diff options
-rw-r--r-- | src/cryptography/hazmat/primitives/asymmetric/dsa.py | 4 | ||||
-rw-r--r-- | src/cryptography/utils.py | 2 | ||||
-rw-r--r-- | src/cryptography/x509/base.py | 4 | ||||
-rw-r--r-- | tests/hazmat/backends/test_openssl.py | 6 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_dh.py | 4 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_dsa.py | 3 | ||||
-rw-r--r-- | tests/test_cryptography_utils.py | 5 | ||||
-rw-r--r-- | tests/x509/test_x509.py | 2 |
8 files changed, 18 insertions, 12 deletions
diff --git a/src/cryptography/hazmat/primitives/asymmetric/dsa.py b/src/cryptography/hazmat/primitives/asymmetric/dsa.py index 03e6a53e..f2f600dd 100644 --- a/src/cryptography/hazmat/primitives/asymmetric/dsa.py +++ b/src/cryptography/hazmat/primitives/asymmetric/dsa.py @@ -128,9 +128,9 @@ def generate_private_key(key_size, backend): def _check_dsa_parameters(parameters): - if utils.bit_length(parameters.p) not in [1024, 2048, 3072]: + if parameters.p.bit_length() not in [1024, 2048, 3072]: raise ValueError("p must be exactly 1024, 2048, or 3072 bits long") - if utils.bit_length(parameters.q) not in [160, 256]: + if parameters.q.bit_length() not in [160, 256]: raise ValueError("q must be exactly 160 or 256 bits long") if not (1 < parameters.g < parameters.p): diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py index 02eec209..382905c0 100644 --- a/src/cryptography/utils.py +++ b/src/cryptography/utils.py @@ -100,6 +100,8 @@ def verify_interface(iface, klass): ) +# No longer needed as of 2.2, but retained because we have external consumers +# who use it. def bit_length(x): return x.bit_length() diff --git a/src/cryptography/x509/base.py b/src/cryptography/x509/base.py index 2c96c5bc..45b603f0 100644 --- a/src/cryptography/x509/base.py +++ b/src/cryptography/x509/base.py @@ -469,7 +469,7 @@ class CertificateBuilder(object): # ASN.1 integers are always signed, so most significant bit must be # zero. - if utils.bit_length(number) >= 160: # As defined in RFC 5280 + if number.bit_length() >= 160: # As defined in RFC 5280 raise ValueError('The serial number should not be more than 159 ' 'bits.') return CertificateBuilder( @@ -686,7 +686,7 @@ class RevokedCertificateBuilder(object): # ASN.1 integers are always signed, so most significant bit must be # zero. - if utils.bit_length(number) >= 160: # As defined in RFC 5280 + if number.bit_length() >= 160: # As defined in RFC 5280 raise ValueError('The serial number should not be more than 159 ' 'bits.') return RevokedCertificateBuilder( diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 40e92853..e430e2d9 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -14,7 +14,7 @@ from pkg_resources import parse_version import pytest -from cryptography import utils, x509 +from cryptography import x509 from cryptography.exceptions import InternalError, _Reasons from cryptography.hazmat.backends.interfaces import DHBackend, RSABackend from cryptography.hazmat.backends.openssl.backend import ( @@ -141,10 +141,10 @@ class TestOpenSSL(object): def test_large_key_size_on_new_openssl(self): parameters = dsa.generate_parameters(2048, backend) param_num = parameters.parameter_numbers() - assert utils.bit_length(param_num.p) == 2048 + assert param_num.p.bit_length() == 2048 parameters = dsa.generate_parameters(3072, backend) param_num = parameters.parameter_numbers() - assert utils.bit_length(param_num.p) == 3072 + assert param_num.p.bit_length() == 3072 def test_int_to_bn(self): value = (2 ** 4242) - 4242 diff --git a/tests/hazmat/primitives/test_dh.py b/tests/hazmat/primitives/test_dh.py index 25be51c9..a70ae745 100644 --- a/tests/hazmat/primitives/test_dh.py +++ b/tests/hazmat/primitives/test_dh.py @@ -13,7 +13,7 @@ from cryptography.hazmat.backends.interfaces import ( DERSerializationBackend, DHBackend, PEMSerializationBackend) from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import dh -from cryptography.utils import bit_length, int_from_bytes +from cryptography.utils import int_from_bytes from ...doubles import DummyKeySerializationEncryption from ...utils import load_nist_vectors, load_vectors_from_file @@ -262,7 +262,7 @@ class TestDH(object): assert isinstance(parameters, dh.DHParametersWithSerialization) parameter_numbers = parameters.parameter_numbers() assert isinstance(parameter_numbers, dh.DHParameterNumbers) - assert bit_length(parameter_numbers.p) == key_size + assert parameter_numbers.p.bit_length() == key_size assert isinstance(public, dh.DHPublicKeyWithSerialization) assert isinstance(public.public_numbers(), dh.DHPublicNumbers) diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py index 34197772..89303fed 100644 --- a/tests/hazmat/primitives/test_dsa.py +++ b/tests/hazmat/primitives/test_dsa.py @@ -18,7 +18,6 @@ from cryptography.hazmat.primitives.asymmetric import dsa from cryptography.hazmat.primitives.asymmetric.utils import ( Prehashed, encode_dss_signature ) -from cryptography.utils import bit_length from .fixtures_dsa import ( DSA_KEY_1024, DSA_KEY_2048, DSA_KEY_3072 @@ -82,7 +81,7 @@ class TestDSA(object): assert skey_parameters.p == vector['p'] assert skey_parameters.q == vector['q'] assert skey_parameters.g == vector['g'] - assert skey.key_size == bit_length(vector['p']) + assert skey.key_size == vector['p'].bit_length() assert pkey.key_size == skey.key_size public_numbers = pkey.public_numbers() assert numbers.public_numbers.y == public_numbers.y diff --git a/tests/test_cryptography_utils.py b/tests/test_cryptography_utils.py index 290e1612..320f7aa8 100644 --- a/tests/test_cryptography_utils.py +++ b/tests/test_cryptography_utils.py @@ -56,3 +56,8 @@ class TestCachedProperty(object): assert len(accesses) == 1 assert t.t == 14 assert len(accesses) == 1 + + +def test_bit_length(): + assert utils.bit_length(1) == 1 + assert utils.bit_length(11) == 4 diff --git a/tests/x509/test_x509.py b/tests/x509/test_x509.py index a07ffb3a..97b5a749 100644 --- a/tests/x509/test_x509.py +++ b/tests/x509/test_x509.py @@ -3981,4 +3981,4 @@ def test_random_serial_number(monkeypatch): assert ( serial_number == utils.int_from_bytes(sample_data, "big") >> 1 ) - assert utils.bit_length(serial_number) < 160 + assert serial_number.bit_length() < 160 |