Support reading PEM files in TLSLite

third_party/tlslite/tlslite/X509CertChain.py

Index: third_party/tlslite/tlslite/X509CertChain.py
diff --git a/third_party/tlslite/tlslite/X509CertChain.py b/third_party/tlslite/tlslite/X509CertChain.py
index 6bb503e43eefa9f01f9c7ec89cb9393f35b1148a..db55fa5a32456bc31f5959ea7e313b85a2fccf73 100644
--- a/third_party/tlslite/tlslite/X509CertChain.py
+++ b/third_party/tlslite/tlslite/X509CertChain.py
@@ -1,6 +1,7 @@
 """Class representing an X.509 certificate chain."""
 
 from utils import cryptomath
+from X509 import X509
 
 class X509CertChain:
     """This class represents a chain of X.509 certificates.
@@ -24,6 +25,66 @@ class X509CertChain:
         else:
             self.x509List = []
 
+    def parseChain(self, s):
+        """Parse a PEM-encoded X.509 certificate file chain file.

[wtc, 2012/03/02 23:32:18]

Typo: certificate file chain file => certificate chain file

+
+        @type s: str
+        @param s: A PEM-encoded (eg: Base64) X.509 certificate file, with every

[wtc, 2012/03/02 23:32:18]

Should we say "certificate chain file" instead?

+        certificate wrapped within "-----BEGIN CERTIFICATE-----" and
+        "-----END CERTIFICATE-----" tags). Extraneous data outside such tags,

[wtc, 2012/03/02 23:32:18]

Remove the closing ')' after "tags".  Make the same fix on
line 44.

+        such as human readable representations, will be ignored.
+        """
+
+        class PEMIterator(object):
+            """Simple iterator over PEM-encoded certificates within a string.
+
+            @type data: string
+            @ivar data: A string containing PEM-encoded (Base64) certificates,
+            with every certificate wrapped within "-----BEGIN CERTIFICATE-----"
+            and "-----END CERTIFICATE-----" tags). Extraneous data outside such
+            tags, such as human readable representations, will be ignored.
+
+            @type index: integer
+            @ivar index: The current offset within data to begin iterating from.
+            """
+
+            _CERTIFICATE_HEADER = "-----BEGIN CERTIFICATE-----"
+            """The PEM encoding block header for X.509 certificates."""
+
+            _CERTIFICATE_FOOTER = "-----END CERTIFICATE-----"
+            """The PEM encoding block footer for X.509 certificates."""
+
+            def __init__(self, s):
+                self.data = s
+                self.index = 0
+
+            def __iter__(self):
+                return self
+
+            def next(self):
+                """Iterates and returns the next L{tlslite.X509.X509}
+                certificate in data.
+
+                @rtype tlslite.X509.X509
+                """
+
+                self.index = self.data.find(self._CERTIFICATE_HEADER,
+                                            self.index)
+                if self.index == -1:
+                    raise StopIteration
+                end = self.data.find(self._CERTIFICATE_FOOTER, self.index)
+                if end == -1:
+                    raise StopIteration
+
+                certStr = self.data[self.index+len(self._CERTIFICATE_HEADER) :

[wtc, 2012/03/02 23:32:18]

Nit: add spaces around the '+'?  Or are you trying to stay
under the 80-char limit?

+                                    end]
+                self.index = end + len(self._CERTIFICATE_FOOTER)
+                bytes = cryptomath.base64ToBytes(certStr)
+                return X509().parseBinary(bytes)
+
+        self.x509List = list(PEMIterator(s))
+        return self
+
     def getNumCerts(self):
         """Get the number of certificates in this chain.