Skip to content

Suppress warning for AMD certificate #52

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jdrean merged 2 commits into from
Nov 12, 2025
Merged

Suppress warning for AMD certificate #52

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
eec81cb
Suppress warning for AMD certificate
jdrean Nov 11, 2025
4702c82
chore: bump version
jdrean Nov 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -174,3 +174,4 @@ cython_debug/
tuf-repo-cdn.sigstore.dev.json
verifier/
tinfoil/tinfoil_verifier/
.DS_Store
2 changes: 1 addition & 1 deletion example.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,6 @@
"content": "What is Tinfoil?",
}
],
model="llama3-3-70b",
model="llama-free",
)
print(chat_completion.choices[0].message.content)
2 changes: 1 addition & 1 deletion pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ packages = ["tinfoil", "tinfoil.attestation"]

[project]
name = "tinfoil"
version = "0.10.0"
version = "0.10.1"
description = "Python client for Tinfoil"
readme = "README.md"
requires-python = ">=3.10"
Expand Down
21 changes: 19 additions & 2 deletions src/tinfoil/attestation/verify.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import ec, utils
from cryptography.x509.oid import ObjectIdentifier
import warnings
from cryptography.utils import CryptographyDeprecationWarning

# Type alias for certificate extensions
Extensions: TypeAlias = Dict[ObjectIdentifier, bytes]
Expand Down Expand Up @@ -112,7 +114,15 @@ def from_report(cls, report:Report) -> 'CertificateChain':

# Parse the (cached or freshly‑downloaded) certificate
try:
vcek = x509.load_der_x509_certificate(vcek_cert_data)
# cryptography 46+ emits a deprecation warning for non‑positive serial numbers.
# Suppress this specific deprecation warning locally when parsing VCEK DER.
with warnings.catch_warnings():
warnings.filterwarnings(
"ignore",
message=r"Parsed a serial number which wasn't positive",
category=CryptographyDeprecationWarning,
)
vcek = x509.load_der_x509_certificate(vcek_cert_data)
except Exception as e:
# Corrupted cache? Remove and propagate error so caller can retry.
if os.path.exists(cache_path):
Expand All @@ -135,7 +145,14 @@ def _load_cert(filepath: str) -> x509.Certificate:
if ext.lower() == '.pem':
return x509.load_pem_x509_certificate(data)
else:
return x509.load_der_x509_certificate(data)
# Suppress cryptography deprecation warnings for DER parsing as above.
with warnings.catch_warnings():
warnings.filterwarnings(
"ignore",
message=r"Parsed a serial number which wasn't positive",
category=CryptographyDeprecationWarning,
)
return x509.load_der_x509_certificate(data)

def verify_chain(self) -> bool:
# Validate VCEK format
Expand Down