Skip to content

Commit

Permalink
flake8
Browse files Browse the repository at this point in the history
Signed-off-by: Mikael Arguedas <[email protected]>
  • Loading branch information
mikaelarguedas committed May 7, 2024
1 parent 3dd75da commit c7119d5
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 5 deletions.
1 change: 1 addition & 0 deletions sros2/sros2/_utilities.py
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@
_DOMAIN_ID_ENV = 'ROS_DOMAIN_ID'
_KEYSTORE_DIR_ENV = 'ROS_SECURITY_KEYSTORE'


def convert_naive_to_utc(naive_datetime: datetime.datetime) -> datetime.datetime:
return naive_datetime.replace(tzinfo=ZoneInfo('UTC'))

Expand Down
11 changes: 8 additions & 3 deletions sros2/sros2/keystore/_permission.py
Original file line number Diff line number Diff line change
Expand Up @@ -75,10 +75,15 @@ def create_permission_file(path: pathlib.Path, domain_id, policy_element) -> Non

cert_path = path.parent.joinpath('cert.pem')
cert_content = _utilities.load_cert(cert_path)
# TODO replace not_valid_before/not_valid_after functions by not_valid_before_utc/not_valid_after_utc
# TODO replace "not_valid_before"/"not_valid_after" functions by
# "not_valid_before_utc"/"not_valid_after_utc"
# once cryptography 42 is supported on all target platforms
kwargs['not_valid_before'] = etree.XSLT.strparam(_utilities.convert_naive_to_utc(cert_content.not_valid_before).isoformat())
kwargs['not_valid_after'] = etree.XSLT.strparam(_utilities.convert_naive_to_utc(cert_content.not_valid_after).isoformat())
kwargs['not_valid_before'] = etree.XSLT.strparam(
_utilities.convert_naive_to_utc(cert_content.not_valid_before).isoformat()
)
kwargs['not_valid_after'] = etree.XSLT.strparam(
_utilities.convert_naive_to_utc(cert_content.not_valid_after).isoformat()
)

if get_rmw_implementation_identifier() in _RMW_WITH_ROS_GRAPH_INFO_TOPIC:
kwargs['allow_ros_discovery_topic'] = etree.XSLT.strparam('1')
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -128,10 +128,14 @@ def test_cert_pem(enclave_keys_dir):
# Using a day earlier here to prevent Connext (5.3.1) from complaining
# when extracting it from the permissions file and thinking it's in the future
# https://github.com/ros2/ci/pull/436#issuecomment-624874296
# TODO replace not_valid_before/not_valid_after functions by not_valid_before_utc/not_valid_after_utc
# TODO replace "not_valid_before"/"not_valid_after" functions by
# "not_valid_before_utc"/"not_valid_after_utc"
# once cryptography 42 is supported on all target platforms
assert _datetimes_are_close(_utilities.convert_naive_to_utc(cert.not_valid_before), utcnow)
assert _datetimes_are_close(_utilities.convert_naive_to_utc(cert.not_valid_after), utcnow + datetime.timedelta(days=3650))
assert _datetimes_are_close(
_utilities.convert_naive_to_utc(cert.not_valid_after),
utcnow + datetime.timedelta(days=3650)
)

# Verify that the cert ensures this key cannot be used to sign others as a CA
assert len(cert.extensions) == 1
Expand Down

0 comments on commit c7119d5

Please sign in to comment.