Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-josepy for openSUSE:Factory
checked in at 2025-04-22 17:28:54
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-josepy (Old)
and /work/SRC/openSUSE:Factory/.python-josepy.new.30101 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-josepy"
Tue Apr 22 17:28:54 2025 rev:17 rq:1271139 version:2.0.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-josepy/python-josepy.changes
2025-02-05 12:43:02.203015604 +0100
+++ /work/SRC/openSUSE:Factory/.python-josepy.new.30101/python-josepy.changes
2025-04-22 17:29:36.918439108 +0200
@@ -1,0 +2,10 @@
+Thu Apr 17 18:07:11 UTC 2025 - ecsos <ec...@opensuse.org>
+
+- Update to 2.0.0
+ * Breaking Change: PyOpenSSL has been fully removed. - Dropped objects:
+ - josepy.util.ComparableX509
+ - Functions now expect cryptography.x509 objects:
josepy.json_util.encode_cert josepy.json_util.encode_csr
josepy.jws.Header.x5c.encoder
+ - Functions now return cryptography.x509 objects:
josepy.json_util.decode_cert josepy.json_util.decode_csr
josepy.jws.Header.x5c.decoder
+ * Dropped support for Python 3.8.
+
+-------------------------------------------------------------------
Old:
----
josepy-1.15.0.tar.gz
New:
----
josepy-2.0.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-josepy.spec ++++++
--- /var/tmp/diff_new_pack.fLiTUw/_old 2025-04-22 17:29:37.638469346 +0200
+++ /var/tmp/diff_new_pack.fLiTUw/_new 2025-04-22 17:29:37.638469346 +0200
@@ -19,14 +19,14 @@
%define libname josepy
%{?sle15_python_module_pythons}
Name: python-%{libname}
-Version: 1.15.0
+Version: 2.0.0
Release: 0
Summary: JOSE protocol implementation in Python
License: Apache-2.0
URL: https://github.com/certbot/josepy
Source0:
https://files.pythonhosted.org/packages/source/j/%{libname}/%{libname}-%{version}.tar.gz
Source2: %{name}.keyring
-BuildRequires: %{python_module base >= 3.7}
+BuildRequires: %{python_module base >= 3.9}
BuildRequires: %{python_module coverage >= 4.0}
BuildRequires: %{python_module cryptography >= 1.5}
BuildRequires: %{python_module pip}
++++++ josepy-1.15.0.tar.gz -> josepy-2.0.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/josepy-1.15.0/CHANGELOG.rst
new/josepy-2.0.0/CHANGELOG.rst
--- old/josepy-1.15.0/CHANGELOG.rst 2025-01-23 00:52:14.976892700 +0100
+++ new/josepy-2.0.0/CHANGELOG.rst 1970-01-01 01:00:00.000000000 +0100
@@ -1,6 +1,23 @@
Changelog
=========
+2.0.0 (2025-02-10)
+------------------
+
+* Breaking Change: PyOpenSSL has been fully removed.
+ - Dropped objects:
+ `josepy.util.ComparableX509`
+ - Functions now expect `cryptography.x509` objects:
+ `josepy.json_util.encode_cert`
+ `josepy.json_util.encode_csr`
+ `josepy.jws.Header.x5c.encoder`
+ - Functions now return `cryptography.x509` objects:
+ `josepy.json_util.decode_cert`
+ `josepy.json_util.decode_csr`
+ `josepy.jws.Header.x5c.decoder`
+* Dropped support for Python 3.8.
+
+
1.15.0 (2025-01-22)
-------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/josepy-1.15.0/PKG-INFO new/josepy-2.0.0/PKG-INFO
--- old/josepy-1.15.0/PKG-INFO 1970-01-01 01:00:00.000000000 +0100
+++ new/josepy-2.0.0/PKG-INFO 1970-01-01 01:00:00.000000000 +0100
@@ -1,18 +1,16 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.3
Name: josepy
-Version: 1.15.0
+Version: 2.0.0
Summary: JOSE protocol implementation in Python
-Home-page: https://github.com/certbot/josepy
License: Apache-2.0
Author: Certbot Project
Author-email: certbot-...@eff.org
-Requires-Python: >=3.8,<4.0
+Requires-Python: >=3.9,<4.0
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
@@ -22,9 +20,9 @@
Classifier: Topic :: Security
Provides-Extra: docs
Requires-Dist: cryptography (>=1.5)
-Requires-Dist: pyopenssl (>=0.13)
Requires-Dist: sphinx (>=4.3.0) ; extra == "docs"
Requires-Dist: sphinx-rtd-theme (>=1.0) ; extra == "docs"
+Project-URL: Homepage, https://github.com/certbot/josepy
Description-Content-Type: text/x-rst
JOSE protocol implementation in Python using cryptography
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/josepy-1.15.0/docs/conf.py
new/josepy-2.0.0/docs/conf.py
--- old/josepy-1.15.0/docs/conf.py 2025-01-23 00:52:15.005099000 +0100
+++ new/josepy-2.0.0/docs/conf.py 1970-01-01 01:00:00.000000000 +0100
@@ -63,9 +63,9 @@
# built documents.
#
# The short X.Y version.
-version = "1.15"
+version = "2.0"
# The full version, including alpha/beta/rc tags.
-release = "1.15.0"
+release = "2.0.0"
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/josepy-1.15.0/pyproject.toml
new/josepy-2.0.0/pyproject.toml
--- old/josepy-1.15.0/pyproject.toml 2025-01-23 00:52:15.189929200 +0100
+++ new/josepy-2.0.0/pyproject.toml 1970-01-01 01:00:00.000000000 +0100
@@ -8,7 +8,7 @@
[tool.poetry]
name = "josepy"
-version = "1.15.0"
+version = "2.0.0"
description = "JOSE protocol implementation in Python"
license = "Apache License 2.0"
classifiers = [
@@ -17,7 +17,6 @@
"License :: OSI Approved :: Apache Software License",
"Programming Language :: Python",
"Programming Language :: Python :: 3",
- "Programming Language :: Python :: 3.8",
"Programming Language :: Python :: 3.9",
"Programming Language :: Python :: 3.10",
"Programming Language :: Python :: 3.11",
@@ -38,26 +37,19 @@
[tool.poetry.dependencies]
# This should be kept in sync with the value of target-version in our
# configuration for black below.
-python = "^3.8"
+python = "^3.9"
# load_pem_private/public_key (>=0.6)
# rsa_recover_prime_factors (>=0.8)
# add sign() and verify() to asymetric keys (RSA >=1.4, ECDSA >=1.5)
cryptography = ">=1.5"
-# Connection.set_tlsext_host_name (>=0.13)
-pyopenssl = ">=0.13"
# >=4.3.0 is needed for Python 3.10 support
sphinx = {version = ">=4.3.0", optional = true}
sphinx-rtd-theme = {version = ">=1.0", optional = true}
-[tool.poetry.dev-dependencies]
+[tool.poetry.group.dev.dependencies]
# coverage[toml] extra is required to read the coverage config from
pyproject.toml
coverage = {version = ">=4.0", extras = ["toml"]}
-# importlib_resources 1.3 was the version included in Python 3.9 which
-# introduced the functionality we are using. See
-#
https://github.com/python/importlib_resources/tree/7f4fbb5ee026d7610636d5ece18b09c64aa0c893#compatibility.
-importlib_resources = {version = ">=1.3", python = "<3.9"}
mypy = "*"
-types-pyOpenSSL = "*"
types-pyRFC3339 = "*"
types-requests = "*"
types-setuptools = "*"
@@ -82,7 +74,7 @@
line-length = 100
# This should be kept in sync with the version of Python specified in poetry's
# dependencies above.
-target-version = ['py38', 'py39', 'py310', 'py311', 'py312', 'py313']
+target-version = ['py39', 'py310', 'py311', 'py312', 'py313']
# Mypy tooling configuration
@@ -97,11 +89,6 @@
[tool.pytest.ini_options]
filterwarnings = [
"error",
- "ignore:CSR support in pyOpenSSL is deprecated:DeprecationWarning",
- # We ignore our own warning about dropping Python 3.8 support.
- "ignore:Python 3.8 support will be dropped:DeprecationWarning",
- # We ignore our own warning about ComparableX509
- "ignore:.*josepy will remove josepy.util.ComparableX509",
]
norecursedirs = "*.egg .eggs dist build docs .tox"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/josepy-1.15.0/src/josepy/__init__.py
new/josepy-2.0.0/src/josepy/__init__.py
--- old/josepy-1.15.0/src/josepy/__init__.py 2025-01-23 00:52:14.979236800
+0100
+++ new/josepy-2.0.0/src/josepy/__init__.py 1970-01-01 01:00:00.000000000
+0100
@@ -26,9 +26,6 @@
"""
-import sys
-import warnings
-
# flake8: noqa
from josepy.b64 import b64decode, b64encode
from josepy.errors import (
@@ -73,13 +70,5 @@
ComparableECKey,
ComparableKey,
ComparableRSAKey,
- ComparableX509,
ImmutableMap,
)
-
-if sys.version_info[:2] == (3, 8):
- warnings.warn(
- "Python 3.8 support will be dropped in the next scheduled release of "
- "josepy. Please upgrade your Python version.",
- DeprecationWarning,
- )
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/josepy-1.15.0/src/josepy/json_util.py
new/josepy-2.0.0/src/josepy/json_util.py
--- old/josepy-1.15.0/src/josepy/json_util.py 2025-01-23 00:52:14.979458600
+0100
+++ new/josepy-2.0.0/src/josepy/json_util.py 1970-01-01 01:00:00.000000000
+0100
@@ -22,7 +22,8 @@
TypeVar,
)
-from OpenSSL import crypto
+from cryptography import x509
+from cryptography.hazmat.primitives.serialization import Encoding
from josepy import b64, errors, interfaces, util
@@ -426,59 +427,65 @@
raise errors.DeserializationError(error)
-def encode_cert(cert: util.ComparableX509) -> str:
+def encode_cert(cert: x509.Certificate) -> str:
"""Encode certificate as JOSE Base-64 DER.
- :type cert: `OpenSSL.crypto.X509` wrapped in `.ComparableX509`
+ :type cert: `cryptography.x509.Certificate`
:rtype: unicode
+ .. versionchanged:: 2.0.0
+ The `cert` parameter is now `cryptography.x509.Certificate`.
+ Previously this was an `josepy.util.ComparableX509` object, which
wrapped
+ an `OpenSSL.crypto.X509` object.
"""
- if isinstance(cert.wrapped, crypto.X509Req):
- raise ValueError("Error input is actually a certificate request.")
+ return encode_b64jose(cert.public_bytes(Encoding.DER))
- return encode_b64jose(crypto.dump_certificate(crypto.FILETYPE_ASN1,
cert.wrapped))
-
-def decode_cert(b64der: str) -> util.ComparableX509:
+def decode_cert(b64der: str) -> x509.Certificate:
"""Decode JOSE Base-64 DER-encoded certificate.
:param unicode b64der:
- :rtype: `OpenSSL.crypto.X509` wrapped in `.ComparableX509`
+ :rtype: `cryptography.x509.Certificate`
+ .. versionchanged:: 2.0.0
+ The returned object is now a `cryptography.x509.Certificate`.
+ Previously this was an `josepy.util.ComparableX509` object, which
wrapped
+ an `OpenSSL.crypto.X509` object.
"""
try:
- return util.ComparableX509(
- crypto.load_certificate(crypto.FILETYPE_ASN1,
decode_b64jose(b64der))
- )
- except crypto.Error as error:
+ return x509.load_der_x509_certificate(decode_b64jose(b64der))
+ except ValueError as error:
raise errors.DeserializationError(error)
-def encode_csr(csr: util.ComparableX509) -> str:
+def encode_csr(csr: x509.CertificateSigningRequest) -> str:
"""Encode CSR as JOSE Base-64 DER.
- :type csr: `OpenSSL.crypto.X509Req` wrapped in `.ComparableX509`
+ :type csr: `cryptography.x509.CertificateSigningRequest`
:rtype: unicode
+ .. versionchanged:: 2.0.0
+ The `cert` parameter is now
`cryptography.x509.CertificateSigningRequest`.
+ Previously this was an `josepy.util.ComparableX509` object, which
wrapped
+ an `OpenSSL.crypto.X509Req` object.
"""
- if isinstance(csr.wrapped, crypto.X509):
- raise ValueError("Error input is actually a certificate.")
-
- return
encode_b64jose(crypto.dump_certificate_request(crypto.FILETYPE_ASN1,
csr.wrapped))
+ return encode_b64jose(csr.public_bytes(Encoding.DER))
-def decode_csr(b64der: str) -> util.ComparableX509:
+def decode_csr(b64der: str) -> x509.CertificateSigningRequest:
"""Decode JOSE Base-64 DER-encoded CSR.
:param unicode b64der:
- :rtype: `OpenSSL.crypto.X509Req` wrapped in `.ComparableX509`
+ :rtype: `cryptography.x509.CertificateSigningRequest`
+ .. versionchanged:: 2.0.0
+ The returned object is now a
`cryptography.x509.CertificateSigningRequest`.
+ Previously this was an `josepy.util.ComparableX509` object, which
wrapped
+ an `OpenSSL.crypto.X509Req` object.
"""
try:
- return util.ComparableX509(
- crypto.load_certificate_request(crypto.FILETYPE_ASN1,
decode_b64jose(b64der))
- )
- except crypto.Error as error:
+ return x509.load_der_x509_csr(decode_b64jose(b64der))
+ except ValueError as error:
raise errors.DeserializationError(error)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/josepy-1.15.0/src/josepy/jws.py
new/josepy-2.0.0/src/josepy/jws.py
--- old/josepy-1.15.0/src/josepy/jws.py 2025-01-23 00:52:14.979677700 +0100
+++ new/josepy-2.0.0/src/josepy/jws.py 1970-01-01 01:00:00.000000000 +0100
@@ -15,12 +15,12 @@
cast,
)
-from OpenSSL import crypto
+from cryptography import x509
+from cryptography.hazmat.primitives.serialization import Encoding
import josepy
from josepy import b64, errors, json_util, jwa
from josepy import jwk as jwk_mod
-from josepy import util
class MediaType:
@@ -80,7 +80,7 @@
)
kid: Optional[str] = json_util.field("kid", omitempty=True)
x5u: Optional[bytes] = json_util.field("x5u", omitempty=True)
- x5c: Tuple[util.ComparableX509, ...] = json_util.field("x5c",
omitempty=True, default=())
+ x5c: Tuple[x509.Certificate, ...] = json_util.field("x5c", omitempty=True,
default=())
x5t: Optional[bytes] = json_util.field("x5t",
decoder=json_util.decode_b64jose, omitempty=True)
x5tS256: Optional[bytes] = json_util.field(
"x5t#S256", decoder=json_util.decode_b64jose, omitempty=True
@@ -138,21 +138,25 @@
@x5c.encoder # type: ignore
def x5c(value):
- return [
- base64.b64encode(crypto.dump_certificate(crypto.FILETYPE_ASN1,
cert.wrapped))
- for cert in value
- ]
+ """
+ .. versionchanged:: 2.0.0
+ The values are now `cryptography.x509.Certificate` objects.
+ Previously these were `josepy.util.ComparableX509` objects, which
wrapped
+ `OpenSSL.crypto.X509` objects.
+ """
+ return [base64.b64encode(cert.public_bytes(Encoding.DER)) for cert in
value]
@x5c.decoder # type: ignore
def x5c(value):
+ """
+ .. versionchanged:: 2.0.0
+ The values are now `cryptography.x509.Certificate` objects.
+ Previously these were `josepy.util.ComparableX509` objects, which
wrapped
+ `OpenSSL.crypto.X509` objects.
+ """
try:
- return tuple(
- util.ComparableX509(
- crypto.load_certificate(crypto.FILETYPE_ASN1,
base64.b64decode(cert))
- )
- for cert in value
- )
- except crypto.Error as error:
+ return
tuple(x509.load_der_x509_certificate(base64.b64decode(cert)) for cert in value)
+ except ValueError as error:
raise errors.DeserializationError(error)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/josepy-1.15.0/src/josepy/util.py
new/josepy-2.0.0/src/josepy/util.py
--- old/josepy-1.15.0/src/josepy/util.py 2025-01-23 00:52:14.979972800
+0100
+++ new/josepy-2.0.0/src/josepy/util.py 1970-01-01 01:00:00.000000000 +0100
@@ -8,7 +8,6 @@
from typing import Any, Callable, Iterator, List, Tuple, TypeVar, Union, cast
from cryptography.hazmat.primitives.asymmetric import ec, rsa
-from OpenSSL import crypto
# Deprecated. Please use built-in decorators @classmethod and
abc.abstractmethod together instead.
@@ -16,61 +15,6 @@
return classmethod(abc.abstractmethod(func))
-class ComparableX509:
- """Wrapper for OpenSSL.crypto.X509** objects that supports __eq__.
-
- :ivar wrapped: Wrapped certificate or certificate request.
- :type wrapped: `OpenSSL.crypto.X509` or `OpenSSL.crypto.X509Req`.
-
- .. deprecated:: 1.15.0
- """
-
- def __init__(self, wrapped: Union[crypto.X509, crypto.X509Req]) -> None:
- warnings.warn(
- "The next major version of josepy will remove
josepy.util.ComparableX509 and all "
- "uses of it as part of removing our dependency on PyOpenSSL. This
includes "
- "modifying any functions with ComparableX509 parameters or return
values. This "
- "will be a breaking change. To avoid breakage, we recommend
pinning josepy < 2.0.0 "
- "until josepy 2.0.0 is out and you've had time to update your
code.",
- DeprecationWarning,
- stacklevel=2,
- )
- assert isinstance(wrapped, crypto.X509) or isinstance(wrapped,
crypto.X509Req)
- self.wrapped = wrapped
-
- def __getattr__(self, name: str) -> Any:
- return getattr(self.wrapped, name)
-
- def _dump(self, filetype: int = crypto.FILETYPE_ASN1) -> bytes:
- """Dumps the object into a buffer with the specified encoding.
-
- :param int filetype: The desired encoding. Should be one of
- `OpenSSL.crypto.FILETYPE_ASN1`,
- `OpenSSL.crypto.FILETYPE_PEM`, or
- `OpenSSL.crypto.FILETYPE_TEXT`.
-
- :returns: Encoded X509 object.
- :rtype: bytes
-
- """
- if isinstance(self.wrapped, crypto.X509):
- return crypto.dump_certificate(filetype, self.wrapped)
-
- # assert in __init__ makes sure this is X509Req
- return crypto.dump_certificate_request(filetype, self.wrapped)
-
- def __eq__(self, other: Any) -> bool:
- if not isinstance(other, self.__class__):
- return NotImplemented
- return self._dump() == other._dump()
-
- def __hash__(self) -> int:
- return hash((self.__class__, self._dump()))
-
- def __repr__(self) -> str:
- return "<{0}({1!r})>".format(self.__class__.__name__, self.wrapped)
-
-
class ComparableKey:
"""Comparable wrapper for ``cryptography`` keys.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/josepy-1.15.0/tests/init_test.py
new/josepy-2.0.0/tests/init_test.py
--- old/josepy-1.15.0/tests/init_test.py 2025-01-23 00:52:14.980136600
+0100
+++ new/josepy-2.0.0/tests/init_test.py 1970-01-01 01:00:00.000000000 +0100
@@ -1,25 +0,0 @@
-import importlib
-import re
-import sys
-import warnings
-
-import pytest
-
-import josepy
-
-
-@pytest.mark.skipif(sys.version_info[:2] != (3, 8), reason="requires Python
3.8")
-def test_warns() -> None:
- with pytest.warns(DeprecationWarning, match=re.escape(r"Python 3.8
support")):
- importlib.reload(josepy)
-
-
-@pytest.mark.skipif(sys.version_info[:2] == (3, 8), reason="requires Python !=
3.8")
-def test_does_not_warn() -> None:
- with warnings.catch_warnings():
- warnings.simplefilter("error")
- importlib.reload(josepy)
-
-
-if __name__ == "__main__":
- sys.exit(pytest.main(sys.argv[1:] + [__file__])) # pragma: no cover
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/josepy-1.15.0/tests/json_util_test.py
new/josepy-2.0.0/tests/json_util_test.py
--- old/josepy-1.15.0/tests/json_util_test.py 2025-01-23 00:52:14.980270000
+0100
+++ new/josepy-2.0.0/tests/json_util_test.py 1970-01-01 01:00:00.000000000
+0100
@@ -8,11 +8,12 @@
import pytest
import test_util
+from cryptography import x509
from josepy import errors, interfaces, util
-CERT = test_util.load_comparable_cert("cert.pem")
-CSR = test_util.load_comparable_csr("csr.pem")
+CERT = test_util.load_cert("cert.pem")
+CSR = test_util.load_csr("csr.pem")
class FieldTest(unittest.TestCase):
@@ -327,7 +328,7 @@
from josepy.json_util import decode_cert
cert = decode_cert(self.b64_cert)
- assert isinstance(cert, util.ComparableX509)
+ assert isinstance(cert, x509.Certificate)
assert cert == CERT
with pytest.raises(errors.DeserializationError):
decode_cert("")
@@ -341,7 +342,7 @@
from josepy.json_util import decode_csr
csr = decode_csr(self.b64_csr)
- assert isinstance(csr, util.ComparableX509)
+ assert isinstance(csr, x509.CertificateSigningRequest)
assert csr == CSR
with pytest.raises(errors.DeserializationError):
decode_csr("")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/josepy-1.15.0/tests/jws_test.py
new/josepy-2.0.0/tests/jws_test.py
--- old/josepy-1.15.0/tests/jws_test.py 2025-01-23 00:52:14.980472600 +0100
+++ new/josepy-2.0.0/tests/jws_test.py 1970-01-01 01:00:00.000000000 +0100
@@ -5,13 +5,14 @@
import unittest
from unittest import mock
-import OpenSSL
import pytest
import test_util
+from cryptography import x509
+from cryptography.hazmat.primitives.serialization import Encoding
from josepy import errors, json_util, jwa, jwk
-CERT = test_util.load_comparable_cert("cert.pem")
+CERT = test_util.load_cert("cert.pem")
KEY = jwk.JWKRSA.load(test_util.load_vector("rsa512_key.pem"))
@@ -72,8 +73,8 @@
header = Header(x5c=(CERT, CERT))
jobj = header.to_partial_json()
- assert isinstance(CERT.wrapped, OpenSSL.crypto.X509)
- cert_asn1 =
OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_ASN1, CERT.wrapped)
+ assert isinstance(CERT, x509.Certificate)
+ cert_asn1 = CERT.public_bytes(Encoding.DER)
cert_b64 = base64.b64encode(cert_asn1)
assert jobj == {"x5c": [cert_b64, cert_b64]}
assert header == Header.from_json(jobj)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/josepy-1.15.0/tests/test_util.py
new/josepy-2.0.0/tests/test_util.py
--- old/josepy-1.15.0/tests/test_util.py 2025-01-23 00:52:14.980573400
+0100
+++ new/josepy-2.0.0/tests/test_util.py 1970-01-01 01:00:00.000000000 +0100
@@ -2,26 +2,19 @@
import atexit
import contextlib
+import importlib.resources
import os
-import sys
from typing import Any
+from cryptography import x509
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
-from OpenSSL import crypto
import josepy.util
-from josepy import ComparableRSAKey, ComparableX509
+from josepy import ComparableRSAKey
from josepy.util import ComparableECKey
-# This approach is based on the recommendation at
-# https://github.com/python/mypy/issues/1153#issuecomment-1207333806.
-if sys.version_info >= (3, 9):
- import importlib.resources as importlib_resources
-else:
- import importlib_resources
-
-TESTDATA = importlib_resources.files("testdata")
+TESTDATA = importlib.resources.files("testdata")
def vector_path(*names: str) -> str:
@@ -33,7 +26,7 @@
ref = TESTDATA.joinpath(*names)
# We convert the value to str here because some of the calling code doesn't
# work with pathlib objects.
- return str(file_manager.enter_context(importlib_resources.as_file(ref)))
+ return str(file_manager.enter_context(importlib.resources.as_file(ref)))
def load_vector(*names: str) -> bytes:
@@ -51,26 +44,18 @@
raise ValueError("Loader could not be recognized based on extension")
-def load_cert(*names: str) -> crypto.X509:
+def load_cert(*names: str) -> x509.Certificate:
"""Load certificate."""
- loader = _guess_loader(names[-1], crypto.FILETYPE_PEM,
crypto.FILETYPE_ASN1)
- return crypto.load_certificate(loader, load_vector(*names))
-
-
-def load_comparable_cert(*names: str) -> josepy.util.ComparableX509:
- """Load ComparableX509 cert."""
- return ComparableX509(load_cert(*names))
+ loader = _guess_loader(
+ names[-1], x509.load_pem_x509_certificate,
x509.load_der_x509_certificate
+ )
+ return loader(load_vector(*names))
-def load_csr(*names: str) -> crypto.X509Req:
+def load_csr(*names: str) -> x509.CertificateSigningRequest:
"""Load certificate request."""
- loader = _guess_loader(names[-1], crypto.FILETYPE_PEM,
crypto.FILETYPE_ASN1)
- return crypto.load_certificate_request(loader, load_vector(*names))
-
-
-def load_comparable_csr(*names: str) -> josepy.util.ComparableX509:
- """Load ComparableX509 certificate request."""
- return ComparableX509(load_csr(*names))
+ loader = _guess_loader(names[-1], x509.load_pem_x509_csr,
x509.load_der_x509_csr)
+ return loader(load_vector(*names))
def load_rsa_private_key(*names: str) -> josepy.util.ComparableRSAKey:
@@ -87,9 +72,3 @@
names[-1], serialization.load_pem_private_key,
serialization.load_der_private_key
)
return ComparableECKey(loader(load_vector(*names), password=None,
backend=default_backend()))
-
-
-def load_pyopenssl_private_key(*names: str) -> crypto.PKey:
- """Load pyOpenSSL private key."""
- loader = _guess_loader(names[-1], crypto.FILETYPE_PEM,
crypto.FILETYPE_ASN1)
- return crypto.load_privatekey(loader, load_vector(*names))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/josepy-1.15.0/tests/util_test.py
new/josepy-2.0.0/tests/util_test.py
--- old/josepy-1.15.0/tests/util_test.py 2025-01-23 00:52:14.981837000
+0100
+++ new/josepy-2.0.0/tests/util_test.py 1970-01-01 01:00:00.000000000 +0100
@@ -3,58 +3,11 @@
import functools
import sys
import unittest
-import warnings
import pytest
import test_util
-class ComparableX509Test(unittest.TestCase):
- """Tests for josepy.util.ComparableX509."""
-
- def setUp(self) -> None:
- # test_util.load_comparable_{csr,cert} return ComparableX509
- self.req1 = test_util.load_comparable_csr("csr.pem")
- self.req2 = test_util.load_comparable_csr("csr.pem")
- self.req_other = test_util.load_comparable_csr("csr-san.pem")
-
- self.cert1 = test_util.load_comparable_cert("cert.pem")
- self.cert2 = test_util.load_comparable_cert("cert.pem")
- self.cert_other = test_util.load_comparable_cert("cert-san.pem")
-
- def test_getattr_proxy(self) -> None:
- with warnings.catch_warnings():
- warnings.filterwarnings(
- "ignore",
- category=DeprecationWarning,
- message=".*Use timezone-aware objects to represent datetimes",
- )
- assert self.cert1.has_expired() is True
-
- def test_eq(self) -> None:
- assert self.req1 == self.req2
- assert self.cert1 == self.cert2
-
- def test_ne(self) -> None:
- assert self.req1 != self.req_other
- assert self.cert1 != self.cert_other
-
- def test_ne_wrong_types(self) -> None:
- assert self.req1 != 5
- assert self.cert1 != 5
-
- def test_hash(self) -> None:
- assert hash(self.req1) == hash(self.req2)
- assert hash(self.req1) != hash(self.req_other)
-
- assert hash(self.cert1) == hash(self.cert2)
- assert hash(self.cert1) != hash(self.cert_other)
-
- def test_repr(self) -> None:
- for x509 in self.req1, self.cert1:
- assert repr(x509) == "<ComparableX509({0!r})>".format(x509.wrapped)
-
-
class ComparableRSAKeyTest(unittest.TestCase):
"""Tests for josepy.util.ComparableRSAKey."""
