def _ParsePemChainFromFile(self, pem_chain_file):
"""Parses a pem chain from a file, splitting the leaf cert and chain.
Args:
pem_chain_file: file containing the pem_chain.
Raises:
exceptions.InvalidArgumentException if not enough certificates are
included.
Returns:
A tuple with (leaf_cert, rest_of_chain)
"""
try:
pem_chain_input = files.ReadFileContents(pem_chain_file)
except (files.Error, OSError, IOError):
raise exceptions.BadFileException(
"Could not read provided PEM chain file '{}'.".format(
pem_chain_file))
certs = pem_utils.ValidateAndParsePemChain(pem_chain_input)
if len(certs) < 2:
raise exceptions.InvalidArgumentException(
'pem-chain',
'The pem_chain must include at least two certificates - the subordinate CA certificate and an issuer certificate.'
)
return certs[0], certs[1:]
def _ParsePemChainFromFile(pem_chain_file):
"""Parses a pem chain from a file.
Args:
pem_chain_file: file containing the pem_chain.
Returns:
The string list of certs in the chain.
"""
try:
pem_chain_input = files.ReadFileContents(pem_chain_file)
return pem_utils.ValidateAndParsePemChain(pem_chain_input)
except (files.Error, OSError, IOError):
raise exceptions.InvalidArgumentException(
'pem-chain', "Could not read provided PEM chain file '{}'.".format(
pem_chain_file))
def testInvalidPemChain(self):
pem_chain = CERT1 + '\n' + CERT2 + '-----END CERTIFICATE-----'
with self.AssertRaisesExceptionMatches(
exceptions.InvalidArgumentException, 'pem-chain'):
pem_utils.ValidateAndParsePemChain(pem_chain)
def testInvalidPemChainGarbage(self):
pem_chain = 'asdadsasd'
with self.AssertRaisesExceptionMatches(
exceptions.InvalidArgumentException, 'pem-chain'):
pem_utils.ValidateAndParsePemChain(pem_chain)
def testValidateAndParseCAChain(self):
pem_chain = CERT1 + '\n' + CERT2 + '\n' + CERT3
chain = pem_utils.ValidateAndParsePemChain(pem_chain)
self.assertEqual(chain, [CERT1, CERT2, CERT3])
