Complete removal of py2 (#5533)

* Drop Python 2

* Black everything

setup.py

@@ -77,7 +77,7 @@
         ),
         include_package_data=True,
         python_requires=">=3.6",
-        install_requires=["six >= 1.4.1"] + setup_requirements,
+        install_requires=setup_requirements,
         setup_requires=setup_requirements,
         extras_require={
             "test": [

src/cryptography/fernet.py

@@ -9,8 +9,6 @@
 import struct
 import time
 
-import six
-
 from cryptography import utils
 from cryptography.exceptions import InvalidSignature
 from cryptography.hazmat.backends import _get_backend
@@ -96,7 +94,7 @@ def _get_unverified_token_data(token):
         except (TypeError, binascii.Error):
             raise InvalidToken
 
-        if not data or six.indexbytes(data, 0) != 0x80:
+        if not data or data[0] != 0x80:
             raise InvalidToken
 
         try:

src/cryptography/hazmat/_der.py

@@ -3,8 +3,6 @@
 # for complete details.
 
 
-import six
-
 from cryptography.utils import int_to_bytes
 
 
@@ -52,7 +50,7 @@ def check_empty(self):
     def read_byte(self):
         if len(self.data) < 1:
             raise ValueError("Invalid DER input: insufficient data")
-        ret = six.indexbytes(self.data, 0)
+        ret = self.data[0]
         self.data = self.data[1:]
         return ret
 
@@ -110,20 +108,20 @@ def read_single_element(self, expected_tag):
             return self.read_element(expected_tag)
 
     def read_optional_element(self, expected_tag):
-        if len(self.data) > 0 and six.indexbytes(self.data, 0) == expected_tag:
+        if len(self.data) > 0 and self.data[0] == expected_tag:
             return self.read_element(expected_tag)
         return None
 
     def as_integer(self):
         if len(self.data) == 0:
             raise ValueError("Invalid DER input: empty integer contents")
-        first = six.indexbytes(self.data, 0)
+        first = self.data[0]
         if first & 0x80 == 0x80:
             raise ValueError("Negative DER integers are not supported")
         # The first 9 bits must not all be zero or all be ones. Otherwise, the
         # encoding should have been one byte shorter.
         if len(self.data) > 1:
-            second = six.indexbytes(self.data, 1)
+            second = self.data[1]
             if first == 0 and second & 0x80 == 0:
                 raise ValueError(
                     "Invalid DER input: integer not minimally-encoded"
@@ -132,7 +130,7 @@ def as_integer(self):
 
 
 def encode_der_integer(x):
-    if not isinstance(x, six.integer_types):
+    if not isinstance(x, int):
         raise ValueError("Value must be an integer")
     if x < 0:
         raise ValueError("Negative integers are not supported")
@@ -144,12 +142,12 @@ def encode_der(tag, *children):
     length = 0
     for child in children:
         length += len(child)
-    chunks = [six.int2byte(tag)]
+    chunks = [bytes([tag])]
     if length < 0x80:
-        chunks.append(six.int2byte(length))
+        chunks.append(bytes([length]))
     else:
         length_bytes = int_to_bytes(length)
-        chunks.append(six.int2byte(0x80 | len(length_bytes)))
+        chunks.append(bytes([0x80 | len(length_bytes)]))
         chunks.append(length_bytes)
     chunks.extend(children)
     return b"".join(chunks)

src/cryptography/hazmat/backends/interfaces.py

@@ -5,11 +5,8 @@
 
 import abc
 
-import six
 
-
-@six.add_metaclass(abc.ABCMeta)
-class CipherBackend(object):
+class CipherBackend(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def cipher_supported(self, cipher, mode):
         """
@@ -29,8 +26,7 @@ def create_symmetric_decryption_ctx(self, cipher, mode):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class HashBackend(object):
+class HashBackend(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def hash_supported(self, algorithm):
         """
@@ -44,8 +40,7 @@ def create_hash_ctx(self, algorithm):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class HMACBackend(object):
+class HMACBackend(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def hmac_supported(self, algorithm):
         """
@@ -60,8 +55,7 @@ def create_hmac_ctx(self, key, algorithm):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class CMACBackend(object):
+class CMACBackend(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def cmac_algorithm_supported(self, algorithm):
         """
@@ -75,8 +69,7 @@ def create_cmac_ctx(self, algorithm):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class PBKDF2HMACBackend(object):
+class PBKDF2HMACBackend(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def pbkdf2_hmac_supported(self, algorithm):
         """
@@ -93,8 +86,7 @@ def derive_pbkdf2_hmac(
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class RSABackend(object):
+class RSABackend(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def generate_rsa_private_key(self, public_exponent, key_size):
         """
@@ -128,8 +120,7 @@ def load_rsa_public_numbers(self, numbers):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class DSABackend(object):
+class DSABackend(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def generate_dsa_parameters(self, key_size):
         """
@@ -180,8 +171,7 @@ def load_dsa_parameter_numbers(self, numbers):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class EllipticCurveBackend(object):
+class EllipticCurveBackend(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def elliptic_curve_signature_algorithm_supported(
         self, signature_algorithm, curve
@@ -228,8 +218,7 @@ def derive_elliptic_curve_private_key(self, private_value, curve):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class PEMSerializationBackend(object):
+class PEMSerializationBackend(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def load_pem_private_key(self, data, password):
         """
@@ -250,8 +239,7 @@ def load_pem_parameters(self, data):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class DERSerializationBackend(object):
+class DERSerializationBackend(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def load_der_private_key(self, data, password):
         """
@@ -272,8 +260,7 @@ def load_der_parameters(self, data):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class X509Backend(object):
+class X509Backend(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def load_pem_x509_certificate(self, data):
         """
@@ -331,8 +318,7 @@ def x509_name_bytes(self, name):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class DHBackend(object):
+class DHBackend(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def generate_dh_parameters(self, generator, key_size):
         """
@@ -386,8 +372,7 @@ def dh_x942_serialization_supported(self):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class ScryptBackend(object):
+class ScryptBackend(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def derive_scrypt(self, key_material, salt, length, n, r, p):
         """

src/cryptography/hazmat/backends/openssl/backend.py

@@ -9,8 +9,6 @@
 import warnings
 from contextlib import contextmanager
 
-from six.moves import range
-
 from cryptography import utils, x509
 from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
 from cryptography.hazmat._der import (

src/cryptography/hazmat/backends/openssl/decode_asn1.py

@@ -6,8 +6,6 @@
 import datetime
 import ipaddress
 
-import six
-
 from cryptography import x509
 from cryptography.hazmat._der import DERReader, INTEGER, NULL, SEQUENCE
 from cryptography.x509.extensions import _TLS_FEATURE_TYPE_TO_ENUM
@@ -594,7 +592,7 @@ def _decode_dist_points(backend, cdps):
 def _decode_reasons(backend, reasons):
     # We will check each bit from RFC 5280
     enum_reasons = []
-    for bit_position, reason in six.iteritems(_REASON_BIT_MAPPING):
+    for bit_position, reason in _REASON_BIT_MAPPING.items():
         if backend._lib.ASN1_BIT_STRING_get_bit(reasons, bit_position):
             enum_reasons.append(reason)
 

src/cryptography/hazmat/backends/openssl/encode_asn1.py

@@ -6,8 +6,6 @@
 import calendar
 import ipaddress
 
-import six
-
 from cryptography import utils, x509
 from cryptography.hazmat.backends.openssl.decode_asn1 import (
     _CRL_ENTRY_REASON_ENUM_TO_CODE,
@@ -205,7 +203,7 @@ def _encode_certificate_policies(backend, certificate_policies):
                 backend.openssl_assert(pqi != backend._ffi.NULL)
                 res = backend._lib.sk_POLICYQUALINFO_push(pqis, pqi)
                 backend.openssl_assert(res >= 1)
-                if isinstance(qualifier, six.text_type):
+                if isinstance(qualifier, str):
                     pqi.pqualid = _txt2obj(
                         backend, x509.OID_CPS_QUALIFIER.dotted_string
                     )

src/cryptography/hazmat/primitives/asymmetric/__init__.py

@@ -5,11 +5,8 @@
 
 import abc
 
-import six
 
-
-@six.add_metaclass(abc.ABCMeta)
-class AsymmetricSignatureContext(object):
+class AsymmetricSignatureContext(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def update(self, data):
         """
@@ -23,8 +20,7 @@ def finalize(self):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class AsymmetricVerificationContext(object):
+class AsymmetricVerificationContext(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def update(self, data):
         """

src/cryptography/hazmat/primitives/asymmetric/dh.py

@@ -5,8 +5,6 @@
 
 import abc
 
-import six
-
 from cryptography import utils
 from cryptography.hazmat.backends import _get_backend
 
@@ -21,7 +19,7 @@ def generate_parameters(generator, key_size, backend=None):
 
 class DHPrivateNumbers(object):
     def __init__(self, x, public_numbers):
-        if not isinstance(x, six.integer_types):
+        if not isinstance(x, int):
             raise TypeError("x must be an integer.")
 
         if not isinstance(public_numbers, DHPublicNumbers):
@@ -54,7 +52,7 @@ def private_key(self, backend=None):
 
 class DHPublicNumbers(object):
     def __init__(self, y, parameter_numbers):
-        if not isinstance(y, six.integer_types):
+        if not isinstance(y, int):
             raise TypeError("y must be an integer.")
 
         if not isinstance(parameter_numbers, DHParameterNumbers):
@@ -87,11 +85,9 @@ def public_key(self, backend=None):
 
 class DHParameterNumbers(object):
     def __init__(self, p, g, q=None):
-        if not isinstance(p, six.integer_types) or not isinstance(
-            g, six.integer_types
-        ):
+        if not isinstance(p, int) or not isinstance(g, int):
             raise TypeError("p and g must be integers")
-        if q is not None and not isinstance(q, six.integer_types):
+        if q is not None and not isinstance(q, int):
             raise TypeError("q must be integer or None")
 
         if g < 2:
@@ -126,8 +122,7 @@ def parameters(self, backend=None):
     q = utils.read_only_property("_q")
 
 
-@six.add_metaclass(abc.ABCMeta)
-class DHParameters(object):
+class DHParameters(metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def generate_private_key(self):
         """
@@ -150,8 +145,7 @@ def parameter_numbers(self):
 DHParametersWithSerialization = DHParameters
 
 
-@six.add_metaclass(abc.ABCMeta)
-class DHPrivateKey(object):
+class DHPrivateKey(metaclass=abc.ABCMeta):
     @abc.abstractproperty
     def key_size(self):
         """
@@ -178,8 +172,7 @@ def exchange(self, peer_public_key):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class DHPrivateKeyWithSerialization(DHPrivateKey):
+class DHPrivateKeyWithSerialization(DHPrivateKey, metaclass=abc.ABCMeta):
     @abc.abstractmethod
     def private_numbers(self):
         """
@@ -193,8 +186,7 @@ def private_bytes(self, encoding, format, encryption_algorithm):
         """
 
 
-@six.add_metaclass(abc.ABCMeta)
-class DHPublicKey(object):
+class DHPublicKey(metaclass=abc.ABCMeta):
     @abc.abstractproperty
     def key_size(self):
         """