def load_encrypt_cert(self):
if self.validate_certs:
# Convert the certificate to DER format
cert = pem_to_der(self.encrypt_cert, return_multiple=False)
# Convert the ca certificate to DER format
if self.encrypt_cert_ca:
trust_roots = pem_to_der(self.encrypt_cert_ca)
else:
trust_roots = []
# Verify the certificate against the trusted roots
verify_certificate_chain(
cert, trust_roots, ignore_self_signed=IGNORE_SELF_SIGNED_CERTS)
return asymmetric.load_certificate(self.encrypt_cert)
def load_encrypt_cert(self):
"""Load the encryption certificate of the partner and returned the parsed cert."""
if self.validate_certs:
# Convert the certificate to DER format
cert = pem_to_der(self.encrypt_cert, return_multiple=False)
# Convert the ca certificate to DER format
if self.encrypt_cert_ca:
trust_roots = pem_to_der(self.encrypt_cert_ca)
else:
trust_roots = []
# Verify the certificate against the trusted roots
verify_certificate_chain(
cert, trust_roots, ignore_self_signed=self.ignore_self_signed)
return asymmetric.load_certificate(self.encrypt_cert)
def test_cert_verification():
"""Test the verification of a certificate chain."""
with open(os.path.join(TEST_DIR, "cert_sb2bi_public.pem"), "rb") as fp:
certificate = utils.pem_to_der(fp.read(), return_multiple=False)
with pytest.raises(AS2Exception):
utils.verify_certificate_chain(certificate,
trusted_certs=[],
ignore_self_signed=False)
