in src/local_gpu_verifier/src/verifier/nvml/gpu_cert_chains.py [0:0]
def extract_cert_chain(cls, bin_cert_chain_data):
""" A class method that takes in the raw data coming in from the nvml api as the gpu certificate chain in PEM format
and then parse it to extract the individual certificates from the certificate chain.
Args:
bin_cert_chain_data (bytes): the certificate chain in PEM format.
Returns:
[list] : List of the certificates extracted from the given cert chain.
"""
try:
assert type(bin_cert_chain_data) is bytes
PEM_CERT_END_DELIMITER = '-----END CERTIFICATE-----'
start_index = 0
end_index = None
str_data = bin_cert_chain_data.decode()
cert_obj_list = list()
for itr in re.finditer(PEM_CERT_END_DELIMITER, str_data):
end_index = itr.start()
cert_obj_list.append(crypto.load_certificate(crypto.FILETYPE_PEM, \
str_data[start_index : end_index + len(PEM_CERT_END_DELIMITER)]))
start_index = end_index + len(PEM_CERT_END_DELIMITER) + len('\n')
if len(str_data) < start_index:
break
return cert_obj_list
except Exception as err:
info_log.error(err)
err_msg = "\tSomething went wrong while extracting the individual certificates from the certificate chain."
event_log.error(err_msg)
raise CertExtractionError(err_msg)