From d415f4786e74b4fe47068f09a0d65735a6788c4f Mon Sep 17 00:00:00 2001 From: Ruben van Staveren Date: Fri, 20 Mar 2020 11:27:41 +0100 Subject: [PATCH] pylint/pep8 compliancy --- sort_certificate.py | 57 ++++++++++++++++++++++++--------------------- 1 file changed, 30 insertions(+), 27 deletions(-) diff --git a/sort_certificate.py b/sort_certificate.py index 61fbef9..d3e78ef 100755 --- a/sort_certificate.py +++ b/sort_certificate.py @@ -15,10 +15,9 @@ from Crypto.Util import asn1 from cryptography.hazmat.primitives import serialization import certifi.core - -VALID_HOSTNAME_RE = '^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])'\ - '(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}'\ - '[a-zA-Z0-9]))*$' +VALID_FQDN_RE = r'^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])'\ + r'(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}'\ + r'[a-zA-Z0-9]))*$' CERTINFO_TEMPLATE = ''' subject= /{subject} @@ -98,7 +97,7 @@ def get_priv_modulus(priv): def match_cert_privkey(cert, priv): ''' - Copied from https://stackoverflow.com/questions/19922790/how-to-check-for-python-the-key-associated-with-the-certificate-or-not + Copied from https://stackoverflow.com/questions/19922790/how-to-check-for-python-the-key-associated-with-the-certificate-or-not # noqa pylint: disable=line-too-long and reworked ''' @@ -255,7 +254,8 @@ def main(): logging.debug('Loaded root certificates from bundle') for root_cert in root_certs: try: - logging.debug('subject=%s\n\tissuer%s\n\texpired=%s\n\tmodulus=%s', + logging.debug('subject=%s\n\tissuer%s\n\t' + 'expired=%s\n\tmodulus=%s', root_cert.get_subject(), root_cert.get_issuer(), root_cert.has_expired(), @@ -321,33 +321,36 @@ def main(): ' and private key match') logging.debug("Print certificates in order") - # XXX Need to do b'CN' to have this python3 compatible - logging.info('Writing bundle for Subject: %s', [x[1] - for x in x509_objects_components - if x[0] == b'CN'][0]) + # Need to do b'CN' to have this python3 compatible + logging.info('Writing bundle for Subject: %s', + [x[1].decode('utf-8') + for x in x509_objects_components + if x[0] == b'CN'][0]) for x509_object in [x for x in x509_objects if x.get_subject() != x.get_issuer()]: # Stringify subject like openssl x509 -subject - x509_subject = '/'.join(['{0}={1}'.format(component[0].decode(), - component[1].decode()) - for component in - x509_object.get_subject().get_components() - ]) + x509_subject = \ + '/'.join(['{0}={1}'.format(component[0].decode(), + component[1].decode()) + for component in + x509_object.get_subject().get_components()]) # Stringify issuer like openssl x509 -issuer - x509_issuer = '/'.join(['{0}={1}'.format(component[0].decode(), - component[1].decode()) - for component in - x509_object.get_issuer().get_components() - ]) + x509_issuer = \ + '/'.join(['{0}={1}'.format(component[0].decode(), + component[1].decode()) + for component in + x509_object.get_issuer().get_components()]) - x509_notAfter = datetime.strptime(str(x509_object.get_notAfter()), - ASN1TIME_FMT) + x509_not_after = \ + datetime.strptime(str(x509_object.get_notAfter()), + ASN1TIME_FMT) - x509_notBefore = datetime.strptime(str(x509_object.get_notBefore()), - ASN1TIME_FMT) + x509_not_before = \ + datetime.strptime(str(x509_object.get_notBefore()), + ASN1TIME_FMT) logging.info('Subject: %s', x509_subject) logging.info('Issuer: %s', x509_issuer) @@ -355,8 +358,8 @@ def main(): print(CERTINFO_TEMPLATE.format( subject=x509_subject, issuer=x509_issuer, - notbefore=x509_notBefore.strftime(OPENSSLTIME_FMT), - notafter=x509_notAfter.strftime(OPENSSLTIME_FMT), + notbefore=x509_not_before.strftime(OPENSSLTIME_FMT), + notafter=x509_not_after.strftime(OPENSSLTIME_FMT), sha1fingerprint=x509_object.digest('sha1').decode())) print(crypto.dump_certificate(crypto.FILETYPE_PEM, @@ -371,7 +374,7 @@ def main(): format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption()).decode( 'ascii'), - end='') + end='') elif pk_objects: logging.info('Print private keys') for pk_object in pk_objects: