Mark many attributes as read-only properties (#7591)

stubs/cryptography/cryptography/hazmat/primitives/asymmetric/dh.pyi

@@ -30,7 +30,8 @@ class DHParameterNumbers:
     def parameters(self, backend: DHBackend | None = ...) -> DHParameters: ...
 
 class DHPrivateKey(metaclass=ABCMeta):
-    key_size: int
+    @property
+    def key_size(self) -> int: ...
     @abstractmethod
     def exchange(self, peer_public_key: DHPublicKey) -> bytes: ...
     @abstractmethod

stubs/cryptography/cryptography/hazmat/primitives/asymmetric/utils.pyi

@@ -7,4 +7,5 @@ class Prehashed:
     _algorithm: HashAlgorithm  # undocumented
     _digest_size: int  # undocumented
     def __init__(self, algorithm: HashAlgorithm) -> None: ...
-    digest_size: int
+    @property
+    def digest_size(self) -> int: ...

stubs/cryptography/cryptography/hazmat/primitives/hashes.pyi

@@ -2,12 +2,17 @@ from abc import ABCMeta, abstractmethod
 
 from cryptography.hazmat.backends.interfaces import HashBackend
 
+# These are actually abstractproperties on HashAlgorithm,
+# but let's not worry too much about that.
 class HashAlgorithm(metaclass=ABCMeta):
-    digest_size: int
-    name: str
+    @property
+    def digest_size(self) -> int: ...
+    @property
+    def name(self) -> str: ...
 
 class HashContext(metaclass=ABCMeta):
-    algorithm: HashAlgorithm
+    @property
+    def algorithm(self) -> HashAlgorithm: ...
     @abstractmethod
     def copy(self) -> HashContext: ...
     @abstractmethod

stubs/cryptography/cryptography/x509/__init__.pyi

@@ -15,7 +15,8 @@ from cryptography.hazmat.primitives.hashes import HashAlgorithm
 from cryptography.hazmat.primitives.serialization import Encoding
 
 class ObjectIdentifier:
-    dotted_string: str
+    @property
+    def dotted_string(self) -> str: ...
     def __init__(self, dotted_string: str) -> None: ...
 
 class CRLEntryExtensionOID:
@@ -108,7 +109,8 @@ class ExtendedKeyUsageOID:
 
 class NameAttribute:
     oid: ObjectIdentifier
-    value: str
+    @property
+    def value(self) -> str: ...
     def __init__(self, oid: ObjectIdentifier, value: str) -> None: ...
     def rfc4514_string(self) -> str: ...
 
@@ -119,7 +121,8 @@ class RelativeDistinguishedName:
     def rfc4514_string(self) -> str: ...
 
 class Name:
-    rdns: list[RelativeDistinguishedName]
+    @property
+    def rdns(self) -> list[RelativeDistinguishedName]: ...
     def __init__(self, attributes: Sequence[NameAttribute | RelativeDistinguishedName]) -> None: ...
     def __iter__(self) -> Generator[NameAttribute, None, None]: ...
     def __len__(self) -> int: ...
@@ -131,18 +134,31 @@ class Version(Enum):
     v1: int
     v3: int
 
+# These are actually abstractproperties on Certificate,
+# but let's not worry too much about that
 class Certificate(metaclass=ABCMeta):
-    extensions: Extensions
-    issuer: Name
-    not_valid_after: datetime.datetime
-    not_valid_before: datetime.datetime
-    serial_number: int
-    signature: bytes
-    signature_algorithm_oid: ObjectIdentifier
-    signature_hash_algorithm: HashAlgorithm
-    tbs_certificate_bytes: bytes
-    subject: Name
-    version: Version
+    @property
+    def extensions(self) -> Extensions: ...
+    @property
+    def issuer(self) -> Name: ...
+    @property
+    def not_valid_after(self) -> datetime.datetime: ...
+    @property
+    def not_valid_before(self) -> datetime.datetime: ...
+    @property
+    def serial_number(self) -> int: ...
+    @property
+    def signature(self) -> bytes: ...
+    @property
+    def signature_algorithm_oid(self) -> ObjectIdentifier: ...
+    @property
+    def signature_hash_algorithm(self) -> HashAlgorithm: ...
+    @property
+    def tbs_certificate_bytes(self) -> bytes: ...
+    @property
+    def subject(self) -> Name: ...
+    @property
+    def version(self) -> Version: ...
     @abstractmethod
     def fingerprint(self, algorithm: HashAlgorithm) -> bytes: ...
     @abstractmethod
@@ -178,14 +194,22 @@ class CertificateBuilder:
     def subject_name(self, name: Name) -> CertificateBuilder: ...
 
 class CertificateRevocationList(metaclass=ABCMeta):
-    extensions: Extensions
-    issuer: Name
-    last_update: datetime.datetime
-    next_update: datetime.datetime
-    signature: bytes
-    signature_algorithm_oid: ObjectIdentifier
-    signature_hash_algorithm: HashAlgorithm
-    tbs_certlist_bytes: bytes
+    @property
+    def extensions(self) -> Extensions: ...
+    @property
+    def issuer(self) -> Name: ...
+    @property
+    def last_update(self) -> datetime.datetime: ...
+    @property
+    def next_update(self) -> datetime.datetime: ...
+    @property
+    def signature(self) -> bytes: ...
+    @property
+    def signature_algorithm_oid(self) -> ObjectIdentifier: ...
+    @property
+    def signature_hash_algorithm(self) -> HashAlgorithm: ...
+    @property
+    def tbs_certlist_bytes(self) -> bytes: ...
     @abstractmethod
     def fingerprint(self, algorithm: HashAlgorithm) -> bytes: ...
     @abstractmethod
@@ -211,13 +235,20 @@ class CertificateRevocationListBuilder:
     ) -> CertificateRevocationList: ...
 
 class CertificateSigningRequest(metaclass=ABCMeta):
-    extensions: Extensions
-    is_signature_valid: bool
-    signature: bytes
-    signature_algorithm_oid: ObjectIdentifier
-    signature_hash_algorithm: HashAlgorithm
-    subject: Name
-    tbs_certrequest_bytes: bytes
+    @property
+    def extensions(self) -> Extensions: ...
+    @property
+    def is_signature_valid(self) -> bool: ...
+    @property
+    def signature(self) -> bytes: ...
+    @property
+    def signature_algorithm_oid(self) -> ObjectIdentifier: ...
+    @property
+    def signature_hash_algorithm(self) -> HashAlgorithm: ...
+    @property
+    def subject(self) -> Name: ...
+    @property
+    def tbs_certrequest_bytes(self) -> bytes: ...
     @abstractmethod
     def public_bytes(self, encoding: Encoding) -> bytes: ...
     @abstractmethod
@@ -234,9 +265,12 @@ class CertificateSigningRequestBuilder:
     ) -> CertificateSigningRequest: ...
 
 class RevokedCertificate(metaclass=ABCMeta):
-    extensions: Extensions
-    revocation_date: datetime.datetime
-    serial_number: int
+    @property
+    def extensions(self) -> Extensions: ...
+    @property
+    def revocation_date(self) -> datetime.datetime: ...
+    @property
+    def serial_number(self) -> int: ...
 
 class RevokedCertificateBuilder:
     def add_extension(self, extension: ExtensionType, critical: bool) -> RevokedCertificateBuilder: ...
@@ -247,35 +281,44 @@ class RevokedCertificateBuilder:
 # General Name Classes
 
 class GeneralName(metaclass=ABCMeta):
-    value: Any
+    @property
+    def value(self): ...
 
 class DirectoryName(GeneralName):
-    value: Name
+    @property
+    def value(self) -> Name: ...
     def __init__(self, value: Name) -> None: ...
 
 class DNSName(GeneralName):
-    value: str
+    @property
+    def value(self) -> str: ...
     def __init__(self, value: str) -> None: ...
 
 class IPAddress(GeneralName):
-    value: IPv4Address | IPv6Address | IPv4Network | IPv6Network
+    @property
+    def value(self) -> IPv4Address | IPv6Address | IPv4Network | IPv6Network: ...
     def __init__(self, value: IPv4Address | IPv6Address | IPv4Network | IPv6Network) -> None: ...
 
 class OtherName(GeneralName):
-    type_id: ObjectIdentifier
-    value: bytes
+    @property
+    def type_id(self) -> ObjectIdentifier: ...
+    @property
+    def value(self) -> bytes: ...
     def __init__(self, type_id: ObjectIdentifier, value: bytes) -> None: ...
 
 class RegisteredID(GeneralName):
-    value: ObjectIdentifier
+    @property
+    def value(self) -> ObjectIdentifier: ...
     def __init__(self, value: ObjectIdentifier) -> None: ...
 
 class RFC822Name(GeneralName):
-    value: str
+    @property
+    def value(self) -> str: ...
     def __init__(self, value: str) -> None: ...
 
 class UniformResourceIdentifier(GeneralName):
-    value: str
+    @property
+    def value(self) -> str: ...
     def __init__(self, value: str) -> None: ...
 
 # X.509 Extensions
@@ -286,9 +329,11 @@ class ExtensionType(metaclass=ABCMeta):
 _T = TypeVar("_T", bound=ExtensionType)
 
 class Extension(Generic[_T]):
-    critical: bool
+    @property
+    def critical(self) -> bool: ...
     oid: ObjectIdentifier
-    value: _T
+    @property
+    def value(self) -> _T: ...
 
 class Extensions:
     def __init__(self, general_names: list[Extension[Any]]) -> None: ...

stubs/cryptography/cryptography/x509/extensions.pyi

@@ -1,22 +1,26 @@
-from typing import Any, Iterator
+from collections.abc import Iterator
 
 from cryptography.x509 import GeneralName, ObjectIdentifier
 
 class Extension:
-    value: Any = ...
+    @property
+    def value(self): ...
 
 class GeneralNames:
     def __iter__(self) -> Iterator[GeneralName]: ...
 
 class DistributionPoint:
-    full_name: GeneralNames = ...
+    @property
+    def full_name(self) -> GeneralNames: ...
 
 class CRLDistributionPoints:
     def __iter__(self) -> Iterator[DistributionPoint]: ...
 
 class AccessDescription:
-    access_method: ObjectIdentifier = ...
-    access_location: GeneralName = ...
+    @property
+    def access_method(self) -> ObjectIdentifier: ...
+    @property
+    def access_location(self) -> GeneralName: ...
 
 class AuthorityInformationAccess:
     def __iter__(self) -> Iterator[AccessDescription]: ...