1 --- work/mozilla/certdata2pem.py.orig 2021-10-07 17:12:47.000000000 +0200
2 +++ work/mozilla/certdata2pem.py 2021-10-09 22:27:49.300281185 +0200
6 from cryptography import x509
8 +from packaging import version
10 +if version.parse(cryptography.__version__) >= version.parse("35.0.0"):
18 if not obj['CKA_LABEL'] in trust or not trust[obj['CKA_LABEL']]:
21 - cert = x509.load_der_x509_certificate(obj['CKA_VALUE'])
23 + cka_value = bytes(obj['CKA_VALUE'])
25 + cka_value = obj['CKA_VALUE']
26 + cert = x509.load_der_x509_certificate(cka_value)
27 if cert.not_valid_after < datetime.datetime.now():
29 print('Trusted but expired certificate found: %s' % obj['CKA_LABEL'])