From 081b5ab62b10a0f7ca911732ff1cf127e8715b6d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 24 May 2024 04:06:54 +0000 Subject: [PATCH 1/2] Bump black from 24.2.0 to 24.4.2 Bumps [black](https://github.com/psf/black) from 24.2.0 to 24.4.2. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](https://github.com/psf/black/compare/24.2.0...24.4.2) --- updated-dependencies: - dependency-name: black dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- lint-requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lint-requirements.txt b/lint-requirements.txt index dce6cda..b47a7d5 100644 --- a/lint-requirements.txt +++ b/lint-requirements.txt @@ -4,7 +4,7 @@ # # pip-compile lint-requirements.in # -black==24.2.0 +black==24.4.2 # via -r lint-requirements.in cffi==1.16.0 # via cryptography From 58a66805f7ae4a628155dc9d6ebb980fc8c928c5 Mon Sep 17 00:00:00 2001 From: Quentin Pradet Date: Sun, 7 Jul 2024 17:33:16 +0400 Subject: [PATCH 2/2] Run black --- src/trustme/__init__.py | 53 ++++++++++++++++++++--------------------- tests/test_trustme.py | 3 ++- 2 files changed, 28 insertions(+), 28 deletions(-) diff --git a/src/trustme/__init__.py b/src/trustme/__init__.py index 98dee02..3996535 100644 --- a/src/trustme/__init__.py +++ b/src/trustme/__init__.py @@ -256,38 +256,37 @@ def __init__( parent_certificate = parent_cert._certificate issuer = parent_certificate.subject ski_ext = parent_certificate.extensions.get_extension_for_class( - x509.SubjectKeyIdentifier) - aki = x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier(ski_ext.value) + x509.SubjectKeyIdentifier + ) + aki = x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier( + ski_ext.value + ) else: aki = None - cert_builder = ( - _cert_builder_common(name, issuer, self._private_key.public_key()) - .add_extension( - x509.BasicConstraints(ca=True, path_length=path_length), - critical=True, - ) + cert_builder = _cert_builder_common( + name, issuer, self._private_key.public_key() + ).add_extension( + x509.BasicConstraints(ca=True, path_length=path_length), + critical=True, ) if aki: cert_builder = cert_builder.add_extension(aki, critical=False) - self._certificate = ( - cert_builder.add_extension( - x509.KeyUsage( - digital_signature=True, # OCSP - content_commitment=False, - key_encipherment=False, - data_encipherment=False, - key_agreement=False, - key_cert_sign=True, # sign certs - crl_sign=True, # sign revocation lists - encipher_only=False, - decipher_only=False, - ), - critical=True, - ) - .sign( - private_key=sign_key, - algorithm=hashes.SHA256(), - ) + self._certificate = cert_builder.add_extension( + x509.KeyUsage( + digital_signature=True, # OCSP + content_commitment=False, + key_encipherment=False, + data_encipherment=False, + key_agreement=False, + key_cert_sign=True, # sign certs + crl_sign=True, # sign revocation lists + encipher_only=False, + decipher_only=False, + ), + critical=True, + ).sign( + private_key=sign_key, + algorithm=hashes.SHA256(), ) @property diff --git a/tests/test_trustme.py b/tests/test_trustme.py index 97199a3..eee0a39 100644 --- a/tests/test_trustme.py +++ b/tests/test_trustme.py @@ -201,7 +201,8 @@ def test_intermediate() -> None: aki = child_ca_cert.extensions.get_extension_for_class(x509.AuthorityKeyIdentifier) assert aki.critical is False expected_aki_key_id = ca_cert.extensions.get_extension_for_class( - x509.SubjectKeyIdentifier).value.digest + x509.SubjectKeyIdentifier + ).value.digest assert aki.value.key_identifier == expected_aki_key_id child_server = child_ca.issue_cert("test-host.example.org")