parse PEM list using tlslite

2015-02-15 21:27:11 +01:00 · 2015-02-15 21:27:11 +01:00 · 58d2e90fa5
parent b973d31a67
commit 58d2e90fa5
2 changed files with 20 additions and 36 deletions
--- a/lib/paymentrequest.py
+++ b/lib/paymentrequest.py
@ -43,42 +43,8 @@ import x509
 REQUEST_HEADERS = {'Accept': 'application/bitcoin-paymentrequest', 'User-Agent': 'Electrum'}
 ACK_HEADERS = {'Content-Type':'application/bitcoin-payment','Accept':'application/bitcoin-paymentack','User-Agent':'Electrum'}

-
-ca_list = {}
 ca_path = requests.certs.where()
-
-
-
-
-def load_certificates():
-    try:
-        ca_f = open(ca_path, 'r')
-    except Exception:
-        print "ERROR: Could not open %s"%ca_path
-        print "ca-bundle.crt file should be placed in ~/.electrum/ca/ca-bundle.crt"
-        print "Documentation on how to download or create the file here: http://curl.haxx.se/docs/caextract.html"
-        print "Payment will continue with manual verification."
-        return False
-    c = ""
-    for line in ca_f:
-        if line == "-----BEGIN CERTIFICATE-----\n":
-            c = line
-        else:
-            c += line
-        if line == "-----END CERTIFICATE-----\n":
-            x = x509.X509()
-            try:
-                x.parse(c)
-            except Exception as e:
-                util.print_error("cannot parse cert:", e)
-                continue
-            ca_list[x.getFingerprint()] = x
-    ca_f.close()
-    util.print_error("%d certificates"%len(ca_list))
-    return True
-
-load_certificates()
-
+ca_list = x509.load_certificates(ca_path)


 class PaymentRequest:
@ -325,7 +291,6 @@ class PaymentRequest:
 if __name__ == "__main__":

    util.set_verbosity(True)
-    load_certificates()

    try:
        uri = sys.argv[1]
--- a/lib/x509.py
+++ b/lib/x509.py
@ -23,6 +23,7 @@ import sys
 import pyasn1
 import pyasn1_modules
 import tlslite
+import util

 # workaround https://github.com/trevp/tlslite/issues/15
 tlslite.utils.cryptomath.pycryptoLoaded = False
@ -224,3 +225,21 @@ class X509(tlslite.X509):

 class X509CertChain(tlslite.X509CertChain):
    pass
+
+
+
+
+def load_certificates(ca_path):
+    ca_list = {}
+    with open(ca_path, 'r') as f:
+        s = f.read()
+    bList = tlslite.utils.pem.dePemList(s, "CERTIFICATE")
+    for b in bList:
+        x = X509()
+        try:
+            x.parseBinary(b)
+        except Exception as e:
+            util.print_error("cannot parse cert:", e)
+            continue
+        ca_list[x.getFingerprint()] = x
+    return ca_list