commit f235b799e96f2ac07dfcbb8de4a0a9be62952599
author Harald Welte <laforge@osmocom.org> Sun Feb 04 23:07:22 2024 +0100
committer Harald Welte <laforge@osmocom.org> Mon Feb 05 09:53:30 2024 +0100
tree 9c3c131a7059497eaee410e3ff8dd05c7a3af53b
parent e6e74229c9bba2f6eebe118a2f4626e9f4110dd1

pylint: esim/x509_cert.py

pySim/esim/x509_cert.py:70:4: W0107: Unnecessary pass statement (unnecessary-pass)
pySim/esim/x509_cert.py:91:20: C0123: Use isinstance() rather than type() for a typecheck. (unidiomatic-typecheck)
pySim/esim/x509_cert.py:105:28: W3101: Missing timeout argument for method 'requests.get' can cause your program to hang indefinitely (missing-timeout)
pySim/esim/x509_cert.py:163:0: C0413: Import "from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature" should be placed at the top of the module (wrong-import-position)
pySim/esim/x509_cert.py:20:0: C0411: standard import "from typing import Optional, List" should be placed before "import requests" (wrong-import-order)
pySim/esim/x509_cert.py:163:0: C0411: third party import "from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature" should be placed before "from pySim.utils import b2h" (wrong-import-order)
pySim/esim/x509_cert.py:163:0: C0412: Imports from package cryptography are not grouped (ungrouped-imports)
pySim/esim/x509_cert.py:22:0: W0611: Unused padding imported from cryptography.hazmat.primitives.asymmetric (unused-import)
pySim/esim/x509_cert.py:24:0: W0611: Unused InvalidSignature imported from cryptography.exceptions (unused-import)

Change-Id: Ic435c9a7cfcc18cacec3a3d872925bd737fb5cd9

pySim/esim/x509_cert.py

diff --git a/pySim/esim/x509_cert.py b/pySim/esim/x509_cert.py
index 9f6c8e6..3bcf8a2 100644
--- a/pySim/esim/x509_cert.py
+++ b/pySim/esim/x509_cert.py
@@ -19,11 +19,11 @@
 import requests
 from typing import Optional, List
 
-from cryptography.hazmat.primitives.asymmetric import ec, padding
+from cryptography.hazmat.primitives.asymmetric import ec
 from cryptography.hazmat.primitives import hashes
-from cryptography.exceptions import InvalidSignature
 from cryptography import x509
 from cryptography.hazmat.primitives.serialization import load_pem_private_key, Encoding
+from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature
 
 from pySim.utils import b2h
 
@@ -67,7 +67,6 @@
 
 class VerifyError(Exception):
     """An error during certificate verification,"""
-    pass
 
 class CertificateSet:
     """A set of certificates consisting of a trusted [self-signed] CA root certificate,
@@ -88,7 +87,7 @@
         self.crl = None
 
     def load_crl(self, urls: Optional[List[str]] = None):
-        if urls and type(urls) is str:
+        if urls and isinstance(urls, str):
             urls = [urls]
         if not urls:
             # generate list of CRL URLs from root CA certificate
@@ -102,7 +101,7 @@
 
         for url in urls:
             try:
-                crl_bytes = requests.get(url)
+                crl_bytes = requests.get(url, timeout=10)
             except requests.exceptions.ConnectionError:
                 continue
             crl = x509.load_der_x509_crl(crl_bytes)
@@ -160,7 +159,6 @@
             if depth > max_depth:
                 raise VerifyError('Maximum depth %u exceeded while verifying certificate chain' % max_depth)
 
-from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature
 
 def ecdsa_dss_to_tr03111(sig: bytes) -> bytes:
     """convert from DER format to BSI TR-03111; first get long integers; then convert those to bytes."""