Setter for certificate and certificate_chain ?

[martenrichter]

Would it be possible to have a stable setter function for certificate and certificate_chain to load a certificate in memory without an external file? (see

aioquic/src/aioquic/quic/configuration.py

Line 107 in 7f27a0b

certificate: Any = None

)
So far, I used accessed the internal variable directly, but this may not be a good idea for a wpt test:
web-platform-tests/wpt#50263

[jlaine]

Hi!

I assume you would also need a setter for the private key?

While, I'm not opposed to it, it does mean committing to using cryptography's certificate / private key classes as part of our public API:

• For certificates, the type annotation is quite straight-forward: cryptography.x509.Certificate
• For private keys it's less obvious, it would probably have to be a Union of all the private key types we support

[martenrichter]

Yes, it would also be for the private Key. Currently, I do:

configuration.private_key =  serialization.load_pem_private_key(self.cert_hash_info["private_key"],
                                                                            password=None
                                                                            )
configuration.certificate = x509.load_pem_x509_certificate(self.cert_hash_info["certificate"])
configuration.certificate_chain = []

However, it can also be another format, such as a string with a PEM inside, or some else stable.