Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix cert_validate timezone warnings #4

Merged
merged 1 commit into from
Aug 18, 2024
Merged

Fix cert_validate timezone warnings #4

merged 1 commit into from
Aug 18, 2024

Conversation

longzheng
Copy link
Contributor

Was trying the new cert validation method and noticed some deprecation warnings about comparing not_valid_before and not_valid_after. Fixed to use the _utc properties.

C:\Users\longz\Documents\GitHub\SEP2-Tools>python -m sep2tools cert-lfdi cert.pem
The LFDI is: 913D-F605-5ACB-D322-F2C9-82DA-EE0C-0DA2-962C-8F55
C:\Users\longz\Documents\GitHub\SEP2-Tools\sep2tools\cert_validate.py:42: CryptographyDeprecationWarning: Properties that return a naïve datetime object have been deprecated. Please switch to not_valid_before_utc.
  if not cert.not_valid_before <= current_time:
C:\Users\longz\Documents\GitHub\SEP2-Tools\sep2tools\cert_validate.py:47: CryptographyDeprecationWarning: Properties that return a naïve datetime object have been deprecated. Please switch to not_valid_after_utc.
  if not current_time <= cert.not_valid_after:
C:\Users\longz\Documents\GitHub\SEP2-Tools\sep2tools\cert_validate.py:52: CryptographyDeprecationWarning: Properties that return a naïve datetime object have been deprecated. Please switch to not_valid_after_utc.
  if cert.not_valid_after != INDEF_EXPIRY:

longzheng
longzheng commented Aug 16, 2024
View reviewed changes
sep2tools/cert_validate.py
@@ -38,20 +38,20 @@ def validate_pem_certificate(cert_path: Path) -> bool:
cert = x509.load_pem_x509_certificate(cert_data)

# Check the validity period
current_time = datetime.utcnow()
if not cert.not_valid_before <= current_time:
current_time_utc = datetime.now(timezone.utc)
Copy link
Contributor Author

@longzheng longzheng Aug 16, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I noticed in cert_create.py you're using a different module from dateutil import tz and tz.UTC.

But I saw from the documentation the datetime module has a timezone export that seems to do the same thing, not sure if I'm missing something since I'm not experienced with Python.

If it is the same thing then potential cert_create.py could be updated to use this and then the dateutil module is no longer needed?

SEP2-Tools/sep2tools/cert_create.py

Line 342 in 5aab6b4

valid_from = datetime.now(tz=tz.UTC)

@aguinane aguinane merged commit 601e489 into aguinane:main Aug 18, 2024
1 of 3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aguinane aguinane aguinane approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@longzheng @aguinane