fix: use utcnow() to check certificate validity #151
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
tropxy
approved these changes
Oct 24, 2022
|
thanks @rstanchak for your contribution! |
shalinnijel2
added a commit
that referenced
this pull request
Nov 2, 2022
commit 2c30797 Author: Ibrahim KARATAS <[email protected]> Date: Mon Oct 31 17:19:10 2022 +0000 Fix/genchallange invalid (#154) * genchallance will only sent on first AuthorizationReq message * test_authorization_req_gen_challenge_invalid unit test modified commit 0d34ee5 Author: Ibrahim KARATAS <[email protected]> Date: Mon Oct 31 16:36:56 2022 +0000 genchallange check has been added for Authorization (#135) * The genchallange check has been added for Authorization commit 6192609 Author: Chad <[email protected]> Date: Mon Oct 31 14:43:25 2022 +0000 fix: cleanup template dockerfile (#109) commit 5185483 Author: Roman Stanchak <[email protected]> Date: Mon Oct 24 05:35:44 2022 -0400 fix: use utcnow() to check certificate validity (#151) commit 72e8cc9 Author: Chad <[email protected]> Date: Mon Oct 17 17:29:49 2022 +0100 feat: run code qual and tests in gha (#147) * feat: run code qual and tests in gha * fix: install deps in gha * fix: add isort make command commit 8718dd5 Author: santiagosalamandri <[email protected]> Date: Mon Oct 17 15:02:36 2022 +0100 Bump 0.13.0 (#149) * feat: Bump to 0.13.0 commit d596370 Author: Santiago Salamandri <[email protected]> Date: Mon Oct 17 13:59:40 2022 +0100 feat: Pass status event as a parameter to start servers. Reduce check status delay to 10 mS commit 8d260e2 Author: Santiago Salamandri <[email protected]> Date: Mon Oct 17 13:56:38 2022 +0100 feat: Remove event atribute and pass it as a parameter commit da2ee49 Author: Santiago Salamandri <[email protected]> Date: Mon Oct 17 13:55:04 2022 +0100 chore: rename EVSEServiceStatus to ServiceStatus commit 3898096 Author: Santiago Salamandri <[email protected]> Date: Mon Oct 17 12:11:47 2022 +0100 feat: Add starting status commit 657d451 Author: Santiago Salamandri <[email protected]> Date: Mon Oct 17 12:11:11 2022 +0100 feat: Add a task to check the servers status commit 222b741 Author: Santiago Salamandri <[email protected]> Date: Mon Oct 17 12:09:30 2022 +0100 feat: Add ready status events to servers commit f196eb6 Author: Santiago Salamandri <[email protected]> Date: Mon Oct 17 12:08:21 2022 +0100 feat: Implemented set_status method commit c076bb2 Author: Santiago Salamandri <[email protected]> Date: Mon Oct 17 12:07:38 2022 +0100 feat: add evse status enum and set_status abstract method commit b0e4f25 Author: Chad <[email protected]> Date: Wed Oct 12 13:54:56 2022 +0100 fix: remove sphinx dependency (#141) commit 15c3a5a Author: André <[email protected]> Date: Wed Oct 12 11:39:27 2022 +0100 get from the evse controller the ac evse status (#146) * get from the evse controller the ac evse status * removed unused iimport * added test for charging status
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Symptom:
Using the certificates generated using ./create_certs.sh, 'make run-secc' with TLS and PNC enabled, would fail in the CertificateInstallationReq handling:
ERROR 2022-10-21 14:37:20,294 - iso15118.shared.security (977): CertNotYetValidError: Signature verification failed while checking certificate chainIssue:
The cryptography Certificate object represents the validity period of the certificate in UTC. https://cryptography.io/en/latest/x509/reference/#cryptography.x509.Certificate
However, security.py is comparing cert.not_valid_before to the local time, and as a result, the certificate is reported invalid for those of us in zones earlier than GMT.
Fix:
Use datetime.utcnow() instead of datetime.now() to get the current time