handle server certificate is none

fb6e6117 · Alexander Schrode · oroulet · caa898c4 · fb6e6117
Commit fb6e6117 authored Mar 27, 2023 by Alexander Schrode Committed by oroulet Mar 28, 2023
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 7 deletions

asyncua/client/client.py asyncua/client/client.py +9 -7

No files found.
--- a/asyncua/client/client.py
+++ b/asyncua/client/client.py
@@ -468,13 +468,15 @@ class Client:
            data = self.security_policy.host_certificate + nonce
        self.security_policy.asymmetric_cryptography.verify(data, response.ServerSignature.Signature)
        self._server_nonce = response.ServerNonce
-        # If a server has certificate chain, the certificates are chained
-        # this generates a error in our crypto part, so we strip everything after
-        # the server cert. To do this we read byte 2:4 and get the length - 4
-        cert_len_idx = 2
-        len_bytestr = response.ServerCertificate[cert_len_idx:cert_len_idx + 2]
-        cert_len = int.from_bytes(len_bytestr, byteorder="big", signed=False) + 4
-        server_certificate = response.ServerCertificate[:cert_len]
+        server_certificate = None
+        if response.ServerCertificate is not None:
+            # If a server has certificate chain, the certificates are chained
+            # this generates a error in our crypto part, so we strip everything after
+            # the server cert. To do this we read byte 2:4 and get the length - 4
+            cert_len_idx = 2
+            len_bytestr = response.ServerCertificate[cert_len_idx:cert_len_idx + 2]
+            cert_len = int.from_bytes(len_bytestr, byteorder="big", signed=False) + 4
+            server_certificate = response.ServerCertificate[:cert_len]
        if not self.security_policy.peer_certificate:
            self.security_policy.peer_certificate = server_certificate
        elif self.security_policy.peer_certificate != server_certificate: