commit 34a4754d21b8fa3590d50becb79e67a155df7113
author Alex Gaynor <alex.gaynor@gmail.com> Thu Dec 24 09:07:01 2015 -0500
committer Alex Gaynor <alex.gaynor@gmail.com> Thu Dec 24 09:07:01 2015 -0500
tree 9c9c918c92260e45dfceba3a339c38a43958b0ee
parent b6519135245a524f8d1efdb7db31e70e6d782c23

Simplify implementation of CRL indexing and iteration.

No longer allocates a list just to iterate over it.

src/cryptography/hazmat/backends/openssl/x509.py

diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py
index 4699a7a..7b9f71c 100644
--- a/src/cryptography/hazmat/backends/openssl/x509.py
+++ b/src/cryptography/hazmat/backends/openssl/x509.py
@@ -861,24 +861,19 @@
         self._backend.openssl_assert(res == 1)
         return self._backend._read_mem_bio(bio)
 
-    def _revoked_certificates(self):
+    def _revoked_cert(self, idx):
         revoked = self._backend._lib.X509_CRL_get_REVOKED(self._x509_crl)
-        revoked_list = []
-        for i in range(len(self)):
-            r = self._backend._lib.sk_X509_REVOKED_value(revoked, i)
-            self._backend.openssl_assert(r != self._backend._ffi.NULL)
-            revoked_certificate = _RevokedCertificate(
-                self._backend, self, r
-            )
-            revoked_list.append(revoked_certificate)
-
-        return revoked_list
+        r = self._backend._lib.sk_X509_REVOKED_value(revoked, idx)
+        self._backend.openssl_assert(r != self._backend._ffi.NULL)
+        return _RevokedCertificate(self._backend, self, r)
 
     def __iter__(self):
-        return iter(self._revoked_certificates())
+        for i in range(len(self)):
+            yield self._revoked_cert(i)
 
     def __getitem__(self, idx):
-        return self._revoked_certificates()[idx]
+        # TODO: indexing is O(n)
+        return list(self)[idx]
 
     def __len__(self):
         revoked = self._backend._lib.X509_CRL_get_REVOKED(self._x509_crl)