diff --git a/docs-requirements.txt b/docs-requirements.txt index 381a858..7a2aed2 100644 --- a/docs-requirements.txt +++ b/docs-requirements.txt @@ -28,7 +28,7 @@ jinja2==3.1.2 # via sphinx markupsafe==3.0.2 # via jinja2 -packaging==24.1 +packaging==24.2 # via sphinx pycparser==2.22 # via cffi diff --git a/lint-requirements.txt b/lint-requirements.txt index c7ea23d..a29ba83 100644 --- a/lint-requirements.txt +++ b/lint-requirements.txt @@ -26,7 +26,7 @@ mypy-extensions==1.0.0 # via # black # mypy -packaging==24.1 +packaging==24.2 # via # black # pytest @@ -44,7 +44,7 @@ types-cffi==1.16.0.20240331 # via types-pyopenssl types-pyopenssl==24.1.0.20240722 # via -r lint-requirements.in -types-setuptools==75.2.0.20241025 +types-setuptools==75.6.0.20241126 # via types-cffi typing-extensions==4.12.2 # via mypy diff --git a/src/trustme/__init__.py b/src/trustme/__init__.py index ff87ab7..6f3cc00 100644 --- a/src/trustme/__init__.py +++ b/src/trustme/__init__.py @@ -8,7 +8,7 @@ from contextlib import contextmanager from enum import Enum from tempfile import NamedTemporaryFile -from typing import TYPE_CHECKING, Generator, List, Optional, Union +from typing import TYPE_CHECKING, Generator, List, Optional, Union, cast import idna from cryptography import x509 @@ -545,15 +545,13 @@ def configure_cert(self, ctx: Union[ssl.SSLContext, OpenSSL.SSL.Context]) -> Non with self.private_key_and_cert_chain_pem.tempfile() as path: ctx.load_cert_chain(path) elif _smells_like_pyopenssl(ctx): - from OpenSSL.crypto import FILETYPE_PEM, load_certificate, load_privatekey - - key = load_privatekey(FILETYPE_PEM, self.private_key_pem.bytes()) - ctx.use_privatekey(key) - cert = load_certificate(FILETYPE_PEM, self.cert_chain_pems[0].bytes()) - ctx.use_certificate(cert) + key = load_pem_private_key(self.private_key_pem.bytes(), None) + ctx.use_privatekey(key) # type: ignore[arg-type] + cert = x509.load_pem_x509_certificate(self.cert_chain_pems[0].bytes()) + ctx.use_certificate(cert) # type: ignore[arg-type] for pem in self.cert_chain_pems[1:]: - cert = load_certificate(FILETYPE_PEM, pem.bytes()) - ctx.add_extra_chain_cert(cert) + cert = x509.load_pem_x509_certificate(pem.bytes()) + ctx.add_extra_chain_cert(cert) # type: ignore[arg-type] else: raise TypeError( "unrecognized context type {!r}".format(ctx.__class__.__name__) diff --git a/test-requirements.txt b/test-requirements.txt index cc1a9ef..5555fa4 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -8,7 +8,7 @@ attrs==24.2.0 # via service-identity cffi==1.17.1 # via cryptography -coverage[toml]==7.6.4 +coverage[toml]==7.6.8 # via -r test-requirements.in cryptography==43.0.3 # via @@ -19,7 +19,7 @@ idna==3.10 # via -r test-requirements.in iniconfig==2.0.0 # via pytest -packaging==24.1 +packaging==24.2 # via pytest pluggy==1.5.0 # via pytest @@ -31,7 +31,7 @@ pyasn1-modules==0.4.1 # via service-identity pycparser==2.22 # via cffi -pyopenssl==24.2.1 +pyopenssl==24.3.0 # via -r test-requirements.in pytest==8.3.3 # via -r test-requirements.in