXb1ZwhW/sTWgUvmOceJ4/XVs9FkdWOOn1J0XBch9ZIiFe/s5ASIgG7fUdcUF
9mAWS6FK2ca3xIh5kIupCXOFa0dPvlw/YUFT
-----END CERTIFICATE-----
-""")
+"""
-intermediate_key_pem = b("""-----BEGIN RSA PRIVATE KEY-----
+intermediate_key_pem = b"""-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQDYcEQw5lfbEQRjr5Yy4yxAHGV0b9Al+Lmu7wLHMkZ/ZMmKFGIb
ljbviiD1Nz97Oh2cpB91YwOXOTN2vXHq26S+A5xe8z/QJbBsyghMur88CjdT21H2
qwMa+r5dCQwEhuGIiZ3KbzB/n4DTMYI5zy4IYPv0pjxShZn4aZTCCK2IUwIDAQAB
@@ -129,9 +129,9 @@ DBKaSqpqONCUUx1BTFS9FYrFjzbL4+c1qHCTTPTblt8kUCrDOZjBrKAqeiTmNSum
/qUot9YUBF8m6BuGsQJATHHmdFy/fG1VLkyBp49CAa8tN3Z5r/CgTznI4DfMTf4C
NbRHn2UmYlwQBa+L5lg9phewNe8aEwpPyPLoV85U8Q==
-----END RSA PRIVATE KEY-----
-""")
+"""
-server_cert_pem = b("""-----BEGIN CERTIFICATE-----
+server_cert_pem = b"""-----BEGIN CERTIFICATE-----
MIICKDCCAZGgAwIBAgIJAJn/HpR21r/8MA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV
BAYTAlVTMQswCQYDVQQIEwJJTDEQMA4GA1UEBxMHQ2hpY2FnbzEQMA4GA1UEChMH
VGVzdGluZzEYMBYGA1UEAxMPVGVzdGluZyBSb290IENBMCIYDzIwMDkwMzI1MTIz
@@ -145,9 +145,9 @@ dJ+NlxIOx5343WqIBka3UbsOb2kxWrbkVCrvRapCMLCASO4FqiKWM+L0VDBprqIp
2mgpFQ6FHpoIENGvJhdEKpptQ5i7KaGhnDNTfdy3x1+h852G99f1iyj0RmbuFcM8
uzujnS8YXWvM7DM1Ilozk4MzPug8jzFp5uhKCQ==
-----END CERTIFICATE-----
-""")
+"""
-server_key_pem = normalize_privatekey_pem(b("""-----BEGIN RSA PRIVATE KEY-----
+server_key_pem = normalize_privatekey_pem(b"""-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQC+pvhuud1dLaQQvzipdtlcTotgr5SuE2LvSx0gz/bg1U3u1eQ+
U5eqsxaEUceaX5p5Kk+QflvW8qdjVNxQuYS5uc0gK2+OZnlIYxCf4n5GYGzVIx3Q
SBj/TAEFB2WuVinZBiCbxgL7PFM1Kpa+EwVkCAduPpSflJJPwkYGrK2MHQIDAQAB
@@ -162,9 +162,9 @@ FwwOhpahld+vqhYk+pfuWWUpQciE+Bu7ZQJASjfT4sQv4qbbKK/scePicnDdx9th
NaeNCFfH3aeTrX0LyQJAMBWjWmeKM2G2sCExheeQK0ROnaBC8itCECD4Jsve4nqf
r50+LF74iLXFwqysVCebPKMOpDWp/qQ1BbJQIPs7/A==
-----END RSA PRIVATE KEY-----
-"""))
+""")
-intermediate_server_cert_pem = b("""-----BEGIN CERTIFICATE-----
+intermediate_server_cert_pem = b"""-----BEGIN CERTIFICATE-----
MIICWDCCAcGgAwIBAgIRAPQFY9jfskSihdiNSNdt6GswDQYJKoZIhvcNAQENBQAw
ZjEVMBMGA1UEAxMMaW50ZXJtZWRpYXRlMQwwCgYDVQQKEwNvcmcxETAPBgNVBAsT
CG9yZy11bml0MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVNh
@@ -179,9 +179,9 @@ UkzjaYEo1OUE1sTI6Mm4riTIHMak4/nswKh9hYup//WVOlr/RBSBtZ7Q/BwbjobN
3bfAtV7eSAqBsfxYXyof7G1ALANQERkq3+oyLP1iVt08W1WOUlIMPhdCF/QuCwy6
x9MJLhUCGLJPM+O2rAPWVD9wCmvq10ALsiH3yA==
-----END CERTIFICATE-----
-""")
+"""
-intermediate_server_key_pem = b("""-----BEGIN RSA PRIVATE KEY-----
+intermediate_server_key_pem = b"""-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCqklnKB37DV9os6vWI4CZsGHHlJlZxMJn9mMdBMkzsa49PrbhC
SqyLEWCFEp0NE7CnCcA/uAxG6QuqLLj6RG4ZPk5/IaCAv3mLbGoD7N6GOPTyVJOW
8Yel48mALJNq8jLn4uOyPgMqcrK6HGZuJdNGsfzc0OCLFWQ5tMSaH85UrQIDAQAB
@@ -196,9 +196,9 @@ X9ABZfafSHCtw3Op92M+7ikkrOELXdS9KdKyyqbKJAKNEHF3LbOfB44WIQJAA2N4
ipWJWe0aAlP18ZcEQQJBAL+5lekZ/GUdQoZ4HAsN5a9syrzavJ9VvU1KOOPorPZK
nMRZbbQgP+aSB7yl6K0gaLaZ8XaK0pjxNBh6ASqg9f4=
-----END RSA PRIVATE KEY-----
-""")
+"""
-client_cert_pem = b("""-----BEGIN CERTIFICATE-----
+client_cert_pem = b"""-----BEGIN CERTIFICATE-----
MIICJjCCAY+gAwIBAgIJAKxpFI5lODkjMA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV
BAYTAlVTMQswCQYDVQQIEwJJTDEQMA4GA1UEBxMHQ2hpY2FnbzEQMA4GA1UEChMH
VGVzdGluZzEYMBYGA1UEAxMPVGVzdGluZyBSb290IENBMCIYDzIwMDkwMzI1MTIz
@@ -212,9 +212,9 @@ Q3OHvmsFEEvRI+hsW8y66zK4K5de239Y44iZrFYkt7Q5nBPMEWDj4F2hLYWL/qtI
9Zdr0U4UDCU9SmmGYh4o7R4TZ5pGFvBYvjhHbkSFYFQXZxKUi+WUxplP6I0wr2KJ
PSTJCjJOn3xo2NTKRgV1gaoTf2EhL+RG8TQ=
-----END CERTIFICATE-----
-""")
+"""
-client_key_pem = normalize_privatekey_pem(b("""-----BEGIN RSA PRIVATE KEY-----
+client_key_pem = normalize_privatekey_pem(b"""-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDAZh/SRtNm5ntMT4qb6YzEpTroMlq2rn+GrRHRiZ+xkCw/CGNh
btPir7/QxaUj26BSmQrHw1bGKEbPsWiW7bdXSespl+xKiku4G/KvnnmWdeJHqsiX
eUZtqurMELcPQAw9xPHEuhqqUJvvEoMTsnCEqGM+7DtboCRajYyHfluARQIDAQAB
@@ -229,9 +229,9 @@ si6xwT7GzMDkk/ko684AV3KPc/h6G0yGtFIrMg7J3uExpR/VdH2KgwMkZXisSMvw
JJEQjOMCVsEJlRk54WWjAkEAzoZNH6UhDdBK5F38rVt/y4SEHgbSfJHIAmPS32Kq
f6GGcfNpip0Uk7q7udTKuX7Q/buZi/C4YW7u3VKAquv9NA==
-----END RSA PRIVATE KEY-----
-"""))
+""")
-cleartextCertificatePEM = b("""-----BEGIN CERTIFICATE-----
+cleartextCertificatePEM = b"""-----BEGIN CERTIFICATE-----
MIIC7TCCAlagAwIBAgIIPQzE4MbeufQwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UE
BhMCVVMxCzAJBgNVBAgTAklMMRAwDgYDVQQHEwdDaGljYWdvMRAwDgYDVQQKEwdU
ZXN0aW5nMRgwFgYDVQQDEw9UZXN0aW5nIFJvb3QgQ0EwIhgPMjAwOTAzMjUxMjM2
@@ -249,9 +249,9 @@ AGGCDazMJGoWNBpc03u6+smc95dEead2KlZXBATOdFT1VesY3+nUOqZhEhTGlDMi
hkgaZnzoIq/Uamidegk4hirsCT/R+6vsKAAxNTcBjUeZjlykCJWy5ojShGftXIKY
w/njVbKMXrvc83qmTdGl3TAM0fxQIpqgcglFLveEBgzn
-----END CERTIFICATE-----
-""")
+"""
-cleartextPrivateKeyPEM = normalize_privatekey_pem(b("""\
+cleartextPrivateKeyPEM = normalize_privatekey_pem(b"""\
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQD5mkLpi7q6ROdu7khB3S9aanA0Zls7vvfGOmB80/yeylhGpsjA
jWen0VtSQke/NlEPGtO38tsV7CsuFnSmschvAnGrcJl76b0UOOHUgDTIoRxC6QDU
@@ -267,9 +267,9 @@ ttXigLnCqR486JDPTi9ZscoZkZ+w7y6e/hH8t6d5Vjt48JVyfjPIaJY+km58LcN3
6AWSeGAdtRFHVzR7oHjVAkB4hutvxiOeiIVQNBhM6RSI9aBPMI21DoX2JRoxvNW2
cbvAhow217X9V0dVerEOKxnNYspXRrh36h7k4mQA+sDq
-----END RSA PRIVATE KEY-----
-"""))
+""")
-cleartextCertificateRequestPEM = b("""-----BEGIN CERTIFICATE REQUEST-----
+cleartextCertificateRequestPEM = b"""-----BEGIN CERTIFICATE REQUEST-----
MIIBnjCCAQcCAQAwXjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAklMMRAwDgYDVQQH
EwdDaGljYWdvMRcwFQYDVQQKEw5NeSBDb21wYW55IEx0ZDEXMBUGA1UEAxMORnJl
ZGVyaWNrIERlYW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANp6Y17WzKSw
@@ -280,9 +280,9 @@ gQAAJGuF/R/GGbeC7FbFW+aJgr9ee0Xbl6nlhu7pTe67k+iiKT2dsl2ti68MVTnu
Vrb3HUNqOkiwsJf6kCtq5oPn3QVYzTa76Dt2y3Rtzv6boRSlmlfrgS92GNma8JfR
oICQk3nAudi6zl1Dix3BCv1pUp5KMtGn3MeDEi6QFGy2rA==
-----END CERTIFICATE REQUEST-----
-""")
+"""
-encryptedPrivateKeyPEM = b("""-----BEGIN RSA PRIVATE KEY-----
+encryptedPrivateKeyPEM = b"""-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,9573604A18579E9E
@@ -300,12 +300,12 @@ o1mcnNiZSdxLZxVKccq0AfRpHqpPAFnJcQHP6xyT9MZp6fBa0XkxDnt9kNU8H3Qw
MbzjS007Oe4qqBnCWaFPSnJX6uLApeTbqAxAeyCql56ULW5x6vDMNC3dwjvS/CEh
11n8RkgFIQA0AhuKSIg3CbuartRsJnWOLwgLTzsrKYL4yRog1RJrtw==
-----END RSA PRIVATE KEY-----
-""")
+"""
-encryptedPrivateKeyPEMPassphrase = b("foobar")
+encryptedPrivateKeyPEMPassphrase = b"foobar"
-cleartextPublicKeyPEM = b("""-----BEGIN PUBLIC KEY-----
+cleartextPublicKeyPEM = b"""-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxszlc+b71LvlLS0ypt/l
gT/JzSVJtnEqw9WUNGeiChywX2mmQLHEt7KP0JikqUFZOtPclNY823Q4pErMTSWC
90qlUxI47vNJbXGRfmO2q6Zfw6SE+E9iUb74xezbOJLjBuUIkQzEKEFV+8taiRV+
@@ -314,14 +314,14 @@ XIneGUpX1S7mXRxTLH6YzRoGFqRoc9A0BBNcoXHTWnxV215k4TeHMFYE5RG0KYAS
8Xk5iKICEXwnZreIt3jyygqoOKsKZMK/Zl2VhMGhJR6HXRpQCyASzEG7bgtROLhL
ywIDAQAB
-----END PUBLIC KEY-----
-""")
+"""
# Some PKCS#7 stuff. Generated with the openssl command line:
#
# openssl crl2pkcs7 -inform pem -outform pem -certfile s.pem -nocrl
#
# with a certificate and key (but the key should be irrelevant) in s.pem
-pkcs7Data = b("""\
+pkcs7Data = b"""\
-----BEGIN PKCS7-----
MIIDNwYJKoZIhvcNAQcCoIIDKDCCAyQCAQExADALBgkqhkiG9w0BBwGgggMKMIID
BjCCAm+gAwIBAgIBATANBgkqhkiG9w0BAQQFADB7MQswCQYDVQQGEwJTRzERMA8G
@@ -342,7 +342,7 @@ VwnW8YxGO8Sn6UJ4FeffZNcYZddSDKosw8LtPOeWoK3JINjAk5jiPQ2cww++7QGG
/g5NDjxFZNDJP1dGiLAxPW6JXwov4v0FmdzfLOZ01jDcgQQZqEpYlgpuI5JEWUQ9
Ho4EzbYCOaEAMQA=
-----END PKCS7-----
-""")
+"""
pkcs7DataASN1 = base64.b64decode(b"""
MIIDNwYJKoZIhvcNAQcCoIIDKDCCAyQCAQExADALBgkqhkiG9w0BBwGgggMKMIID
@@ -365,7 +365,7 @@ VwnW8YxGO8Sn6UJ4FeffZNcYZddSDKosw8LtPOeWoK3JINjAk5jiPQ2cww++7QGG
Ho4EzbYCOaEAMQA=
""")
-crlData = b("""\
+crlData = b"""\
-----BEGIN X509 CRL-----
MIIBWzCBxTANBgkqhkiG9w0BAQQFADBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMC
SUwxEDAOBgNVBAcTB0NoaWNhZ28xEDAOBgNVBAoTB1Rlc3RpbmcxGDAWBgNVBAMT
@@ -376,9 +376,9 @@ MAoGA1UdFQQDCgEEMA0GCSqGSIb3DQEBBAUAA4GBAEBt7xTs2htdD3d4ErrcGAw1
0yp4HXRFFoRhhSE/hP+eteaPXRgrsNRLHe9ZDd69wmh7J1wMDb0m81RG7kqcbsid
vrzEeLDRiiPl92dyyWmu
-----END X509 CRL-----
-""")
+"""
-crlDataUnsupportedExtension = b("""\
+crlDataUnsupportedExtension = b"""\
-----BEGIN X509 CRL-----
MIIGRzCCBS8CAQIwDQYJKoZIhvcNAQELBQAwJzELMAkGA1UEBhMCVVMxGDAWBgNV
BAMMD2NyeXB0b2dyYXBoeS5pbxgPMjAxNTAxMDEwMDAwMDBaGA8yMDE2MDEwMTAw
@@ -415,12 +415,12 @@ oWWGNHgA70ndFoVtcmX088SYpX8E3ARATivS4q2h9WlwV6rO93mhg3HGIe3JpcK4
SdEILd164bfBeLuplVI+xpmTEMVNpXBlSXl7+xIw9Vk7p7Q1Pa3k/SvhOldYCm6y
C1xAg/AAq6w78yzYt18j5Mj0s6eeHi1YpHKw
-----END X509 CRL-----
-""")
+"""
# A broken RSA private key which can be used to test the error path through
# PKey.check.
-inconsistentPrivateKeyPEM = b("""-----BEGIN RSA PRIVATE KEY-----
+inconsistentPrivateKeyPEM = b"""-----BEGIN RSA PRIVATE KEY-----
MIIBPAIBAAJBAKy+e3dulvXzV7zoTZWc5TzgApr8DmeQHTYC8ydfzH7EECe4R1Xh
5kwIzOuuFfn178FBiS84gngaNcrFi0Z5fAkCAwEaAQJBAIqm/bz4NA1H++Vx5Ewx
OcKp3w19QSaZAwlGRtsUxrP7436QjnREM3Bm8ygU11BjkPVmtrKm6AayQfCHqJoT
@@ -429,11 +429,11 @@ nklUQ37XsCT2c9tmNt1LAT+slG2JOTTRAiAuXDtC/m3NYVwyHfFm+zKHRzHkClk2
HjubeEgjpj32AQIhAJqMGTaZVOwevTXvvHwNeH+vRWsAYU/gbx+OQB+7VOcBAiEA
oolb6NMg/R3enNPvS1O4UU1H8wpaF77L4yiSWlE0p4w=
-----END RSA PRIVATE KEY-----
-""")
+"""
# certificate with NULL bytes in subjectAltName and common name
-nulbyteSubjectAltNamePEM = b("""-----BEGIN CERTIFICATE-----
+nulbyteSubjectAltNamePEM = b"""-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBxTELMAkGA1UEBhMCVVMx
DzANBgNVBAgMBk9yZWdvbjESMBAGA1UEBwwJQmVhdmVydG9uMSMwIQYDVQQKDBpQ
eXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEgMB4GA1UECwwXUHl0aG9uIENvcmUg
@@ -460,9 +460,9 @@ HPERs1ZuytCNNJTmhyqZ8q6uzMLoht4IqH/FBfpvgaeC5tBTnTT0rD5A/olXeimk
kX4LxlEx5RAvpGB2zZVRGr6LobD9rVK91xuHYNIxxxfEGE8tCCWjp0+3ksri9SXx
VHWBnbM9YaL32u3hxm8sYB/Yb8WSBavJCWJJqRStVRHM1koZlJmXNx2BX4vPo6iW
RFEIPQsFZRLrtnCAiEhyT8bC2s/Njlu6ly9gtJZWSV46Q3ZjBL4q9sHKqZQ=
------END CERTIFICATE-----""")
+-----END CERTIFICATE-----"""
-large_key_pem = b("""-----BEGIN RSA PRIVATE KEY-----
+large_key_pem = b"""-----BEGIN RSA PRIVATE KEY-----
MIIJYgIBAAKCAg4AtRua8eIeevRfsj+fkcHr1vmse7Kgb+oX1ssJAvCb1R7JQMnH
hNDjDP6b3vEkZuPUzlDHymP+cNkXvvi4wJ4miVbO3+SeU4Sh+jmsHeHzGIXat9xW
9PFtuPM5FQq8zvkY8aDeRYmYwN9JKu4/neMBCBqostYlTEWg+bSytO/qWnyHTHKh
@@ -514,7 +514,7 @@ Mw/y6dKZuxOCZ+X8FopSROg3yWfdOpAm6cnQZp3WqLNX4n/Q6WvKojfyEiPphjwT
le7YjqHugezmjMGlA0sDw5aCXjfbl74vowRFYMO6e3ItApfSRgNV86CDoX74WI/5
AYU/QVM4wGt8XGT2KwDFJaxYGKsGDMWmXY04dS+WPuetCbouWUusyFwRb9SzFave
vYeU7Ab/
------END RSA PRIVATE KEY-----""")
+-----END RSA PRIVATE KEY-----"""
ec_private_key_pem = b"""-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgYirTZSx+5O8Y6tlG
@@ -568,7 +568,7 @@ class X509ExtTests(TestCase):
# This isn't necessarily the best string representation. Perhaps it
# will be changed/improved in the future.
self.assertEquals(
- str(X509Extension(b('basicConstraints'), True, b('CA:false'))),
+ str(X509Extension(b'basicConstraints', True, b'CA:false')),
'CA:FALSE')
def test_type(self):
@@ -579,7 +579,7 @@ class X509ExtTests(TestCase):
self.assertIdentical(X509Extension, X509ExtensionType)
self.assertConsistentType(
X509Extension,
- 'X509Extension', b('basicConstraints'), True, b('CA:true'))
+ 'X509Extension', b'basicConstraints', True, b'CA:true')
def test_construction(self):
"""
@@ -587,14 +587,14 @@ class X509ExtTests(TestCase):
flag, and an extension value and returns an
:py:class:`X509ExtensionType` instance.
"""
- basic = X509Extension(b('basicConstraints'), True, b('CA:true'))
+ basic = X509Extension(b'basicConstraints', True, b'CA:true')
self.assertTrue(
isinstance(basic, X509ExtensionType),
"%r is of type %r, should be %r" % (
basic, type(basic), X509ExtensionType))
comment = X509Extension(
- b('nsComment'), False, b('pyOpenSSL unit test'))
+ b'nsComment', False, b'pyOpenSSL unit test')
self.assertTrue(
isinstance(comment, X509ExtensionType),
"%r is of type %r, should be %r" % (
@@ -606,26 +606,26 @@ class X509ExtTests(TestCase):
extension name or value.
"""
self.assertRaises(
- Error, X509Extension, b('thisIsMadeUp'), False, b('hi'))
+ Error, X509Extension, b'thisIsMadeUp', False, b'hi')
self.assertRaises(
- Error, X509Extension, b('basicConstraints'), False, b('blah blah'))
+ Error, X509Extension, b'basicConstraints', False, b'blah blah')
# Exercise a weird one (an extension which uses the r2i method). This
# exercises the codepath that requires a non-NULL ctx to be passed to
# X509V3_EXT_nconf. It can't work now because we provide no
# configuration database. It might be made to work in the future.
self.assertRaises(
- Error, X509Extension, b('proxyCertInfo'), True,
- b('language:id-ppl-anyLanguage,pathlen:1,policy:text:AB'))
+ Error, X509Extension, b'proxyCertInfo', True,
+ b'language:id-ppl-anyLanguage,pathlen:1,policy:text:AB')
def test_get_critical(self):
"""
:py:meth:`X509ExtensionType.get_critical` returns the value of the
extension's critical flag.
"""
- ext = X509Extension(b('basicConstraints'), True, b('CA:true'))
+ ext = X509Extension(b'basicConstraints', True, b'CA:true')
self.assertTrue(ext.get_critical())
- ext = X509Extension(b('basicConstraints'), False, b('CA:true'))
+ ext = X509Extension(b'basicConstraints', False, b'CA:true')
self.assertFalse(ext.get_critical())
def test_get_short_name(self):
@@ -633,26 +633,26 @@ class X509ExtTests(TestCase):
:py:meth:`X509ExtensionType.get_short_name` returns a string giving the
short type name of the extension.
"""
- ext = X509Extension(b('basicConstraints'), True, b('CA:true'))
- self.assertEqual(ext.get_short_name(), b('basicConstraints'))
- ext = X509Extension(b('nsComment'), True, b('foo bar'))
- self.assertEqual(ext.get_short_name(), b('nsComment'))
+ ext = X509Extension(b'basicConstraints', True, b'CA:true')
+ self.assertEqual(ext.get_short_name(), b'basicConstraints')
+ ext = X509Extension(b'nsComment', True, b'foo bar')
+ self.assertEqual(ext.get_short_name(), b'nsComment')
def test_get_data(self):
"""
:py:meth:`X509Extension.get_data` returns a string giving the data of
the extension.
"""
- ext = X509Extension(b('basicConstraints'), True, b('CA:true'))
+ ext = X509Extension(b'basicConstraints', True, b'CA:true')
# Expect to get back the DER encoded form of CA:true.
- self.assertEqual(ext.get_data(), b('0\x03\x01\x01\xff'))
+ self.assertEqual(ext.get_data(), b'0\x03\x01\x01\xff')
def test_get_data_wrong_args(self):
"""
:py:meth:`X509Extension.get_data` raises :py:exc:`TypeError` if passed
any arguments.
"""
- ext = X509Extension(b('basicConstraints'), True, b('CA:true'))
+ ext = X509Extension(b'basicConstraints', True, b'CA:true')
self.assertRaises(TypeError, ext.get_data, None)
self.assertRaises(TypeError, ext.get_data, "foo")
self.assertRaises(TypeError, ext.get_data, 7)
@@ -664,13 +664,13 @@ class X509ExtTests(TestCase):
case.
"""
ext1 = X509Extension(
- b('basicConstraints'), False, b('CA:TRUE'), subject=self.x509)
+ b'basicConstraints', False, b'CA:TRUE', subject=self.x509)
self.x509.add_extensions([ext1])
self.x509.sign(self.pkey, 'sha1')
# This is a little lame. Can we think of a better way?
text = dump_certificate(FILETYPE_TEXT, self.x509)
- self.assertTrue(b('X509v3 Basic Constraints:') in text)
- self.assertTrue(b('CA:TRUE') in text)
+ self.assertTrue(b'X509v3 Basic Constraints:' in text)
+ self.assertTrue(b'CA:TRUE' in text)
def test_subject(self):
"""
@@ -678,11 +678,11 @@ class X509ExtTests(TestCase):
:py:class:`X509Extension` provides its value.
"""
ext3 = X509Extension(
- b('subjectKeyIdentifier'), False, b('hash'), subject=self.x509)
+ b'subjectKeyIdentifier', False, b'hash', subject=self.x509)
self.x509.add_extensions([ext3])
self.x509.sign(self.pkey, 'sha1')
text = dump_certificate(FILETYPE_TEXT, self.x509)
- self.assertTrue(b('X509v3 Subject Key Identifier:') in text)
+ self.assertTrue(b'X509v3 Subject Key Identifier:' in text)
def test_missing_subject(self):
"""
@@ -690,7 +690,7 @@ class X509ExtTests(TestCase):
is given no value, something happens.
"""
self.assertRaises(
- Error, X509Extension, b('subjectKeyIdentifier'), False, b('hash'))
+ Error, X509Extension, b'subjectKeyIdentifier', False, b'hash')
def test_invalid_subject(self):
"""
@@ -710,12 +710,12 @@ class X509ExtTests(TestCase):
case.
"""
ext1 = X509Extension(
- b('basicConstraints'), False, b('CA:TRUE'), issuer=self.x509)
+ b'basicConstraints', False, b'CA:TRUE', issuer=self.x509)
self.x509.add_extensions([ext1])
self.x509.sign(self.pkey, 'sha1')
text = dump_certificate(FILETYPE_TEXT, self.x509)
- self.assertTrue(b('X509v3 Basic Constraints:') in text)
- self.assertTrue(b('CA:TRUE') in text)
+ self.assertTrue(b'X509v3 Basic Constraints:' in text)
+ self.assertTrue(b'CA:TRUE' in text)
def test_issuer(self):
"""
@@ -723,13 +723,13 @@ class X509ExtTests(TestCase):
:py:class:`X509Extension` provides its value.
"""
ext2 = X509Extension(
- b('authorityKeyIdentifier'), False, b('issuer:always'),
+ b'authorityKeyIdentifier', False, b'issuer:always',
issuer=self.x509)
self.x509.add_extensions([ext2])
self.x509.sign(self.pkey, 'sha1')
text = dump_certificate(FILETYPE_TEXT, self.x509)
- self.assertTrue(b('X509v3 Authority Key Identifier:') in text)
- self.assertTrue(b('DirName:/CN=Yoda root CA') in text)
+ self.assertTrue(b'X509v3 Authority Key Identifier:' in text)
+ self.assertTrue(b'DirName:/CN=Yoda root CA' in text)
def test_missing_issuer(self):
"""
@@ -739,8 +739,8 @@ class X509ExtTests(TestCase):
self.assertRaises(
Error,
X509Extension,
- b('authorityKeyIdentifier'), False,
- b('keyid:always,issuer:always'))
+ b'authorityKeyIdentifier', False,
+ b'keyid:always,issuer:always')
def test_invalid_issuer(self):
"""
@@ -1174,8 +1174,8 @@ class X509NameTests(TestCase):
a = self._x509name(CN="foo", C="US")
self.assertEqual(
a.der(),
- b('0\x1b1\x0b0\t\x06\x03U\x04\x06\x13\x02US'
- '1\x0c0\n\x06\x03U\x04\x03\x0c\x03foo'))
+ b'0\x1b1\x0b0\t\x06\x03U\x04\x06\x13\x02US'
+ b'1\x0c0\n\x06\x03U\x04\x03\x0c\x03foo')
def test_get_components(self):
"""
@@ -1186,11 +1186,11 @@ class X509NameTests(TestCase):
a = self._x509name()
self.assertEqual(a.get_components(), [])
a.CN = "foo"
- self.assertEqual(a.get_components(), [(b("CN"), b("foo"))])
+ self.assertEqual(a.get_components(), [(b"CN", b"foo")])
a.organizationalUnitName = "bar"
self.assertEqual(
a.get_components(),
- [(b("CN"), b("foo")), (b("OU"), b("bar"))])
+ [(b"CN", b"foo"), (b"OU", b"bar")])
def test_load_nul_byte_attribute(self):
"""
@@ -1361,12 +1361,12 @@ class X509ReqTests(TestCase, _PKeyInteractionTestsMixin):
"""
request = X509Req()
request.add_extensions([
- X509Extension(b('basicConstraints'), True, b('CA:false'))])
+ X509Extension(b'basicConstraints', True, b'CA:false')])
exts = request.get_extensions()
self.assertEqual(len(exts), 1)
- self.assertEqual(exts[0].get_short_name(), b('basicConstraints'))
+ self.assertEqual(exts[0].get_short_name(), b'basicConstraints')
self.assertEqual(exts[0].get_critical(), 1)
- self.assertEqual(exts[0].get_data(), b('0\x00'))
+ self.assertEqual(exts[0].get_data(), b'0\x00')
def test_get_extensions(self):
"""
@@ -1377,16 +1377,16 @@ class X509ReqTests(TestCase, _PKeyInteractionTestsMixin):
exts = request.get_extensions()
self.assertEqual(exts, [])
request.add_extensions([
- X509Extension(b('basicConstraints'), True, b('CA:true')),
- X509Extension(b('keyUsage'), False, b('digitalSignature'))])
+ X509Extension(b'basicConstraints', True, b'CA:true'),
+ X509Extension(b'keyUsage', False, b'digitalSignature')])
exts = request.get_extensions()
self.assertEqual(len(exts), 2)
- self.assertEqual(exts[0].get_short_name(), b('basicConstraints'))
+ self.assertEqual(exts[0].get_short_name(), b'basicConstraints')
self.assertEqual(exts[0].get_critical(), 1)
- self.assertEqual(exts[0].get_data(), b('0\x03\x01\x01\xff'))
- self.assertEqual(exts[1].get_short_name(), b('keyUsage'))
+ self.assertEqual(exts[0].get_data(), b'0\x03\x01\x01\xff')
+ self.assertEqual(exts[1].get_short_name(), b'keyUsage')
self.assertEqual(exts[1].get_critical(), 0)
- self.assertEqual(exts[1].get_data(), b('\x03\x02\x07\x80'))
+ self.assertEqual(exts[1].get_data(), b'\x03\x02\x07\x80')
def test_add_extensions_wrong_args(self):
"""
@@ -1572,28 +1572,28 @@ WpOdIpB8KksUTCzV591Nr1wd
self.assertEqual(get(), None)
# GMT (Or is it UTC?) -exarkun
- when = b("20040203040506Z")
+ when = b"20040203040506Z"
set(when)
self.assertEqual(get(), when)
# A plus two hours and thirty minutes offset
- when = b("20040203040506+0530")
+ when = b"20040203040506+0530"
set(when)
self.assertEqual(get(), when)
# A minus one hour fifteen minutes offset
- when = b("20040203040506-0115")
+ when = b"20040203040506-0115"
set(when)
self.assertEqual(get(), when)
# An invalid string results in a ValueError
- self.assertRaises(ValueError, set, b("foo bar"))
+ self.assertRaises(ValueError, set, b"foo bar")
# The wrong number of arguments results in a TypeError.
self.assertRaises(TypeError, set)
with pytest.raises(TypeError):
set(b"20040203040506Z", b"20040203040506Z")
- self.assertRaises(TypeError, get, b("foo bar"))
+ self.assertRaises(TypeError, get, b"foo bar")
# XXX ASN1_TIME (not GENERALIZEDTIME)
@@ -1620,7 +1620,7 @@ WpOdIpB8KksUTCzV591Nr1wd
internally.
"""
cert = load_certificate(FILETYPE_PEM, self.pemData)
- self.assertEqual(cert.get_notBefore(), b("20090325123658Z"))
+ self.assertEqual(cert.get_notBefore(), b"20090325123658Z")
def test_get_notAfter(self):
"""
@@ -1629,7 +1629,7 @@ WpOdIpB8KksUTCzV591Nr1wd
internally.
"""
cert = load_certificate(FILETYPE_PEM, self.pemData)
... 1062 lines suppressed ...
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/pyopenssl.git
More information about the Python-modules-commits
mailing list