Load CA bundle as bytes, not text

A CA bundle may contain non-ASCII characters (e.g., CA distinguished names may include accents). When we try to encode these into bytes, the choise of the "ascii" codec causes a UnicodeError to be thrown. Since we don't actaully want to do anythign with the CA bundle other than pass it to cryptograhpy, just load it as bytes in the first place. Fixes: nabla-c0d3#670
yrro · Nov 1, 2024 · ab27cc4 · ab27cc4
1 parent 761892b
commit ab27cc4
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/sslyze/plugins/certificate_info/trust_stores/trust_store.py b/sslyze/plugins/certificate_info/trust_stores/trust_store.py
@@ -52,7 +52,7 @@ def __init__(self, path: Path, name: str, version: str, ev_oids: Optional[List[O
         self.version = version
         self.ev_oids = ev_oids
 
-        self._x509_store = Store(load_pem_x509_certificates(self.path.read_text().encode("ascii")))
+        self._x509_store = Store(load_pem_x509_certificates(self.path.read_bytes()))
 
     def is_certificate_extended_validation(self, certificate: Certificate) -> bool:
         """Is the supplied server certificate EV?"""