python-nss-ng 1.0.2__tar.gz → 1.0.5__tar.gz

{python_nss_ng-1.0.2 → python_nss_ng-1.0.5}/Makefile

@@ -4,8 +4,8 @@
 # Makefile for python-nss-ng
 # Handles NSS/NSPR dependencies and environment setup for CI builds
 
-.PHONY: help deps-nss deps-test deps-build clean env-setup \
-        env-github-actions
+.PHONY: help deps-nss deps-test deps-test-system deps-build clean \
+        env-setup env-github-actions
 
 # Default target
 help:
@@ -13,7 +13,8 @@ help:
 	@echo ""
 	@echo "Targets:"
 	@echo "  deps-nss           - Build and install NSS/NSPR from source"
-	@echo "  deps-test          - Install test dependencies (meson/ninja)"
+	@echo "  deps-test-system   - Install system test deps (apt only)"
+	@echo "  deps-test          - Install all test dependencies (apt+pip)"
 	@echo "  deps-build         - Install build dependencies"
 	@echo "  env-setup          - Set up environment variables"
 	@echo "  env-github-actions - Export env vars to GitHub Actions"
@@ -50,13 +51,23 @@ deps-nss:
 	INSTALL_PREFIX=$(INSTALL_PREFIX) \
 	./.github/scripts/install-nss.sh
 
-# Install test dependencies (for test jobs)
-deps-test:
-	@echo "Installing test dependencies..."
+# Install system-level test dependencies only (apt packages)
+# Use this target in CI *before* actions/setup-python so that pip installs
+# are handled by the correct (hostedtoolcache) Python interpreter.
+deps-test-system:
+	@echo "Installing system-level test dependencies..."
 ifeq ($(PLATFORM),linux)
 	sudo apt-get update || true
 	sudo apt-get install -y meson ninja-build || true
 endif
+
+# Install test dependencies (for test jobs)
+# NOTE: This target runs pip install and should only be called *after*
+# actions/setup-python so that packages are installed into the correct
+# Python environment. If called with the system Python when a different
+# Python will run the tests, imports will fail at test time.
+deps-test: deps-test-system
+	@echo "Installing pip test dependencies..."
 	python -m pip install --upgrade pip || true
 	python -m pip install meson-python meson ninja pytest pytest-cov pytest-timeout pytest-xdist hypothesis mypy || true
 

{python_nss_ng-1.0.2 → python_nss_ng-1.0.5}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: python-nss-ng
-Version: 1.0.2
+Version: 1.0.5
 Summary: Python bindings for Network Security Services (NSS) and Netscape Portable Runtime (NSPR)
 Keywords: nss,nspr,cryptography,ssl,tls,pki,x509,security
 Author-Email: John Dennis <jdennis@redhat.com>, Matthew Watkins <mwatkins@linuxfoundation.org>
@@ -64,7 +64,7 @@ SPDX-FileCopyrightText: 2025 The Linux Foundation
 
 [![Platform Compatibility](https://github.com/ModeSevenIndustrialSolutions/python-nss-ng/actions/workflows/compatibility.yaml/badge.svg)](https://github.com/ModeSevenIndustrialSolutions/python-nss-ng/actions/workflows/compatibility.yaml)
 [![CI/CD Pipeline](https://github.com/ModeSevenIndustrialSolutions/python-nss-ng/actions/workflows/build-test.yaml/badge.svg)](https://github.com/ModeSevenIndustrialSolutions/python-nss-ng/actions/workflows/build-test.yaml)
-[![Python 3.9+](https://img.shields.io/badge/python-3.9+-blue.svg)](https://www.python.org/downloads/)
+[![Python 3.10+](https://img.shields.io/badge/python-3.10+-blue.svg)](https://www.python.org/downloads/)
 [![License: MPL-2.0](https://img.shields.io/badge/License-MPL%202.0-brightgreen.svg)](https://opensource.org/licenses/MPL-2.0)
 
 Python bindings for Network Security Services (NSS) and Netscape Portable
@@ -99,7 +99,7 @@ and build standards:
 
 ### Changes Made
 
-- **Python Support**: Now supports Python 3.9, 3.10, 3.11, 3.12, 3.13, and 3.14
+- **Python Support**: Now supports Python 3.10, 3.11, 3.12, 3.13, and 3.14
 - **Build System**: Migrated from legacy `distutils` to modern `setuptools`
   with `pyproject.toml`
 - **Version Management**: Implemented dynamic versioning using
@@ -124,7 +124,7 @@ works with NSS 3.117.
 
 - NSS 3.117
 - NSPR 4.38.2
-- Python 3.9, 3.10, 3.11, 3.12, 3.13, 3.14
+- Python 3.10, 3.11, 3.12, 3.13, 3.14
 
 ## System Requirements
 
@@ -156,8 +156,8 @@ brew install nss nspr
 ### Using uv (Recommended)
 
 ```bash
-# Create a virtual environment with Python 3.9+
-uv venv --python 3.9
+# Create a virtual environment with Python 3.10+
+uv venv --python 3.10
 
 # Activate the environment
 source .venv/bin/activate  # Linux/macOS

{python_nss_ng-1.0.2 → python_nss_ng-1.0.5}/QUICKSTART.md

@@ -34,7 +34,7 @@ brew install nss nspr pkg-config
 
 ### Python Requirements
 
-- Python 3.9 or later
+- Python 3.10 or later
 - pip or uv package manager
 
 ## Quick Setup
@@ -50,7 +50,7 @@ git clone https://github.com/ModeSevenIndustrialSolutions/python-nss-ng.git
 cd python-nss-ng
 
 # Create virtual environment and install dependencies
-uv venv --python 3.9
+uv venv --python 3.10
 source .venv/bin/activate  # Linux/macOS
 # or
 .venv\Scripts\activate  # Windows
@@ -78,7 +78,7 @@ pip install -e ".[dev]"
 
 ```bash
 # Check Python version
-python --version  # Should be 3.9+
+python --version  # Should be 3.10+
 
 # Check NSS/NSPR installation
 pkg-config --modversion nss

{python_nss_ng-1.0.2 → python_nss_ng-1.0.5}/README.md

@@ -7,7 +7,7 @@ SPDX-FileCopyrightText: 2025 The Linux Foundation
 
 [![Platform Compatibility](https://github.com/ModeSevenIndustrialSolutions/python-nss-ng/actions/workflows/compatibility.yaml/badge.svg)](https://github.com/ModeSevenIndustrialSolutions/python-nss-ng/actions/workflows/compatibility.yaml)
 [![CI/CD Pipeline](https://github.com/ModeSevenIndustrialSolutions/python-nss-ng/actions/workflows/build-test.yaml/badge.svg)](https://github.com/ModeSevenIndustrialSolutions/python-nss-ng/actions/workflows/build-test.yaml)
-[![Python 3.9+](https://img.shields.io/badge/python-3.9+-blue.svg)](https://www.python.org/downloads/)
+[![Python 3.10+](https://img.shields.io/badge/python-3.10+-blue.svg)](https://www.python.org/downloads/)
 [![License: MPL-2.0](https://img.shields.io/badge/License-MPL%202.0-brightgreen.svg)](https://opensource.org/licenses/MPL-2.0)
 
 Python bindings for Network Security Services (NSS) and Netscape Portable
@@ -42,7 +42,7 @@ and build standards:
 
 ### Changes Made
 
-- **Python Support**: Now supports Python 3.9, 3.10, 3.11, 3.12, 3.13, and 3.14
+- **Python Support**: Now supports Python 3.10, 3.11, 3.12, 3.13, and 3.14
 - **Build System**: Migrated from legacy `distutils` to modern `setuptools`
   with `pyproject.toml`
 - **Version Management**: Implemented dynamic versioning using
@@ -67,7 +67,7 @@ works with NSS 3.117.
 
 - NSS 3.117
 - NSPR 4.38.2
-- Python 3.9, 3.10, 3.11, 3.12, 3.13, 3.14
+- Python 3.10, 3.11, 3.12, 3.13, 3.14
 
 ## System Requirements
 
@@ -99,8 +99,8 @@ brew install nss nspr
 ### Using uv (Recommended)
 
 ```bash
-# Create a virtual environment with Python 3.9+
-uv venv --python 3.9
+# Create a virtual environment with Python 3.10+
+uv venv --python 3.10
 
 # Activate the environment
 source .venv/bin/activate  # Linux/macOS

python_nss_ng-1.0.5/REUSE.toml

@@ -0,0 +1,39 @@
+version = 1
+
+# SPDX-License-Identifier: MPL-2.0
+# SPDX-FileCopyrightText: 2025 The Linux Foundation
+
+# Licensing statement required for GHA tests and linting to pass for only this repository
+
+[[annotations]]
+path = [
+         "test/pki/**",
+         "uv.lock",
+	 "tests/dist/**",
+	 "img/**",
+	 "*.lock",
+         "test_coverage_report*"
+]
+SPDX-License-Identifier = "MPL-2.0"
+SPDX-FileCopyrightText = "2025 The Linux Foundation"
+
+# Project configuration files and ancillary documentation that
+# cannot easily carry inline SPDX headers.
+[[annotations]]
+path = [
+         "pyrightconfig.json",
+         "scripts/README.md",
+         "doc/ChangeLog",
+]
+SPDX-License-Identifier = "MPL-2.0"
+SPDX-FileCopyrightText = "Copyright (c) 2010-2025 python-nss-ng contributors"
+
+# Mutation testing artifacts produced by mutmut. These are generated
+# files (mutated source copies and metadata) and inherit the license
+# of the source they were produced from.
+[[annotations]]
+path = [
+         "mutants/**",
+]
+SPDX-License-Identifier = "MPL-2.0"
+SPDX-FileCopyrightText = "Copyright (c) 2010-2025 python-nss-ng contributors"

{python_nss_ng-1.0.2 → python_nss_ng-1.0.5}/doc/ChangeLog

@@ -365,7 +365,7 @@
     password file and writes hardcoded responses to the stdin of
     certuil and modutil.
 
-  * setup_certs now creates a new sql sytle NSS database (sql:pki)
+  * setup_certs now creates a new sql style NSS database (sql:pki)
 
   * All tests and examples now load the sql:pki database. Command line
     arg and variable changed from dbdir to db_name to reflect the
@@ -380,11 +380,11 @@
   External Changes
   ----------------
 
-  The primary enhancements in this version is support of certifcate
+  The primary enhancements in this version is support of certificate
   validation, OCSP support, and support for the certificate "Authority
   Information Access" extension.
 
-  Enhanced certifcate validation including CA certs can be done via
+  Enhanced certificate validation including CA certs can be done via
   Certificate.verify() or Certificate.is_ca_cert(). When cert
   validation fails you can now obtain diagnostic information as to why
   the cert failed to validate. This is encapsulated in the
@@ -575,7 +575,7 @@
   * For NSS >= 3.13 support CERTDB_TERMINAL_RECORD
 
   * You can now query for a specific certificate extension
-    Certficate.get_extension()
+    Certificate.get_extension()
 
   * The following classes were added:
     - RSAGenParams
@@ -594,14 +594,14 @@
     - SecItem_new_alloc()
 
   * The following class constructors were modified to accept
-    intialization parameters
+    initialization parameters
 
     - KEYPQGParams (DSA generation parameters)
 
   * The PublicKey formatting (i.e. format_lines) was augmented
     to format DSA keys (formerly it only recognized RSA keys).
 
-  * Allow lables and values to be justified when printing objects
+  * Allow labels and values to be justified when printing objects
 
   * The following were deprecated:
     - nss.nss.make_line_pairs (replaced by nss.nss.make_line_fmt_tuples)
@@ -609,12 +609,12 @@
     Deprecated Functionality:
     -------------------------
     - make_line_pairs() has been replaced by make_line_fmt_tuples()
-      because 2-valued tuples were not sufficently general. It is
+      because 2-valued tuples were not sufficiently general. It is
       expected very few programs will have used this function, it's mostly
       used internally but provided as a support utility.
 
 2011-04-22  John Dennis  <jdennis@redhat.com> 0.12
-  * Major new enhancement is additon of PKCS12 support and
+  * Major new enhancement is addition of PKCS12 support and
     AlgorithmID's.
 
   * setup.py build enhancements
@@ -757,7 +757,7 @@
     optional family parameter. This is necessary for utilizing
     PR_GetAddrInfoByName().
 
-  * NetworkAddress initialized via a string paramter are now initalized via
+  * NetworkAddress initialized via a string parameter are now initialized via
     PR_GetAddrInfoByName using family.
 
   * Add NetworkAddress.address property to return the address sans the
@@ -785,7 +785,7 @@
     Deprecated Functionality:
     -------------------------
 
-  * NetworkAddress initialized via a string paramter is now
+  * NetworkAddress initialized via a string parameter is now
     deprecated. AddrInfo should be used instead.
 
   * NetworkAddress.set_from_string is now deprecated. AddrInfo should be
@@ -793,7 +793,7 @@
 
   * NetworkAddress.hostentry is deprecated. It was a bad idea,
     NetworkAddress objects can support both IPv4 and IPv6, but a HostEntry
-    object can only support IPv4. Plus the implementation depdended on
+    object can only support IPv4. Plus the implementation depended on
     being able to perform a reverse DNS lookup which is not always
     possible.
 
@@ -806,7 +806,7 @@
     Internal Changes:
     -----------------
 
-  * Utilize PR_NetAddrFamily() access macro instead of explict access.
+  * Utilize PR_NetAddrFamily() access macro instead of explicit access.
 
   * Add PRNetAddr_port() utility to hide host vs. network byte order
     requirements when accessing the port inside a PRNetAddr and simplify
@@ -925,7 +925,7 @@
       nss.nss.x509_key_usage()
 
   * The following class methods and properties were added:
-    Note: it's a method if the name is suffixed with (), a propety otherwise
+    Note: it's a method if the name is suffixed with (), a property otherwise
       Socket.next()
       Socket.readlines()
       Socket.sendall()

{python_nss_ng-1.0.2 → python_nss_ng-1.0.5}/doc/MIGRATION.md

@@ -13,7 +13,7 @@ project to bring it up to current Python packaging standards (2025).
 The python-nss-ng project was originally built with the legacy
 `distutils` build system. This migration updates the project to:
 
-- Support Python 3.9+ (3.9, 3.10, 3.11, 3.12, 3.13, 3.14)
+- Support Python 3.10+ (3.10, 3.11, 3.12, 3.13, 3.14)
 - Use modern packaging standards (PEP 517, PEP 518, PEP 621)
 - Use dynamic versioning from git tags
 - Support modern development tools (uv, pytest, ruff)
@@ -53,7 +53,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "python-nss-ng"
 dynamic = ["version"]
-requires-python = ">=3.9"
+requires-python = ">=3.10"
 # ... modern metadata
 ```
 
@@ -155,7 +155,7 @@ dev = [
 
 #### Modern Support
 
-- Explicit support: Python 3.9, 3.10, 3.11, 3.12, 3.13, 3.14
+- Explicit support: Python 3.10, 3.11, 3.12, 3.13, 3.14
 - Modern `setuptools` build backend
 - Compatible with PEP 517/518 build frontends (pip, build, uv)
 
@@ -270,7 +270,7 @@ branch = true
 
 ```bash
 # Development environment
-uv venv --python 3.9
+uv venv --python 3.10
 source .venv/bin/activate
 uv pip install -e ".[dev]"
 ```
@@ -293,7 +293,7 @@ python -m build
 
 ### Breaking Changes
 
-- **Lower Bound Python version**: Now requires Python 3.9+
+- **Lower Bound Python version**: Now requires Python 3.10+
 - **Build system**: `python setup.py install` no longer recommended
 - **Import changes**: None (backward compatible)
 

{python_nss_ng-1.0.2 → python_nss_ng-1.0.5}/doc/examples/cert_dump.py

@@ -1,6 +1,8 @@
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
+# SPDX-License-Identifier: MPL-2.0
+# SPDX-FileCopyrightText: Copyright (c) 2010-2025 python-nss-ng contributors
 
 '''
 This example will pretty print the contents of a certificate loaded from a
@@ -15,18 +17,12 @@ print "Certificate is %s" % cert
 What this example really aims to do is illustrate how to access the various
 components of a cert.
 '''
-from __future__ import absolute_import
-from __future__ import print_function
 
 import argparse
-import getpass
-import os
-import sys
 
-from nss.error import NSPRError
-import nss.io as io
 import nss.nss as nss
 
+
 # -----------------------------------------------------------------------------
 def print_extension(level, extension):
     print(nss.indented_format([(level, 'Name: %s' % extension.name),

{python_nss_ng-1.0.2 → python_nss_ng-1.0.5}/doc/examples/cert_trust.py

@@ -1,11 +1,12 @@
-from __future__ import absolute_import
-from __future__ import print_function
+# SPDX-License-Identifier: MPL-2.0
+# SPDX-FileCopyrightText: Copyright (c) 2010-2025 python-nss-ng contributors
+
 
 import argparse
 import sys
 from typing import Any
+
 import nss.nss as nss
-import nss.error as nss_error
 
 # Sample program that illustrates how to access certificate trust and/or
 # modify a certificates trust setting.

{python_nss_ng-1.0.2 → python_nss_ng-1.0.5}/doc/examples/httplib_example.py

@@ -1,21 +1,31 @@
-from __future__ import absolute_import
-from __future__ import print_function
+# SPDX-License-Identifier: MPL-2.0
+# SPDX-FileCopyrightText: Copyright (c) 2010-2025 python-nss-ng contributors
 
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
+# This example predates Python 3 and demonstrates NSS HTTPS usage by
+# subclassing the long-removed ``httplib.HTTP`` class via ``six``. It
+# also performs ``int()`` / host-string coercions that the static
+# type system cannot prove safe. Static type checking of this file
+# is intentionally relaxed so the example can remain available as
+# historical documentation without requiring a full Py3 rewrite.
+#
+# pyright: reportAttributeAccessIssue=false, reportArgumentType=false, reportMissingImports=false
+
 import argparse
 import errno
 import getpass
-import six.moves.http_client  # type: ignore[import-untyped]
 import logging
 import sys
+
+import six.moves.http_client  # type: ignore[import-untyped,unused-ignore]
+
 try:
     import urlparse
 except ImportError:
     import urllib.parse as urlparse
-from nss.error import NSPRError
 import nss.io as io
 import nss.nss as nss
 import nss.ssl as ssl
@@ -91,7 +101,7 @@ def auth_certificate_callback(sock, check_sig, is_server, certdb):
 
 def password_callback(slot, retry, password):
     if not retry and password: return password
-    return getpass.getpass("Enter password for %s: " % slot.token_name);
+    return getpass.getpass("Enter password for %s: " % slot.token_name)
 
 def handshake_callback(sock):
     """
@@ -133,7 +143,7 @@ class NSSConnection(six.moves.http_client.HTTPConnection):
         logging.debug("connect: host=%s port=%s", self.host, self.port)
         try:
             addr_info = io.AddrInfo(self.host)
-        except Exception as e:
+        except Exception:
             logging.error("could not resolve host address \"%s\"", self.host)
             raise
 
@@ -148,7 +158,7 @@ class NSSConnection(six.moves.http_client.HTTPConnection):
             except Exception as e:
                 logging.debug("connect failed: %s (%s)", net_addr, e)
 
-        raise IOError(errno.ENOTCONN, "could not connect to %s at port %d" % (self.host, self.port))
+        raise OSError(errno.ENOTCONN, "could not connect to %s at port %d" % (self.host, self.port))
 
 class NSPRConnection(six.moves.http_client.HTTPConnection):
     default_port = six.moves.http_client.HTTPConnection.default_port
@@ -164,7 +174,7 @@ class NSPRConnection(six.moves.http_client.HTTPConnection):
         logging.debug("connect: host=%s port=%s", self.host, self.port)
         try:
             addr_info = io.AddrInfo(self.host)
-        except Exception as e:
+        except Exception:
             logging.error("could not resolve host address \"%s\"", self.host)
             raise
 
@@ -179,7 +189,7 @@ class NSPRConnection(six.moves.http_client.HTTPConnection):
             except Exception as e:
                 logging.debug("connect failed: %s (%s)", net_addr, e)
 
-        raise IOError(errno.ENOTCONN, "could not connect to %s at port %d" % (self.host, self.port))
+        raise OSError(errno.ENOTCONN, "could not connect to %s at port %d" % (self.host, self.port))
 
 class NSSHTTPS(six.moves.http_client.HTTP):
     _http_vsn = 11

{python_nss_ng-1.0.2 → python_nss_ng-1.0.5}/doc/examples/pbkdf2_example.py

@@ -1,14 +1,15 @@
-from __future__ import absolute_import
-from __future__ import print_function
+# SPDX-License-Identifier: MPL-2.0
+# SPDX-FileCopyrightText: Copyright (c) 2010-2025 python-nss-ng contributors
+
 
 import argparse
 import sys
 from typing import Any
 
 import nss.nss as nss
-import nss.error as nss_error
+
 print(sys.path)
-import six  # type: ignore[import-untyped]
+import six  # type: ignore[import-untyped,unused-ignore]
 
 #-------------------------------------------------------------------------------
 

{python_nss_ng-1.0.2 → python_nss_ng-1.0.5}/doc/examples/ssl_cipher_info.py

@@ -1,13 +1,14 @@
-from __future__ import absolute_import
-from __future__ import print_function
+# SPDX-License-Identifier: MPL-2.0
+# SPDX-FileCopyrightText: Copyright (c) 2010-2025 python-nss-ng contributors
+
 
 import argparse
 import sys
 
-from nss.error import NSPRError
 import nss.io as io
 import nss.nss as nss
 import nss.ssl as ssl
+from nss.error import NSPRError
 
 #-------------------------------------------------------------------------------
 
@@ -105,7 +106,7 @@ def ssl_connect():
         try:
             sock.set_ssl_version_range("tls1.0", "tls1.3")
         except NSPRError as e:
-            print("Cannot enable TLS 1.3, {}".format(e))
+            print(f"Cannot enable TLS 1.3, {e}")
 
         # Provide a callback which notifies us when the SSL handshake is
         # complete

{python_nss_ng-1.0.2 → python_nss_ng-1.0.5}/doc/examples/ssl_example.py

@@ -1,11 +1,22 @@
-from __future__ import absolute_import
-from __future__ import print_function
+# SPDX-License-Identifier: MPL-2.0
+# SPDX-FileCopyrightText: Copyright (c) 2010-2025 python-nss-ng contributors
+
+# This example predates Python 3 in places: it imports a plain TCP
+# socket via ``io.Socket.import_tcp_socket`` and assigns the result
+# back into an ``ssl.SSLSocket``-typed variable, and similarly mixes
+# ``str`` and ``bytes`` payloads on send/recv. Modernising the code
+# to satisfy strict mypy would change observable behaviour and is
+# out of scope for the tooling sync.
+#
+# mypy: ignore-errors
+# pyright: reportOptionalSubscript=false, reportAttributeAccessIssue=false, reportArgumentType=false, reportCallIssue=false
 
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 import warnings
+
 warnings.simplefilter( "always", DeprecationWarning)
 
 import argparse
@@ -13,10 +24,10 @@ import getpass
 import os
 import sys
 
-from nss.error import NSPRError
 import nss.io as io
 import nss.nss as nss
 import nss.ssl as ssl
+from nss.error import NSPRError
 
 # -----------------------------------------------------------------------------
 NO_CLIENT_CERT             = 0
@@ -38,7 +49,7 @@ timeout_secs = 3
 
 def password_callback(slot, retry, password):
     if password: return password
-    return getpass.getpass("Enter password: ");
+    return getpass.getpass("Enter password: ")
 
 def handshake_callback(sock):
     print("-- handshake complete --")
@@ -145,7 +156,7 @@ def Client():
     # Get the IP Address of our server
     try:
         addr_info = io.AddrInfo(options.hostname)
-    except Exception as e:
+    except Exception:
         print("could not resolve host address \"%s\"" % options.hostname)
         return
 
@@ -243,7 +254,7 @@ def Server():
         # Get our certificate and private key
         server_cert = nss.find_cert_from_nickname(options.server_nickname, options.password)
         priv_key = nss.find_key_by_any_cert(server_cert, options.password)
-        server_cert_kea = server_cert.find_kea_type();
+        server_cert_kea = server_cert.find_kea_type()
 
         print("server cert:\n%s" % server_cert)