TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 28fe957239904aae39d6680f1d8db054d7e31ae6 / . / tests / scripts / audit-validity-dates.py
blob: ea67959049b213a529b219a53c78f905ddf74fa5 [file] [log] [blame]
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]1#!/usr/bin/env python3
2#
Pengyu Lvf8e5e052023-04-18 15:43:25 +0800[diff] [blame]3# Copyright The Mbed TLS Contributors
4# SPDX-License-Identifier: Apache-2.0
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]5#
Pengyu Lvf8e5e052023-04-18 15:43:25 +0800[diff] [blame]6# Licensed under the Apache License, Version 2.0 (the "License"); you may
7# not use this file except in compliance with the License.
8# You may obtain a copy of the License at
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]9#
10# http://www.apache.org/licenses/LICENSE-2.0
11#
12# Unless required by applicable law or agreed to in writing, software
13# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15# See the License for the specific language governing permissions and
16# limitations under the License.
17
Pengyu Lv57240952023-04-13 14:42:37 +0800[diff] [blame]18"""Audit validity date of X509 crt/crl/csr.
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]19
20This script is used to audit the validity date of crt/crl/csr used for testing.
Pengyu Lvf8e5e052023-04-18 15:43:25 +0800[diff] [blame]21It would print the information about X.509 data if the validity period of the
22X.509 data didn't cover the provided validity period. The data are collected
23from tests/data_files/ and tests/suites/*.data files by default.
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]24"""
25
26import os
27import sys
28import re
29import typing
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]30import argparse
31import datetime
Pengyu Lv45e32032023-04-06 14:33:41 +0800[diff] [blame]32import glob
Pengyu Lvfcda6d42023-04-21 11:04:07 +0800[diff] [blame]33import logging
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]34from enum import Enum
35
Pengyu Lv31792322023-04-11 16:30:54 +0800[diff] [blame]36# The script requires cryptography >= 35.0.0 which is only available
37# for Python >= 3.6. Disable the pylint error here until we were
38# using modern system on our CI.
39from cryptography import x509 #pylint: disable=import-error
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]40
Pengyu Lvad306792023-04-19 15:07:03 +0800[diff] [blame]41from generate_test_code import FileWrapper
Pengyu Lv30f26832023-04-07 18:04:07 +0800[diff] [blame]42
Pengyu Lv2d487212023-04-21 12:41:24 +0800[diff] [blame]43import scripts_path # pylint: disable=unused-import
44from mbedtls_dev import build_tree
45
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]46class DataType(Enum):
47 CRT = 1 # Certificate
48 CRL = 2 # Certificate Revocation List
49 CSR = 3 # Certificate Signing Request
50
Pengyu Lv2d487212023-04-21 12:41:24 +0800[diff] [blame]51
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]52class DataFormat(Enum):
53 PEM = 1 # Privacy-Enhanced Mail
54 DER = 2 # Distinguished Encoding Rules
55
Pengyu Lv2d487212023-04-21 12:41:24 +0800[diff] [blame]56
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]57class AuditData:
Pengyu Lvf8e5e052023-04-18 15:43:25 +0800[diff] [blame]58 """Store data location, type and validity period of X.509 objects."""
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]59 #pylint: disable=too-few-public-methods
Pengyu Lvcb8fc322023-04-11 15:05:29 +0800[diff] [blame]60 def __init__(self, data_type: DataType, x509_obj):
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]61 self.data_type = data_type
Pengyu Lvf8e5e052023-04-18 15:43:25 +0800[diff] [blame]62 self.location = ""
Pengyu Lvcb8fc322023-04-11 15:05:29 +0800[diff] [blame]63 self.fill_validity_duration(x509_obj)
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]64
65 def fill_validity_duration(self, x509_obj):
Pengyu Lvf8e5e052023-04-18 15:43:25 +0800[diff] [blame]66 """Read validity period from an X.509 object."""
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]67 # Certificate expires after "not_valid_after"
68 # Certificate is invalid before "not_valid_before"
69 if self.data_type == DataType.CRT:
70 self.not_valid_after = x509_obj.not_valid_after
71 self.not_valid_before = x509_obj.not_valid_before
72 # CertificateRevocationList expires after "next_update"
73 # CertificateRevocationList is invalid before "last_update"
74 elif self.data_type == DataType.CRL:
75 self.not_valid_after = x509_obj.next_update
76 self.not_valid_before = x509_obj.last_update
77 # CertificateSigningRequest is always valid.
78 elif self.data_type == DataType.CSR:
79 self.not_valid_after = datetime.datetime.max
80 self.not_valid_before = datetime.datetime.min
81 else:
82 raise ValueError("Unsupported file_type: {}".format(self.data_type))
83
Pengyu Lv2d487212023-04-21 12:41:24 +0800[diff] [blame]84
Pengyu Lvf8e5e052023-04-18 15:43:25 +0800[diff] [blame]85class X509Parser:
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]86 """A parser class to parse crt/crl/csr file or data in PEM/DER format."""
87 PEM_REGEX = br'-{5}BEGIN (?P<type>.*?)-{5}\n(?P<data>.*?)-{5}END (?P=type)-{5}\n'
88 PEM_TAG_REGEX = br'-{5}BEGIN (?P<type>.*?)-{5}\n'
89 PEM_TAGS = {
90 DataType.CRT: 'CERTIFICATE',
91 DataType.CRL: 'X509 CRL',
92 DataType.CSR: 'CERTIFICATE REQUEST'
93 }
94
Pengyu Lv8e6794a2023-04-18 17:00:47 +0800[diff] [blame]95 def __init__(self,
96 backends:
97 typing.Dict[DataType,
98 typing.Dict[DataFormat,
99 typing.Callable[[bytes], object]]]) \
100 -> None:
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]101 self.backends = backends
102 self.__generate_parsers()
103
104 def __generate_parser(self, data_type: DataType):
105 """Parser generator for a specific DataType"""
106 tag = self.PEM_TAGS[data_type]
107 pem_loader = self.backends[data_type][DataFormat.PEM]
108 der_loader = self.backends[data_type][DataFormat.DER]
109 def wrapper(data: bytes):
110 pem_type = X509Parser.pem_data_type(data)
111 # It is in PEM format with target tag
112 if pem_type == tag:
113 return pem_loader(data)
114 # It is in PEM format without target tag
115 if pem_type:
116 return None
117 # It might be in DER format
118 try:
119 result = der_loader(data)
120 except ValueError:
121 result = None
122 return result
123 wrapper.__name__ = "{}.parser[{}]".format(type(self).__name__, tag)
124 return wrapper
125
126 def __generate_parsers(self):
127 """Generate parsers for all support DataType"""
128 self.parsers = {}
129 for data_type, _ in self.PEM_TAGS.items():
130 self.parsers[data_type] = self.__generate_parser(data_type)
131
132 def __getitem__(self, item):
133 return self.parsers[item]
134
135 @staticmethod
Pengyu Lv8e6794a2023-04-18 17:00:47 +0800[diff] [blame]136 def pem_data_type(data: bytes) -> typing.Optional[str]:
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]137 """Get the tag from the data in PEM format
138
139 :param data: data to be checked in binary mode.
140 :return: PEM tag or "" when no tag detected.
141 """
142 m = re.search(X509Parser.PEM_TAG_REGEX, data)
143 if m is not None:
144 return m.group('type').decode('UTF-8')
145 else:
Pengyu Lv8e6794a2023-04-18 17:00:47 +0800[diff] [blame]146 return None
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]147
Pengyu Lv30f26832023-04-07 18:04:07 +0800[diff] [blame]148 @staticmethod
149 def check_hex_string(hex_str: str) -> bool:
150 """Check if the hex string is possibly DER data."""
151 hex_len = len(hex_str)
152 # At least 6 hex char for 3 bytes: Type + Length + Content
153 if hex_len < 6:
154 return False
155 # Check if Type (1 byte) is SEQUENCE.
156 if hex_str[0:2] != '30':
157 return False
158 # Check LENGTH (1 byte) value
159 content_len = int(hex_str[2:4], base=16)
160 consumed = 4
161 if content_len in (128, 255):
162 # Indefinite or Reserved
163 return False
164 elif content_len > 127:
165 # Definite, Long
166 length_len = (content_len - 128) * 2
167 content_len = int(hex_str[consumed:consumed+length_len], base=16)
168 consumed += length_len
169 # Check LENGTH
170 if hex_len != content_len * 2 + consumed:
171 return False
172 return True
173
Pengyu Lv2d487212023-04-21 12:41:24 +0800[diff] [blame]174
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]175class Auditor:
176 """A base class for audit."""
Pengyu Lvfcda6d42023-04-21 11:04:07 +0800[diff] [blame]177 def __init__(self, logger):
178 self.logger = logger
Pengyu Lva228cbc2023-04-21 11:59:25 +0800[diff] [blame]179 self.default_files = [] # type: typing.List[str]
Pengyu Lv8e6794a2023-04-18 17:00:47 +0800[diff] [blame]180 # A list to store the parsed audit_data.
Pengyu Lva228cbc2023-04-21 11:59:25 +0800[diff] [blame]181 self.audit_data = [] # type: typing.List[AuditData]
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]182 self.parser = X509Parser({
183 DataType.CRT: {
184 DataFormat.PEM: x509.load_pem_x509_certificate,
185 DataFormat.DER: x509.load_der_x509_certificate
186 },
187 DataType.CRL: {
188 DataFormat.PEM: x509.load_pem_x509_crl,
189 DataFormat.DER: x509.load_der_x509_crl
190 },
191 DataType.CSR: {
192 DataFormat.PEM: x509.load_pem_x509_csr,
193 DataFormat.DER: x509.load_der_x509_csr
194 },
195 })
196
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]197 def parse_file(self, filename: str) -> typing.List[AuditData]:
198 """
199 Parse a list of AuditData from file.
200
201 :param filename: name of the file to parse.
202 :return list of AuditData parsed from the file.
203 """
204 with open(filename, 'rb') as f:
205 data = f.read()
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]206 result = self.parse_bytes(data)
207 if result is not None:
Pengyu Lvf8e5e052023-04-18 15:43:25 +0800[diff] [blame]208 result.location = filename
Pengyu Lv8e6794a2023-04-18 17:00:47 +0800[diff] [blame]209 return [result]
210 else:
211 return []
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]212
213 def parse_bytes(self, data: bytes):
214 """Parse AuditData from bytes."""
215 for data_type in list(DataType):
216 try:
217 result = self.parser[data_type](data)
218 except ValueError as val_error:
219 result = None
Pengyu Lvfcda6d42023-04-21 11:04:07 +0800[diff] [blame]220 self.logger.warning(val_error)
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]221 if result is not None:
Pengyu Lvcb8fc322023-04-11 15:05:29 +0800[diff] [blame]222 audit_data = AuditData(data_type, result)
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]223 return audit_data
224 return None
225
Pengyu Lv8e6794a2023-04-18 17:00:47 +0800[diff] [blame]226 def walk_all(self, file_list: typing.Optional[typing.List[str]] = None):
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]227 """
228 Iterate over all the files in the list and get audit data.
229 """
Pengyu Lv8e6794a2023-04-18 17:00:47 +0800[diff] [blame]230 if file_list is None:
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]231 file_list = self.default_files
232 for filename in file_list:
233 data_list = self.parse_file(filename)
234 self.audit_data.extend(data_list)
235
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]236 @staticmethod
237 def find_test_dir():
238 """Get the relative path for the MbedTLS test directory."""
Pengyu Lv2d487212023-04-21 12:41:24 +0800[diff] [blame]239 return os.path.relpath(build_tree.guess_mbedtls_root() + '/tests')
240
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]241
242class TestDataAuditor(Auditor):
243 """Class for auditing files in tests/data_files/"""
244 def __init__(self, verbose):
245 super().__init__(verbose)
246 self.default_files = self.collect_default_files()
247
248 def collect_default_files(self):
Pengyu Lv45e32032023-04-06 14:33:41 +0800[diff] [blame]249 """Collect all files in tests/data_files/"""
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]250 test_dir = self.find_test_dir()
Pengyu Lv8e6794a2023-04-18 17:00:47 +0800[diff] [blame]251 test_data_glob = os.path.join(test_dir, 'data_files/**')
252 data_files = [f for f in glob.glob(test_data_glob, recursive=True)
253 if os.path.isfile(f)]
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]254 return data_files
255
Pengyu Lv2d487212023-04-21 12:41:24 +0800[diff] [blame]256
Pengyu Lv28fe9572023-04-23 13:56:25 +0800[diff] [blame^]257def parse_suite_data(data_f):
258 """
259 Parses .data file for test arguments that possiblly have a
260 valid X.509 data. If you need a more precise parser, please
261 use generate_test_code.parse_test_data instead.
262
263 :param data_f: file object of the data file.
264 :return: Generator that yields test function argument list.
265 """
266 for line in data_f:
267 line = line.strip()
268 # Skip comments
269 if line.startswith('#'):
270 continue
271
272 # Check parameters line
273 match = re.search(r'\A\w+(.*:)?\"', line)
274 if match:
275 # Read test vectors
276 parts = re.split(r'(?<!\\):', line)
277 parts = [x for x in parts if x]
278 args = parts[1:]
279 yield args
280
281
Pengyu Lv45e32032023-04-06 14:33:41 +0800[diff] [blame]282class SuiteDataAuditor(Auditor):
283 """Class for auditing files in tests/suites/*.data"""
284 def __init__(self, options):
285 super().__init__(options)
286 self.default_files = self.collect_default_files()
287
288 def collect_default_files(self):
289 """Collect all files in tests/suites/*.data"""
290 test_dir = self.find_test_dir()
291 suites_data_folder = os.path.join(test_dir, 'suites')
Pengyu Lv45e32032023-04-06 14:33:41 +0800[diff] [blame]292 data_files = glob.glob(os.path.join(suites_data_folder, '*.data'))
293 return data_files
294
295 def parse_file(self, filename: str):
Pengyu Lv30f26832023-04-07 18:04:07 +0800[diff] [blame]296 """
297 Parse a list of AuditData from file.
298
299 :param filename: name of the file to parse.
300 :return list of AuditData parsed from the file.
301 """
Pengyu Lv45e32032023-04-06 14:33:41 +0800[diff] [blame]302 audit_data_list = []
Pengyu Lv30f26832023-04-07 18:04:07 +0800[diff] [blame]303 data_f = FileWrapper(filename)
Pengyu Lv28fe9572023-04-23 13:56:25 +0800[diff] [blame^]304 for test_args in parse_suite_data(data_f):
Pengyu Lv7725c1d2023-04-13 15:55:30 +0800[diff] [blame]305 for idx, test_arg in enumerate(test_args):
Pengyu Lv30f26832023-04-07 18:04:07 +0800[diff] [blame]306 match = re.match(r'"(?P<data>[0-9a-fA-F]+)"', test_arg)
307 if not match:
308 continue
309 if not X509Parser.check_hex_string(match.group('data')):
310 continue
311 audit_data = self.parse_bytes(bytes.fromhex(match.group('data')))
312 if audit_data is None:
313 continue
Pengyu Lvf8e5e052023-04-18 15:43:25 +0800[diff] [blame]314 audit_data.location = "{}:{}:#{}".format(filename,
315 data_f.line_no,
316 idx + 1)
Pengyu Lv30f26832023-04-07 18:04:07 +0800[diff] [blame]317 audit_data_list.append(audit_data)
318
Pengyu Lv45e32032023-04-06 14:33:41 +0800[diff] [blame]319 return audit_data_list
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]320
Pengyu Lv2d487212023-04-21 12:41:24 +0800[diff] [blame]321
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]322def list_all(audit_data: AuditData):
323 print("{}\t{}\t{}\t{}".format(
324 audit_data.not_valid_before.isoformat(timespec='seconds'),
325 audit_data.not_valid_after.isoformat(timespec='seconds'),
326 audit_data.data_type.name,
Pengyu Lvf8e5e052023-04-18 15:43:25 +0800[diff] [blame]327 audit_data.location))
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]328
Pengyu Lvfcda6d42023-04-21 11:04:07 +0800[diff] [blame]329
330def configure_logger(logger: logging.Logger) -> None:
331 """
332 Configure the logging.Logger instance so that:
333 - Format is set to "[%(levelname)s]: %(message)s".
334 - loglevel >= WARNING are printed to stderr.
335 - loglevel < WARNING are printed to stdout.
336 """
337 class MaxLevelFilter(logging.Filter):
338 # pylint: disable=too-few-public-methods
339 def __init__(self, max_level, name=''):
340 super().__init__(name)
341 self.max_level = max_level
342
343 def filter(self, record: logging.LogRecord) -> bool:
344 return record.levelno <= self.max_level
345
346 log_formatter = logging.Formatter("[%(levelname)s]: %(message)s")
347
348 # set loglevel >= WARNING to be printed to stderr
349 stderr_hdlr = logging.StreamHandler(sys.stderr)
350 stderr_hdlr.setLevel(logging.WARNING)
351 stderr_hdlr.setFormatter(log_formatter)
352
353 # set loglevel <= INFO to be printed to stdout
354 stdout_hdlr = logging.StreamHandler(sys.stdout)
355 stdout_hdlr.addFilter(MaxLevelFilter(logging.INFO))
356 stdout_hdlr.setFormatter(log_formatter)
357
358 logger.addHandler(stderr_hdlr)
359 logger.addHandler(stdout_hdlr)
360
361
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]362def main():
363 """
364 Perform argument parsing.
365 """
Pengyu Lv57240952023-04-13 14:42:37 +0800[diff] [blame]366 parser = argparse.ArgumentParser(description=__doc__)
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]367
368 parser.add_argument('-a', '--all',
369 action='store_true',
Pengyu Lv57240952023-04-13 14:42:37 +0800[diff] [blame]370 help='list the information of all the files')
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]371 parser.add_argument('-v', '--verbose',
372 action='store_true', dest='verbose',
Pengyu Lvfcda6d42023-04-21 11:04:07 +0800[diff] [blame]373 help='show logs')
Pengyu Lvebf011f2023-04-11 13:39:31 +0800[diff] [blame]374 parser.add_argument('--not-before', dest='not_before',
Pengyu Lv57240952023-04-13 14:42:37 +0800[diff] [blame]375 help=('not valid before this date (UTC, YYYY-MM-DD). '
376 'Default: today'),
Pengyu Lvebf011f2023-04-11 13:39:31 +0800[diff] [blame]377 metavar='DATE')
378 parser.add_argument('--not-after', dest='not_after',
Pengyu Lv57240952023-04-13 14:42:37 +0800[diff] [blame]379 help=('not valid after this date (UTC, YYYY-MM-DD). '
380 'Default: not-before'),
Pengyu Lvebf011f2023-04-11 13:39:31 +0800[diff] [blame]381 metavar='DATE')
Pengyu Lva228cbc2023-04-21 11:59:25 +0800[diff] [blame]382 parser.add_argument('--data-files', action='append', nargs='*',
383 help='data files to audit',
384 metavar='FILE')
385 parser.add_argument('--suite-data-files', action='append', nargs='*',
386 help='suite data files to audit',
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]387 metavar='FILE')
388
389 args = parser.parse_args()
390
391 # start main routine
Pengyu Lvfcda6d42023-04-21 11:04:07 +0800[diff] [blame]392 # setup logger
393 logger = logging.getLogger()
394 configure_logger(logger)
395 logger.setLevel(logging.DEBUG if args.verbose else logging.ERROR)
396
397 td_auditor = TestDataAuditor(logger)
398 sd_auditor = SuiteDataAuditor(logger)
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]399
Pengyu Lva228cbc2023-04-21 11:59:25 +0800[diff] [blame]400 data_files = []
401 suite_data_files = []
402 if args.data_files is None and args.suite_data_files is None:
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]403 data_files = td_auditor.default_files
Pengyu Lv45e32032023-04-06 14:33:41 +0800[diff] [blame]404 suite_data_files = sd_auditor.default_files
Pengyu Lva228cbc2023-04-21 11:59:25 +0800[diff] [blame]405 else:
406 if args.data_files is not None:
407 data_files = [x for l in args.data_files for x in l]
408 if args.suite_data_files is not None:
409 suite_data_files = [x for l in args.suite_data_files for x in l]
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]410
Pengyu Lva228cbc2023-04-21 11:59:25 +0800[diff] [blame]411 # validity period start date
Pengyu Lvebf011f2023-04-11 13:39:31 +0800[diff] [blame]412 if args.not_before:
413 not_before_date = datetime.datetime.fromisoformat(args.not_before)
414 else:
415 not_before_date = datetime.datetime.today()
Pengyu Lva228cbc2023-04-21 11:59:25 +0800[diff] [blame]416 # validity period end date
Pengyu Lvebf011f2023-04-11 13:39:31 +0800[diff] [blame]417 if args.not_after:
418 not_after_date = datetime.datetime.fromisoformat(args.not_after)
419 else:
420 not_after_date = not_before_date
421
Pengyu Lva228cbc2023-04-21 11:59:25 +0800[diff] [blame]422 # go through all the files
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]423 td_auditor.walk_all(data_files)
Pengyu Lv45e32032023-04-06 14:33:41 +0800[diff] [blame]424 sd_auditor.walk_all(suite_data_files)
Pengyu Lvebf011f2023-04-11 13:39:31 +0800[diff] [blame]425 audit_results = td_auditor.audit_data + sd_auditor.audit_data
426
Pengyu Lv57240952023-04-13 14:42:37 +0800[diff] [blame]427 # we filter out the files whose validity duration covers the provided
Pengyu Lvebf011f2023-04-11 13:39:31 +0800[diff] [blame]428 # duration.
429 filter_func = lambda d: (not_before_date < d.not_valid_before) or \
430 (d.not_valid_after < not_after_date)
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]431
432 if args.all:
Pengyu Lvebf011f2023-04-11 13:39:31 +0800[diff] [blame]433 filter_func = None
434
Pengyu Lva228cbc2023-04-21 11:59:25 +0800[diff] [blame]435 # filter and output the results
Pengyu Lvebf011f2023-04-11 13:39:31 +0800[diff] [blame]436 for d in filter(filter_func, audit_results):
437 list_all(d)
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]438
Pengyu Lvfcda6d42023-04-21 11:04:07 +0800[diff] [blame]439 logger.debug("Done!")
Pengyu Lv7f6933a2023-04-04 16:05:54 +0800[diff] [blame]440
441if __name__ == "__main__":
442 main()