Implement fixes to ruff check --preview

src/cryptography/fernet.py

@@ -9,6 +9,7 @@
 import os
 import time
 import typing
+from collections.abc import Iterable
 
 from cryptography import utils
 from cryptography.exceptions import InvalidSignature
@@ -168,7 +169,7 @@ def _decrypt_data(
 
 
 class MultiFernet:
-    def __init__(self, fernets: typing.Iterable[Fernet]):
+    def __init__(self, fernets: Iterable[Fernet]):
         fernets = list(fernets)
         if not fernets:
             raise ValueError(

src/cryptography/hazmat/bindings/_rust/ocsp.pyi

@@ -3,7 +3,7 @@
 # for complete details.
 
 import datetime
-import typing
+from collections.abc import Iterator
 
 from cryptography import x509
 from cryptography.hazmat.primitives import hashes, serialization
@@ -25,7 +25,7 @@ class OCSPRequest:
 
 class OCSPResponse:
     @property
-    def responses(self) -> typing.Iterator[OCSPSingleResponse]: ...
+    def responses(self) -> Iterator[OCSPSingleResponse]: ...
     @property
     def response_status(self) -> ocsp.OCSPResponseStatus: ...
     @property

src/cryptography/hazmat/bindings/_rust/pkcs12.pyi

@@ -3,6 +3,7 @@
 # for complete details.
 
 import typing
+from collections.abc import Iterable
 
 from cryptography import x509
 from cryptography.hazmat.primitives.asymmetric.types import PrivateKeyTypes
@@ -41,6 +42,6 @@ def serialize_key_and_certificates(
     name: bytes | None,
     key: PKCS12PrivateKeyTypes | None,
     cert: x509.Certificate | None,
-    cas: typing.Iterable[x509.Certificate | PKCS12Certificate] | None,
+    cas: Iterable[x509.Certificate | PKCS12Certificate] | None,
     encryption_algorithm: KeySerializationEncryption,
 ) -> bytes: ...

src/cryptography/hazmat/bindings/_rust/pkcs7.pyi

@@ -2,7 +2,7 @@
 # 2.0, and the BSD License. See the LICENSE file in the root of this repository
 # for complete details.
 
-import typing
+from collections.abc import Iterable
 
 from cryptography import x509
 from cryptography.hazmat.primitives import serialization
@@ -17,30 +17,30 @@ def encrypt_and_serialize(
     builder: pkcs7.PKCS7EnvelopeBuilder,
     content_encryption_algorithm: pkcs7.ContentEncryptionAlgorithm,
     encoding: serialization.Encoding,
-    options: typing.Iterable[pkcs7.PKCS7Options],
+    options: Iterable[pkcs7.PKCS7Options],
 ) -> bytes: ...
 def sign_and_serialize(
     builder: pkcs7.PKCS7SignatureBuilder,
     encoding: serialization.Encoding,
-    options: typing.Iterable[pkcs7.PKCS7Options],
+    options: Iterable[pkcs7.PKCS7Options],
 ) -> bytes: ...
 def decrypt_der(
     data: bytes,
     certificate: x509.Certificate,
     private_key: rsa.RSAPrivateKey,
-    options: typing.Iterable[pkcs7.PKCS7Options],
+    options: Iterable[pkcs7.PKCS7Options],
 ) -> bytes: ...
 def decrypt_pem(
     data: bytes,
     certificate: x509.Certificate,
     private_key: rsa.RSAPrivateKey,
-    options: typing.Iterable[pkcs7.PKCS7Options],
+    options: Iterable[pkcs7.PKCS7Options],
 ) -> bytes: ...
 def decrypt_smime(
     data: bytes,
     certificate: x509.Certificate,
     private_key: rsa.RSAPrivateKey,
-    options: typing.Iterable[pkcs7.PKCS7Options],
+    options: Iterable[pkcs7.PKCS7Options],
 ) -> bytes: ...
 def load_pem_pkcs7_certificates(
     data: bytes,

src/cryptography/hazmat/bindings/_rust/x509.pyi

@@ -4,6 +4,7 @@
 
 import datetime
 import typing
+from collections.abc import Iterator
 
 from cryptography import x509
 from cryptography.hazmat.primitives import hashes, serialization
@@ -108,7 +109,7 @@ class Certificate:
     @property
     def signature_algorithm_parameters(
         self,
-    ) -> None | PSS | PKCS1v15 | ECDSA: ...
+    ) -> PSS | PKCS1v15 | ECDSA | None: ...
     @property
     def extensions(self) -> x509.Extensions: ...
     @property
@@ -139,7 +140,7 @@ class CertificateRevocationList:
     @property
     def signature_algorithm_parameters(
         self,
-    ) -> None | PSS | PKCS1v15 | ECDSA: ...
+    ) -> PSS | PKCS1v15 | ECDSA | None: ...
     @property
     def issuer(self) -> x509.Name: ...
     @property
@@ -162,7 +163,7 @@ class CertificateRevocationList:
     def __getitem__(self, idx: int) -> x509.RevokedCertificate: ...
     @typing.overload
     def __getitem__(self, idx: slice) -> list[x509.RevokedCertificate]: ...
-    def __iter__(self) -> typing.Iterator[x509.RevokedCertificate]: ...
+    def __iter__(self) -> Iterator[x509.RevokedCertificate]: ...
     def is_signature_valid(
         self, public_key: CertificateIssuerPublicKeyTypes
     ) -> bool: ...
@@ -182,7 +183,7 @@ class CertificateSigningRequest:
     @property
     def signature_algorithm_parameters(
         self,
-    ) -> None | PSS | PKCS1v15 | ECDSA: ...
+    ) -> PSS | PKCS1v15 | ECDSA | None: ...
     @property
     def extensions(self) -> x509.Extensions: ...
     @property

src/cryptography/hazmat/bindings/openssl/binding.py

@@ -10,6 +10,7 @@
 import types
 import typing
 import warnings
+from collections.abc import Callable
 
 import cryptography
 from cryptography.exceptions import InternalError
@@ -35,7 +36,7 @@ def _openssl_assert(ok: bool) -> None:
 
 def build_conditional_library(
     lib: typing.Any,
-    conditional_names: dict[str, typing.Callable[[], list[str]]],
+    conditional_names: dict[str, Callable[[], list[str]]],
 ) -> typing.Any:
     conditional_lib = types.ModuleType("lib")
     conditional_lib._original_lib = lib  # type: ignore[attr-defined]

src/cryptography/hazmat/primitives/ciphers/base.py

@@ -134,9 +134,9 @@ def decryptor(self):
     typing.Union[
         modes.ModeWithNonce,
         modes.ModeWithTweak,
-        None,
         modes.ECB,
         modes.ModeWithInitializationVector,
+        None,
     ]
 ]
 

src/cryptography/hazmat/primitives/kdf/concatkdf.py

@@ -5,6 +5,7 @@
 from __future__ import annotations
 
 import typing
+from collections.abc import Callable
 
 from cryptography import utils
 from cryptography.exceptions import AlreadyFinalized, InvalidKey
@@ -31,7 +32,7 @@ def _common_args_checks(
 def _concatkdf_derive(
     key_material: bytes,
     length: int,
-    auxfn: typing.Callable[[], hashes.HashContext],
+    auxfn: Callable[[], hashes.HashContext],
     otherinfo: bytes,
 ) -> bytes:
     utils._check_byteslike("key_material", key_material)

src/cryptography/hazmat/primitives/kdf/kbkdf.py

@@ -5,6 +5,7 @@
 from __future__ import annotations
 
 import typing
+from collections.abc import Callable
 
 from cryptography import utils
 from cryptography.exceptions import (
@@ -36,7 +37,7 @@ class CounterLocation(utils.Enum):
 class _KBKDFDeriver:
     def __init__(
         self,
-        prf: typing.Callable,
+        prf: Callable,
         mode: Mode,
         length: int,
         rlen: int,

src/cryptography/hazmat/primitives/padding.py

@@ -5,7 +5,7 @@
 from __future__ import annotations
 
 import abc
-import typing
+from collections.abc import Callable
 
 from cryptography import utils
 from cryptography.exceptions import AlreadyFinalized
@@ -59,7 +59,7 @@ def _byte_padding_update(
 def _byte_padding_pad(
     buffer_: bytes | None,
     block_size: int,
-    paddingfn: typing.Callable[[int], bytes],
+    paddingfn: Callable[[int], bytes],
 ) -> bytes:
     if buffer_ is None:
         raise AlreadyFinalized("Context was already finalized.")
@@ -89,7 +89,7 @@ def _byte_unpadding_update(
 def _byte_unpadding_check(
     buffer_: bytes | None,
     block_size: int,
-    checkfn: typing.Callable[[bytes], int],
+    checkfn: Callable[[bytes], int],
 ) -> bytes:
     if buffer_ is None:
         raise AlreadyFinalized("Context was already finalized.")

src/cryptography/hazmat/primitives/serialization/pkcs12.py

@@ -5,6 +5,7 @@
 from __future__ import annotations
 
 import typing
+from collections.abc import Iterable
 
 from cryptography import x509
 from cryptography.hazmat.bindings._rust import pkcs12 as rust_pkcs12
@@ -122,7 +123,7 @@ def serialize_key_and_certificates(
     name: bytes | None,
     key: PKCS12PrivateKeyTypes | None,
     cert: x509.Certificate | None,
-    cas: typing.Iterable[_PKCS12CATypes] | None,
+    cas: Iterable[_PKCS12CATypes] | None,
     encryption_algorithm: serialization.KeySerializationEncryption,
 ) -> bytes:
     if key is not None and not isinstance(

src/cryptography/hazmat/primitives/serialization/pkcs7.py

@@ -10,6 +10,7 @@
 import email.policy
 import io
 import typing
+from collections.abc import Iterable
 
 from cryptography import utils, x509
 from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
@@ -133,7 +134,7 @@ def add_certificate(
     def sign(
         self,
         encoding: serialization.Encoding,
-        options: typing.Iterable[PKCS7Options],
+        options: Iterable[PKCS7Options],
         backend: typing.Any = None,
     ) -> bytes:
         if len(self._signers) == 0:
@@ -258,7 +259,7 @@ def set_content_encryption_algorithm(
     def encrypt(
         self,
         encoding: serialization.Encoding,
-        options: typing.Iterable[PKCS7Options],
+        options: Iterable[PKCS7Options],
     ) -> bytes:
         if len(self._recipients) == 0:
             raise ValueError("Must have at least one recipient")

src/cryptography/utils.py

@@ -7,8 +7,8 @@
 import enum
 import sys
 import types
-import typing
 import warnings
+from collections.abc import Callable, Sequence
 
 
 # We use a UserWarning subclass, instead of DeprecationWarning, because CPython
@@ -81,7 +81,7 @@ def __delattr__(self, attr: str) -> None:
 
         delattr(self._module, attr)
 
-    def __dir__(self) -> typing.Sequence[str]:
+    def __dir__(self) -> Sequence[str]:
         return ["_module", *dir(self._module)]
 
 
@@ -102,7 +102,7 @@ def deprecated(
     return dv
 
 
-def cached_property(func: typing.Callable) -> property:
+def cached_property(func: Callable) -> property:
     cached_name = f"_cached_{func}"
     sentinel = object()
 

src/cryptography/x509/base.py

@@ -9,6 +9,7 @@
 import os
 import typing
 import warnings
+from collections.abc import Iterable
 
 from cryptography import utils
 from cryptography.hazmat.bindings._rust import x509 as rust_x509
@@ -131,7 +132,7 @@ def __hash__(self) -> int:
 class Attributes:
     def __init__(
         self,
-        attributes: typing.Iterable[Attribute],
+        attributes: Iterable[Attribute],
     ) -> None:
         self._attributes = list(attributes)