cert_audit: Check the version of cryptography
The script requires cryptography >= 35.0.0, we
need to check the version and provide meaningful
error message when the package version was too
old.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
diff --git a/tests/scripts/audit-validity-dates.py b/tests/scripts/audit-validity-dates.py
index 1517bab..5947774 100755
--- a/tests/scripts/audit-validity-dates.py
+++ b/tests/scripts/audit-validity-dates.py
@@ -34,15 +34,21 @@
from enum import Enum
# The script requires cryptography >= 35.0.0 which is only available
-# for Python >= 3.6. Disable the pylint error here until we were
-# using modern system on our CI.
-from cryptography import x509 #pylint: disable=import-error
+# for Python >= 3.6.
+import cryptography
+from cryptography import x509
from generate_test_code import FileWrapper
import scripts_path # pylint: disable=unused-import
from mbedtls_dev import build_tree
+def check_cryptography_version():
+ match = re.match(r'^[0-9]+', cryptography.__version__)
+ if match is None or int(match[0]) < 35:
+ raise Exception("audit-validity-dates requires cryptography >= 35.0.0"
+ + "({} is too old)".format(cryptography.__version__))
+
class DataType(Enum):
CRT = 1 # Certificate
CRL = 2 # Certificate Revocation List
@@ -460,5 +466,6 @@
logger.debug("Done!")
+check_cryptography_version()
if __name__ == "__main__":
main()