new black, actually slightly different than the old black

release.py

@@ -71,7 +71,9 @@ def download_artifacts_github_actions(session, token, run_url):
                     continue
                 p = z.open(name)
                 out_path = os.path.join(
-                    os.path.dirname(__file__), "dist", os.path.basename(name),
+                    os.path.dirname(__file__),
+                    "dist",
+                    os.path.basename(name),
                 )
                 with open(out_path, "wb") as f:
                     f.write(p.read())

src/cryptography/hazmat/backends/openssl/backend.py

@@ -399,7 +399,8 @@ def _register_default_ciphers(self):
                 SEED, mode_cls, GetCipherByName("seed-{mode.name}")
             )
         for cipher_cls, mode_cls in itertools.product(
-            [CAST5, IDEA], [CBC, OFB, CFB, ECB],
+            [CAST5, IDEA],
+            [CBC, OFB, CFB, ECB],
         ):
             self.register_cipher_adapter(
                 cipher_cls,

src/cryptography/hazmat/backends/openssl/encode_asn1.py

@@ -211,7 +211,8 @@ def _encode_certificate_policies(backend, certificate_policies):
                         backend, x509.OID_CPS_QUALIFIER.dotted_string
                     )
                     pqi.d.cpsuri = _encode_asn1_str(
-                        backend, qualifier.encode("ascii"),
+                        backend,
+                        qualifier.encode("ascii"),
                     )
                 else:
                     assert isinstance(qualifier, x509.UserNotice)
@@ -313,7 +314,10 @@ def _encode_authority_key_identifier(backend, authority_keyid):
     backend.openssl_assert(akid != backend._ffi.NULL)
     akid = backend._ffi.gc(akid, backend._lib.AUTHORITY_KEYID_free)
     if authority_keyid.key_identifier is not None:
-        akid.keyid = _encode_asn1_str(backend, authority_keyid.key_identifier,)
+        akid.keyid = _encode_asn1_str(
+            backend,
+            authority_keyid.key_identifier,
+        )
 
     if authority_keyid.authority_cert_issuer is not None:
         akid.issuer = _encode_general_names(

src/cryptography/hazmat/backends/openssl/rsa.py

@@ -448,7 +448,8 @@ def public_numbers(self):
         self._backend.openssl_assert(n[0] != self._backend._ffi.NULL)
         self._backend.openssl_assert(e[0] != self._backend._ffi.NULL)
         return rsa.RSAPublicNumbers(
-            e=self._backend._bn_to_int(e[0]), n=self._backend._bn_to_int(n[0]),
+            e=self._backend._bn_to_int(e[0]),
+            n=self._backend._bn_to_int(n[0]),
         )
 
     def public_bytes(self, encoding, format):

src/cryptography/hazmat/primitives/serialization/ssh.py

@@ -95,22 +95,19 @@ def _ssh_pem_encode(data, prefix=_SK_START + b"\n", suffix=_SK_END + b"\n"):
 
 
 def _check_block_size(data, block_len):
-    """Require data to be full blocks
-    """
+    """Require data to be full blocks"""
     if not data or len(data) % block_len != 0:
         raise ValueError("Corrupt data: missing padding")
 
 
 def _check_empty(data):
-    """All data should have been parsed.
-    """
+    """All data should have been parsed."""
     if data:
         raise ValueError("Corrupt data: unparsed data")
 
 
 def _init_cipher(ciphername, password, salt, rounds, backend):
-    """Generate key + iv and return cipher.
-    """
+    """Generate key + iv and return cipher."""
     if not password:
         raise ValueError("Key is password-protected.")
 
@@ -150,8 +147,7 @@ def _get_mpint(data):
 
 
 def _to_mpint(val):
-    """Storage format for signed bigint.
-    """
+    """Storage format for signed bigint."""
     if val < 0:
         raise ValueError("negative mpint not allowed")
     if not val:
@@ -161,8 +157,7 @@ def _to_mpint(val):
 
 
 class _FragList(object):
-    """Build recursive structure without data copy.
-    """
+    """Build recursive structure without data copy."""
 
     def __init__(self, init=None):
         self.flist = []
@@ -462,8 +457,7 @@ def encode_private(self, private_key, f_priv):
 
 
 def _lookup_kformat(key_type):
-    """Return valid format or throw error
-    """
+    """Return valid format or throw error"""
     if not isinstance(key_type, bytes):
         key_type = memoryview(key_type).tobytes()
     if key_type in _KEY_FORMATS:
@@ -472,8 +466,7 @@ def _lookup_kformat(key_type):
 
 
 def load_ssh_private_key(data, password, backend=None):
-    """Load private key from OpenSSH custom encoding.
-    """
+    """Load private key from OpenSSH custom encoding."""
     utils._check_byteslike("data", data)
     backend = _get_backend(backend)
     if password is not None:
@@ -547,8 +540,7 @@ def load_ssh_private_key(data, password, backend=None):
 
 
 def serialize_ssh_private_key(private_key, password=None):
-    """Serialize private key with OpenSSH custom encoding.
-    """
+    """Serialize private key with OpenSSH custom encoding."""
     if password is not None:
         utils._check_bytes("password", password)
     if password and len(password) > _MAX_PASSWORD:
@@ -627,8 +619,7 @@ def serialize_ssh_private_key(private_key, password=None):
 
 
 def load_ssh_public_key(data, backend=None):
-    """Load public key from OpenSSH one-line format.
-    """
+    """Load public key from OpenSSH one-line format."""
     backend = _get_backend(backend)
     utils._check_byteslike("data", data)
 
@@ -671,8 +662,7 @@ def load_ssh_public_key(data, backend=None):
 
 
 def serialize_ssh_public_key(public_key):
-    """One-line public key format for OpenSSH
-    """
+    """One-line public key format for OpenSSH"""
     if isinstance(public_key, ec.EllipticCurvePublicKey):
         key_type = _ecdsa_key_type(public_key)
     elif isinstance(public_key, rsa.RSAPublicKey):

src/cryptography/x509/extensions.py

@@ -38,7 +38,8 @@
 def _key_identifier_from_public_key(public_key):
     if isinstance(public_key, RSAPublicKey):
         data = public_key.public_bytes(
-            serialization.Encoding.DER, serialization.PublicFormat.PKCS1,
+            serialization.Encoding.DER,
+            serialization.PublicFormat.PKCS1,
         )
     elif isinstance(public_key, EllipticCurvePublicKey):
         data = public_key.public_bytes(

src/cryptography/x509/ocsp.py

@@ -221,7 +221,10 @@ def add_response(
             revocation_reason,
         )
         return OCSPResponseBuilder(
-            singleresp, self._responder_id, self._certs, self._extensions,
+            singleresp,
+            self._responder_id,
+            self._certs,
+            self._extensions,
         )
 
     def responder_id(self, encoding, responder_cert):
@@ -250,7 +253,10 @@ def certificates(self, certs):
         if not all(isinstance(x, x509.Certificate) for x in certs):
             raise TypeError("certs must be a list of Certificates")
         return OCSPResponseBuilder(
-            self._response, self._responder_id, certs, self._extensions,
+            self._response,
+            self._responder_id,
+            certs,
+            self._extensions,
         )
 
     def add_extension(self, extension, critical):

tests/hazmat/backends/test_openssl.py

@@ -91,7 +91,11 @@ def test_nonexistent_cipher(self, mode):
             type(mode),
             lambda backend, cipher, mode: backend._ffi.NULL,
         )
-        cipher = Cipher(DummyCipherAlgorithm(), mode, backend=b,)
+        cipher = Cipher(
+            DummyCipherAlgorithm(),
+            mode,
+            backend=b,
+        )
         with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER):
             cipher.encryptor()
 

tests/hazmat/backends/test_openssl_memleak.py

@@ -135,7 +135,10 @@ def assert_no_memory_leaks(s, argv=[]):
     # Shell out to a fresh Python process because OpenSSL does not allow you to
     # install new memory hooks after the first malloc/free occurs.
     proc = subprocess.Popen(
-        argv, env=env, stdout=subprocess.PIPE, stderr=subprocess.PIPE,
+        argv,
+        env=env,
+        stdout=subprocess.PIPE,
+        stderr=subprocess.PIPE,
     )
     try:
         proc.wait()

tests/hazmat/primitives/test_block.py

@@ -136,10 +136,12 @@ def test_incorrectly_padded(self, backend):
 @pytest.mark.requires_backend_interface(interface=CipherBackend)
 class TestAEADCipherContext(object):
     test_aead_exceptions = generate_aead_exception_test(
-        algorithms.AES, modes.GCM,
+        algorithms.AES,
+        modes.GCM,
     )
     test_aead_tag_exceptions = generate_aead_tag_exception_test(
-        algorithms.AES, modes.GCM,
+        algorithms.AES,
+        modes.GCM,
     )
 
 
@@ -148,31 +150,41 @@ class TestModeValidation(object):
     def test_cbc(self, backend):
         with pytest.raises(ValueError):
             Cipher(
-                algorithms.AES(b"\x00" * 16), modes.CBC(b"abc"), backend,
+                algorithms.AES(b"\x00" * 16),
+                modes.CBC(b"abc"),
+                backend,
             )
 
     def test_ofb(self, backend):
         with pytest.raises(ValueError):
             Cipher(
-                algorithms.AES(b"\x00" * 16), modes.OFB(b"abc"), backend,
+                algorithms.AES(b"\x00" * 16),
+                modes.OFB(b"abc"),
+                backend,
             )
 
     def test_cfb(self, backend):
         with pytest.raises(ValueError):
             Cipher(
-                algorithms.AES(b"\x00" * 16), modes.CFB(b"abc"), backend,
+                algorithms.AES(b"\x00" * 16),
+                modes.CFB(b"abc"),
+                backend,
             )
 
     def test_cfb8(self, backend):
         with pytest.raises(ValueError):
             Cipher(
-                algorithms.AES(b"\x00" * 16), modes.CFB8(b"abc"), backend,
+                algorithms.AES(b"\x00" * 16),
+                modes.CFB8(b"abc"),
+                backend,
             )
 
     def test_ctr(self, backend):
         with pytest.raises(ValueError):
             Cipher(
-                algorithms.AES(b"\x00" * 16), modes.CTR(b"abc"), backend,
+                algorithms.AES(b"\x00" * 16),
+                modes.CTR(b"abc"),
+                backend,
             )
 
     def test_gcm(self):

tests/hazmat/primitives/test_dh.py

@@ -654,7 +654,8 @@ def test_public_bytes_match(
         )
         pub_key = loader_func(key_bytes, backend)
         serialized = pub_key.public_bytes(
-            encoding, serialization.PublicFormat.SubjectPublicKeyInfo,
+            encoding,
+            serialization.PublicFormat.SubjectPublicKeyInfo,
         )
         assert serialized == key_bytes
 
@@ -780,7 +781,8 @@ def test_parameter_bytes_match(
         )
         parameters = loader_func(param_bytes, backend)
         serialized = parameters.parameter_bytes(
-            encoding, serialization.ParameterFormat.PKCS3,
+            encoding,
+            serialization.ParameterFormat.PKCS3,
         )
         assert serialized == param_bytes
 

tests/hazmat/primitives/test_dsa.py

@@ -936,7 +936,8 @@ def test_public_bytes_match(
         )
         key = loader_func(key_bytes, backend)
         serialized = key.public_bytes(
-            encoding, serialization.PublicFormat.SubjectPublicKeyInfo,
+            encoding,
+            serialization.PublicFormat.SubjectPublicKeyInfo,
         )
         assert serialized == key_bytes
 

tests/hazmat/primitives/test_ec.py

@@ -951,7 +951,8 @@ def test_public_bytes_match(
         )
         key = loader_func(key_bytes, backend)
         serialized = key.public_bytes(
-            encoding, serialization.PublicFormat.SubjectPublicKeyInfo,
+            encoding,
+            serialization.PublicFormat.SubjectPublicKeyInfo,
         )
         assert serialized == key_bytes