diff options
author | Bjørn Christian Seime <bjorncs@oath.com> | 2017-10-27 14:56:40 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@oath.com> | 2017-10-27 14:56:40 +0200 |
commit | 19e135d381c55b2674eb911b6350114e424d8f41 (patch) | |
tree | c3d7baf87e35c3e4e3ee83a47c5307657c99743f /container-disc/src/main/java | |
parent | 62c71c21fe10ceebd79f5cb0c75f9a1af67ea53a (diff) |
Add method to parse PEM encoded x509 certificates
Diffstat (limited to 'container-disc/src/main/java')
-rw-r--r-- | container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/CryptoUtils.java | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/CryptoUtils.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/CryptoUtils.java index 395681f1f35..8b24cf94d8a 100644 --- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/CryptoUtils.java +++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/CryptoUtils.java @@ -6,6 +6,7 @@ import org.bouncycastle.asn1.x509.Extension; import org.bouncycastle.asn1.x509.ExtensionsGenerator; import org.bouncycastle.asn1.x509.GeneralName; import org.bouncycastle.asn1.x509.GeneralNames; +import org.bouncycastle.openssl.PEMParser; import org.bouncycastle.openssl.jcajce.JcaPEMWriter; import org.bouncycastle.operator.OperatorCreationException; import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; @@ -16,11 +17,13 @@ import org.bouncycastle.util.io.pem.PemObject; import javax.security.auth.x500.X500Principal; import java.io.IOException; +import java.io.StringReader; import java.io.StringWriter; import java.io.UncheckedIOException; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; +import java.security.cert.X509Certificate; /** * @author bjorncs @@ -79,4 +82,16 @@ class CryptoUtils { throw new UncheckedIOException(e); } } + + static X509Certificate parseCertificate(String pemEncodedCertificate) { + try (PEMParser parser = new PEMParser(new StringReader(pemEncodedCertificate))) { + Object pemObject = parser.readObject(); + if (!(pemObject instanceof X509Certificate)) { + throw new IllegalArgumentException("Expeceted X509Certificate instance, got " + pemObject); + } + return (X509Certificate) pemObject; + } catch (IOException e) { + throw new UncheckedIOException(e); + } + } } |