Try to decompress cert in get_certificate

elibon99 · elibon99 · commit c5a416755d4c · 2025-06-18T10:14:27.000+02:00
diff --git a/tests/device/test_opaque.py b/tests/device/test_opaque.py
@@ -124,8 +124,6 @@ def test_compressed_certificate(session):
         certificate,
         compress=True,
     )
-    assert certobj.get_certificate() == compressed_certobj.get_certificate(
-        decompress=True
-    )
+    assert certobj.get_certificate() == compressed_certobj.get_certificate()
     assert certobj.get() != compressed_certobj.get()
     assert len(certobj.get()) > len(compressed_certobj.get())
diff --git a/yubihsm/objects.py b/yubihsm/objects.py
@@ -369,6 +369,7 @@ def put_certificate(
         :param domains: The set of domains to assign the object to.
         :param capabilities: The set of capabilities to give the object.
         :param certificate: A certificate to import.
+        :param compress: (optional) Compress the certificate.
         :return: A reference to the newly created object.
         """
         encoded_cert = certificate.public_bytes(Encoding.DER)
@@ -384,14 +385,17 @@ def put_certificate(
             encoded_cert,
         )
 
-    def get_certificate(self, decompress: bool = False) -> x509.Certificate:
+    def get_certificate(self) -> x509.Certificate:
         """Read an Opaque object from the YubiHSM, parsed as a certificate.
 
         :return: The certificate stored for the object.
         """
         cert_data = self.get()
-        if decompress:
+        try:
+            # Try to decompress cert
             cert_data = gzip.decompress(cert_data)
+        except gzip.BadGzipFile:
+            pass
         return x509.load_der_x509_certificate(cert_data, default_backend())
 
 
