Upgrade to pyo3 0.16

pyca · Mar 5, 2022 · 7916e27 · 7916e27
1 parent a807bc7
commit 7916e27
Show file tree

Hide file tree

Showing 15 changed files with 130 additions and 184 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -81,23 +81,23 @@ workflows:
       - linux-arm64-wheel:
           name: manylinux2014_aarch64-wheel
           image: ghcr.io/pyca/cryptography-manylinux2014_aarch64:latest
-          python: cp36-cp36m
+          python: cp37-cp37m
           platform: manylinux2014_aarch64
           filters:
             tags:
               only: /.*/
       - linux-arm64-wheel:
           name: manylinux_2_24_aarch64-wheel
           image: ghcr.io/pyca/cryptography-manylinux_2_24:aarch64
-          python: cp36-cp36m
+          python: cp37-cp37m
           platform: manylinux_2_24_aarch64
           filters:
             tags:
               only: /.*/
       - linux-arm64-wheel:
           name: musllinux_1_1_aarch64-wheel
           image: ghcr.io/pyca/cryptography-musllinux_1_1:aarch64
-          python: cp36-cp36m
+          python: cp37-cp37m
           platform: musllinux_1_1_aarch64
           filters:
             tags:

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -137,13 +137,10 @@ jobs:
       fail-fast: false
       matrix:
         IMAGE:
-          - {IMAGE: "rhel8", TOXENV: "py36"}
-          - {IMAGE: "rhel8-fips", TOXENV: "py36", FIPS: true}
           - {IMAGE: "buster", TOXENV: "py37"}
           - {IMAGE: "bullseye", TOXENV: "py39"}
           - {IMAGE: "bookworm", TOXENV: "py39"}
           - {IMAGE: "sid", TOXENV: "py39"}
-          - {IMAGE: "ubuntu-bionic", TOXENV: "py36"}
           - {IMAGE: "ubuntu-focal", TOXENV: "py38"}
           - {IMAGE: "ubuntu-rolling", TOXENV: "py39"}
           - {IMAGE: "fedora", TOXENV: "py310"}
@@ -199,10 +196,9 @@ jobs:
         PYTHON:
           - {VERSION: "3.9", TOXENV: "py39"}
         RUST:
-          # Cover MSRV (and likely next MSRV). In-dev versions are below in
-          # the linux-rust-coverage section.
-          - 1.41.0
-          - 1.45.0
+          # Cover MSRV. In-dev versions are below in the linux-rust-coverage
+          # section.
+          - 1.48.0
     name: "${{ matrix.PYTHON.TOXENV }} with Rust ${{ matrix.RUST }}"
     timeout-minutes: 15
     steps:
@@ -351,7 +347,7 @@ jobs:
       fail-fast: false
       matrix:
         PYTHON:
-          - {VERSION: "3.6", TOXENV: "py36", EXTRA_CFLAGS: ""}
+          - {VERSION: "3.7", TOXENV: "py37", EXTRA_CFLAGS: ""}
           - {VERSION: "3.10", TOXENV: "py310", EXTRA_CFLAGS: "-DUSE_OSRANDOM_RNG_FOR_TESTING"}
         RUST:
           - stable
@@ -424,7 +420,7 @@ jobs:
           - {ARCH: 'x86', WINDOWS: 'win32', RUST_TRIPLE: 'i686-pc-windows-msvc'}
           - {ARCH: 'x64', WINDOWS: 'win64', RUST_TRIPLE: 'x86_64-pc-windows-msvc'}
         PYTHON:
-          - {VERSION: "3.6", TOXENV: "py36", MSVC_VERSION: "2019", CL_FLAGS: ""}
+          - {VERSION: "3.7", TOXENV: "py37", MSVC_VERSION: "2019", CL_FLAGS: ""}
           - {VERSION: "3.10", TOXENV: "py310", MSVC_VERSION: "2019", CL_FLAGS: "/D USE_OSRANDOM_RNG_FOR_TESTING"}
         RUST:
           - stable

diff --git a/setup.cfg b/setup.cfg
@@ -27,7 +27,6 @@ classifiers =
     Programming Language :: Python
     Programming Language :: Python :: 3
     Programming Language :: Python :: 3 :: Only
-    Programming Language :: Python :: 3.6
     Programming Language :: Python :: 3.7
     Programming Language :: Python :: 3.8
     Programming Language :: Python :: 3.9

diff --git a/setup.py b/setup.py
@@ -49,7 +49,7 @@
                 features=(
                     []
                     if platform.python_implementation() == "PyPy"
-                    else ["pyo3/abi3-py36"]
+                    else ["pyo3/abi3-py37"]
                 ),
                 rust_version=">=1.41.0",
             )

diff --git a/src/rust/Cargo.lock b/src/rust/Cargo.lock
diff --git a/src/rust/Cargo.toml b/src/rust/Cargo.toml
@@ -7,7 +7,7 @@ publish = false
 
 [dependencies]
 lazy_static = "1"
-pyo3 = { version = "0.15.1" }
+pyo3 = { version = "0.16" }
 asn1 = { version = "0.8.7", default-features = false, features = ["derive"] }
 pem = "1.0"
 chrono = { version = "0.4", default-features = false, features = ["alloc", "clock"] }

diff --git a/src/rust/src/x509/certificate.rs b/src/rust/src/x509/certificate.rs
@@ -82,8 +82,8 @@ pub(crate) struct Certificate {
     pub(crate) cached_extensions: Option<pyo3::PyObject>,
 }
 
-#[pyo3::prelude::pyproto]
-impl pyo3::PyObjectProtocol for Certificate {
+#[pyo3::prelude::pymethods]
+impl Certificate {
     fn __hash__(&self) -> u64 {
         let mut hasher = DefaultHasher::new();
         self.raw.borrow_value().hash(&mut hasher);
@@ -92,7 +92,7 @@ impl pyo3::PyObjectProtocol for Certificate {
 
     fn __richcmp__(
         &self,
-        other: pyo3::PyRef<Certificate>,
+        other: pyo3::PyRef<'_, Certificate>,
         op: pyo3::basic::CompareOp,
     ) -> pyo3::PyResult<bool> {
         match op {
@@ -112,10 +112,7 @@ impl pyo3::PyObjectProtocol for Certificate {
         let subject_repr = subject.repr()?.extract::<&str>()?;
         Ok(format!("<Certificate(subject={}, ...)>", subject_repr))
     }
-}
 
-#[pyo3::prelude::pymethods]
-impl Certificate {
     fn __deepcopy__(slf: pyo3::PyRef<'_, Self>, _memo: pyo3::PyObject) -> pyo3::PyRef<'_, Self> {
         slf
     }
@@ -157,9 +154,9 @@ impl Certificate {
             .getattr("Encoding")?;
 
         let result = asn1::write_single(self.raw.borrow_value());
-        if encoding == encoding_class.getattr("DER")? {
+        if encoding.is(encoding_class.getattr("DER")?) {
             Ok(pyo3::types::PyBytes::new(py, &result))
-        } else if encoding == encoding_class.getattr("PEM")? {
+        } else if encoding.is(encoding_class.getattr("PEM")?) {
             let pem = pem::encode_config(
                 &pem::Pem {
                     tag: "CERTIFICATE".to_string(),
@@ -259,7 +256,7 @@ impl Certificate {
         let hash_alg = sig_oids_to_hash.get_item(self.signature_algorithm_oid(py)?);
         match hash_alg {
             Ok(data) => Ok(data),
-            Err(_) => Err(PyAsn1Error::from(pyo3::PyErr::from_instance(
+            Err(_) => Err(PyAsn1Error::from(pyo3::PyErr::from_value(
                 py.import("cryptography.exceptions")?.call_method1(
                     "UnsupportedAlgorithm",
                     (format!(
@@ -332,7 +329,7 @@ fn cert_version(py: pyo3::Python<'_>, version: u8) -> Result<&pyo3::PyAny, PyAsn
     match version {
         0 => Ok(x509_module.getattr("Version")?.get_item("v1")?),
         2 => Ok(x509_module.getattr("Version")?.get_item("v3")?),
-        _ => Err(PyAsn1Error::from(pyo3::PyErr::from_instance(
+        _ => Err(PyAsn1Error::from(pyo3::PyErr::from_value(
             x509_module
                 .getattr("InvalidVersion")?
                 .call1((format!("{} is not a valid X509 version", version), version))?,

diff --git a/src/rust/src/x509/common.rs b/src/rust/src/x509/common.rs
@@ -108,10 +108,10 @@ pub(crate) fn encode_name_entry<'p>(
 
     let attr_type = py_name_entry.getattr("_type")?;
     let tag = attr_type.getattr("value")?.extract::<u8>()?;
-    let value: &[u8] = if attr_type != asn1_type.getattr("BitString")? {
-        let encoding = if attr_type == asn1_type.getattr("BMPString")? {
+    let value: &[u8] = if !attr_type.is(asn1_type.getattr("BitString")?) {
+        let encoding = if attr_type.is(asn1_type.getattr("BMPString")?) {
             "utf_16_be"
-        } else if attr_type == asn1_type.getattr("UniversalString")? {
+        } else if attr_type.is(asn1_type.getattr("UniversalString")?) {
             "utf_32_be"
         } else {
             "utf8"
@@ -224,31 +224,31 @@ pub(crate) fn encode_general_name<'a>(
     let gn_module = py.import("cryptography.x509.general_name")?;
     let gn_type = gn.get_type().as_ref();
     let gn_value = gn.getattr("value")?;
-    if gn_type == gn_module.getattr("DNSName")? {
+    if gn_type.is(gn_module.getattr("DNSName")?) {
         Ok(GeneralName::DNSName(UnvalidatedIA5String(
             gn_value.extract::<&str>()?,
         )))
-    } else if gn_type == gn_module.getattr("RFC822Name")? {
+    } else if gn_type.is(gn_module.getattr("RFC822Name")?) {
         Ok(GeneralName::RFC822Name(UnvalidatedIA5String(
             gn_value.extract::<&str>()?,
         )))
-    } else if gn_type == gn_module.getattr("DirectoryName")? {
+    } else if gn_type.is(gn_module.getattr("DirectoryName")?) {
         let name = encode_name(py, gn_value)?;
         Ok(GeneralName::DirectoryName(name))
-    } else if gn_type == gn_module.getattr("OtherName")? {
+    } else if gn_type.is(gn_module.getattr("OtherName")?) {
         Ok(GeneralName::OtherName(OtherName {
             type_id: py_oid_to_oid(gn.getattr("type_id")?)?,
             value: asn1::parse_single(gn_value.extract::<&[u8]>()?)?,
         }))
-    } else if gn_type == gn_module.getattr("UniformResourceIdentifier")? {
+    } else if gn_type.is(gn_module.getattr("UniformResourceIdentifier")?) {
         Ok(GeneralName::UniformResourceIdentifier(
             UnvalidatedIA5String(gn_value.extract::<&str>()?),
         ))
-    } else if gn_type == gn_module.getattr("IPAddress")? {
+    } else if gn_type.is(gn_module.getattr("IPAddress")?) {
         Ok(GeneralName::IPAddress(
             gn.call_method0("_packed")?.extract::<&[u8]>()?,
         ))
-    } else if gn_type == gn_module.getattr("RegisteredID")? {
+    } else if gn_type.is(gn_module.getattr("RegisteredID")?) {
         let oid = py_oid_to_oid(gn_value)?;
         Ok(GeneralName::RegisteredID(oid))
     } else {
@@ -443,7 +443,7 @@ pub(crate) fn parse_general_name(
                 .to_object(py)
         }
         _ => {
-            return Err(PyAsn1Error::from(pyo3::PyErr::from_instance(
+            return Err(PyAsn1Error::from(pyo3::PyErr::from_value(
                 x509_module.call_method1(
                     "UnsupportedGeneralNameType",
                     ("x400Address/EDIPartyName are not supported types",),
@@ -541,7 +541,7 @@ pub(crate) fn parse_and_cache_extensions<
                 x509_module.call_method1("ObjectIdentifier", (raw_ext.extn_id.to_string(),))?;
 
             if seen_oids.contains(&raw_ext.extn_id) {
-                return Err(pyo3::PyErr::from_instance(x509_module.call_method1(
+                return Err(pyo3::PyErr::from_value(x509_module.call_method1(
                     "DuplicateExtension",
                     (
                         format!("Duplicate {} extension found", raw_ext.extn_id),
@@ -587,7 +587,7 @@ pub(crate) fn encode_extensions<
         let oid = py_oid_to_oid(py_ext.getattr("oid")?)?;
 
         let ext_val = py_ext.getattr("value")?;
-        if unrecognized_extension_type.is_instance(ext_val)? {
+        if ext_val.is_instance(unrecognized_extension_type)? {
             exts.push(Extension {
                 extn_id: oid,
                 critical: py_ext.getattr("critical")?.extract()?,