let openssl figure out certificate format

background: common converted pkcs#12 certificates from openssl do not start with string '-----' because they include a 'Bag Attributes' header
2012-10-03 15:46:27 +02:00 · 2012-10-03 15:46:27 +02:00 · aafb412487
parent dc218d8e40
commit aafb412487
1 changed files with 5 additions and 4 deletions
--- a/rfc3161/api.py
+++ b/rfc3161/api.py
@ -26,10 +26,11 @@ def check_timestamp(tst, certificate, data=None, sha1=None):
        if substrate:
            return False, "extra data after tst"
    signed_data = tst.content
-    if certificate.startswith('-----'):
-        certificate = X509.load_cert_string(certificate, X509.FORMAT_PEM)
-    elif certificate:
-        certificate = X509.load_cert_string(certificate, X509.FORMAT_DER)
+    if certificate != "":
+        try:
+            certificate = X509.load_cert_string(certificate, X509.FORMAT_PEM)
+        except:
+            certificate = X509.load_cert_string(certificate, X509.FORMAT_DER)
    else:
        return False, "missing certificate"
    # check message imprint with respect to locally computed digest