2 files changed, 11 insertions, 15 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index f374a8e3..8118cad0 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -961,17 +961,15 @@ class Backend(object):
 
     def _create_x509_extension(self, handlers, extension):
         if isinstance(extension.value, x509.UnrecognizedExtension):
-            value = _encode_asn1_str_gc(
-                self, extension.value.value, len(extension.value.value)
-            )
+            value = _encode_asn1_str_gc(self, extension.value.value)
             return self._create_raw_x509_extension(extension, value)
         elif isinstance(extension.value, x509.TLSFeature):
             asn1 = _Integers([x.value for x in extension.value]).dump()
-            value = _encode_asn1_str_gc(self, asn1, len(asn1))
+            value = _encode_asn1_str_gc(self, asn1)
             return self._create_raw_x509_extension(extension, value)
         elif isinstance(extension.value, x509.PrecertPoison):
             asn1 = asn1crypto.core.Null().dump()
-            value = _encode_asn1_str_gc(self, asn1, len(asn1))
+            value = _encode_asn1_str_gc(self, asn1)
             return self._create_raw_x509_extension(extension, value)
         else:
             try:
diff --git a/src/cryptography/hazmat/backends/openssl/encode_asn1.py b/src/cryptography/hazmat/backends/openssl/encode_asn1.py
index 896ea055..91852dff 100644
--- a/src/cryptography/hazmat/backends/openssl/encode_asn1.py
+++ b/src/cryptography/hazmat/backends/openssl/encode_asn1.py
@@ -44,12 +44,12 @@ def _encode_asn1_int_gc(backend, x):
     return i
 
 
-def _encode_asn1_str(backend, data, length):
+def _encode_asn1_str(backend, data):
     """
     Create an ASN1_OCTET_STRING from a Python byte string.
     """
     s = backend._lib.ASN1_OCTET_STRING_new()
-    res = backend._lib.ASN1_OCTET_STRING_set(s, data, length)
+    res = backend._lib.ASN1_OCTET_STRING_set(s, data, len(data))
     backend.openssl_assert(res == 1)
     return s
 
@@ -68,8 +68,8 @@ def _encode_asn1_utf8_str(backend, string):
     return s
 
 
-def _encode_asn1_str_gc(backend, data, length):
-    s = _encode_asn1_str(backend, data, length)
+def _encode_asn1_str_gc(backend, data):
+    s = _encode_asn1_str(backend, data)
     s = backend._ffi.gc(s, backend._lib.ASN1_OCTET_STRING_free)
     return s
 
@@ -184,7 +184,6 @@ def _encode_certificate_policies(backend, certificate_policies):
                     pqi.d.cpsuri = _encode_asn1_str(
                         backend,
                         qualifier.encode("ascii"),
-                        len(qualifier.encode("ascii"))
                     )
                 else:
                     assert isinstance(qualifier, x509.UserNotice)
@@ -289,7 +288,6 @@ def _encode_authority_key_identifier(backend, authority_keyid):
         akid.keyid = _encode_asn1_str(
             backend,
             authority_keyid.key_identifier,
-            len(authority_keyid.key_identifier)
         )
 
     if authority_keyid.authority_cert_issuer is not None:
@@ -359,7 +357,7 @@ def _encode_alt_name(backend, san):
 
 
 def _encode_subject_key_identifier(backend, ski):
-    return _encode_asn1_str_gc(backend, ski.digest, len(ski.digest))
+    return _encode_asn1_str_gc(backend, ski.digest)
 
 
 def _encode_general_name(backend, name):
@@ -407,7 +405,7 @@ def _encode_general_name(backend, name):
             )
         else:
             packed = name.value.packed
-        ipaddr = _encode_asn1_str(backend, packed, len(packed))
+        ipaddr = _encode_asn1_str(backend, packed)
         gn.type = backend._lib.GEN_IPADD
         gn.d.iPAddress = ipaddr
     elif isinstance(name, x509.OtherName):
@@ -439,7 +437,7 @@ def _encode_general_name(backend, name):
         # ia5strings are supposed to be ITU T.50 but to allow round-tripping
         # of broken certs that encode utf8 we'll encode utf8 here too.
         data = name.value.encode("utf8")
-        asn1_str = _encode_asn1_str(backend, data, len(data))
+        asn1_str = _encode_asn1_str(backend, data)
         gn.type = backend._lib.GEN_EMAIL
         gn.d.rfc822Name = asn1_str
     elif isinstance(name, x509.UniformResourceIdentifier):
@@ -448,7 +446,7 @@ def _encode_general_name(backend, name):
         # ia5strings are supposed to be ITU T.50 but to allow round-tripping
         # of broken certs that encode utf8 we'll encode utf8 here too.
         data = name.value.encode("utf8")
-        asn1_str = _encode_asn1_str(backend, data, len(data))
+        asn1_str = _encode_asn1_str(backend, data)
         gn.type = backend._lib.GEN_URI
         gn.d.uniformResourceIdentifier = asn1_str
     else: