in src/local_gpu_verifier/src/verifier/rim/__init__.py [0:0]
def extract_certificates(self):
""" Extracts all the x509 certificate in PEM format from the base RIM.
Raises:
ElementNotFoundError: it is raised if the required element is not present.
InvalidCertificateError: it is raised if there is any problem in
extracting the X509 certificate from the RIM file.
Returns:
[bytes]: the X509 PEM certificate data.
"""
try:
Signature = RIM.get_element(self.root, "Signature")
if Signature is None:
err_msg = "No Signature found in the RIM."
info_log.error(err_msg)
raise ElementNotFoundError(err_msg)
KeyInfo = RIM.get_element(Signature, "KeyInfo")
if KeyInfo is None:
err_msg = "No KeyInfor found in the RIM."
info_log.error(err_msg)
raise ElementNotFoundError(err_msg)
X509Data = RIM.get_element(KeyInfo, "X509Data")
if X509Data is None:
err_msg = "X509Data not found in the RIM."
info_log.error(err_msg)
raise ElementNotFoundError(err_msg)
X509Certificates = RIM.get_all_elements(X509Data, "X509Certificate")
if len(X509Certificates) == 0:
err_msg = "X509Certificates not found in the RIM."
info_log.error(err_msg)
raise ElementNotFoundError(err_msg)
result = list()
for i in range(len(X509Certificates) - 1):
header = "-----BEGIN CERTIFICATE-----\n"
cert_string = X509Certificates[i].text
cert_string = cert_string.replace(' ','')
tail = "-----END CERTIFICATE-----\n"
final = header + cert_string + tail
cert_bytes = final.encode()
x509_cert_object = crypto.load_certificate(type=crypto.FILETYPE_PEM, buffer=cert_bytes)
if not isinstance(x509_cert_object, crypto.X509):
raise ValueError()
result.append(x509_cert_object)
except Exception as error:
info_log.error(error)
err_msg = "\t\tThere was a problem while extracting the X509 certificate from the RIM."
info_log.info(err_msg)
raise InvalidCertificateError(err_msg)
return result