From 58d2e90fa5c9e1c19f3c1726219b4ca1f672a56a Mon Sep 17 00:00:00 2001 From: ThomasV Date: Sun, 15 Feb 2015 21:27:11 +0100 Subject: [PATCH] parse PEM list using tlslite --- lib/paymentrequest.py | 37 +------------------------------------ lib/x509.py | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+), 36 deletions(-) diff --git a/lib/paymentrequest.py b/lib/paymentrequest.py index eeab52151..df5dfd62a 100644 --- a/lib/paymentrequest.py +++ b/lib/paymentrequest.py @@ -43,42 +43,8 @@ import x509 REQUEST_HEADERS = {'Accept': 'application/bitcoin-paymentrequest', 'User-Agent': 'Electrum'} ACK_HEADERS = {'Content-Type':'application/bitcoin-payment','Accept':'application/bitcoin-paymentack','User-Agent':'Electrum'} - -ca_list = {} ca_path = requests.certs.where() - - - - -def load_certificates(): - try: - ca_f = open(ca_path, 'r') - except Exception: - print "ERROR: Could not open %s"%ca_path - print "ca-bundle.crt file should be placed in ~/.electrum/ca/ca-bundle.crt" - print "Documentation on how to download or create the file here: http://curl.haxx.se/docs/caextract.html" - print "Payment will continue with manual verification." - return False - c = "" - for line in ca_f: - if line == "-----BEGIN CERTIFICATE-----\n": - c = line - else: - c += line - if line == "-----END CERTIFICATE-----\n": - x = x509.X509() - try: - x.parse(c) - except Exception as e: - util.print_error("cannot parse cert:", e) - continue - ca_list[x.getFingerprint()] = x - ca_f.close() - util.print_error("%d certificates"%len(ca_list)) - return True - -load_certificates() - +ca_list = x509.load_certificates(ca_path) class PaymentRequest: @@ -325,7 +291,6 @@ class PaymentRequest: if __name__ == "__main__": util.set_verbosity(True) - load_certificates() try: uri = sys.argv[1] diff --git a/lib/x509.py b/lib/x509.py index b2865bb56..5b06533f7 100644 --- a/lib/x509.py +++ b/lib/x509.py @@ -23,6 +23,7 @@ import sys import pyasn1 import pyasn1_modules import tlslite +import util # workaround https://github.com/trevp/tlslite/issues/15 tlslite.utils.cryptomath.pycryptoLoaded = False @@ -224,3 +225,21 @@ class X509(tlslite.X509): class X509CertChain(tlslite.X509CertChain): pass + + + + +def load_certificates(ca_path): + ca_list = {} + with open(ca_path, 'r') as f: + s = f.read() + bList = tlslite.utils.pem.dePemList(s, "CERTIFICATE") + for b in bList: + x = X509() + try: + x.parseBinary(b) + except Exception as e: + util.print_error("cannot parse cert:", e) + continue + ca_list[x.getFingerprint()] = x + return ca_list