public static Certificate readCertificate(InputStream stream) throws FileNotFoundException, CertificateException, IOException { CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); Collection<? extends java.security.cert.Certificate> certs = certFactory.generateCertificates(stream); java.security.cert.Certificate sunCert = (java.security.cert.Certificate) certs.toArray()[0]; byte[] certBytes = sunCert.getEncoded(); ASN1Primitive asn1Cert = TlsUtils.readASN1Object(certBytes); org.bouncycastle.asn1.x509.Certificate cert = org.bouncycastle.asn1.x509.Certificate.getInstance(asn1Cert); org.bouncycastle.asn1.x509.Certificate[] certs2 = new org.bouncycastle.asn1.x509.Certificate[1]; certs2[0] = cert; org.bouncycastle.crypto.tls.Certificate tlsCerts = new org.bouncycastle.crypto.tls.Certificate(certs2); return tlsCerts; }
ASN1Primitive asn1Cert = TlsUtils.readASN1Object(berEncoding); certificate_list.addElement(org.bouncycastle.asn1.x509.Certificate.getInstance(asn1Cert));
public static ASN1Primitive readDERObject(byte[] encoding) throws IOException { /* * NOTE: The current ASN.1 parsing code can't enforce DER-only parsing, but since DER is * canonical, we can check it by re-encoding the result and comparing to the original. */ ASN1Primitive result = readASN1Object(encoding); byte[] check = result.getEncoded(ASN1Encoding.DER); if (!Arrays.areEqual(check, encoding)) { throw new TlsFatalAlert(AlertDescription.decode_error); } return result; }
public static ASN1Primitive readDERObject(byte[] encoding) throws IOException { /* * NOTE: The current ASN.1 parsing code can't enforce DER-only parsing, but since DER is * canonical, we can check it by re-encoding the result and comparing to the original. */ ASN1Primitive result = readASN1Object(encoding); byte[] check = result.getEncoded(ASN1Encoding.DER); if (!Arrays.areEqual(check, encoding)) { throw new TlsFatalAlert(AlertDescription.decode_error); } return result; }