From 19ce2328ea703714cd9ddfc26e0edd0169f2de2b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Richard=20K=C3=B6rber?= <github@shredzone.org>
Date: Sun, 20 Dec 2015 22:45:58 +0100
Subject: [PATCH] Add a method to read a X509Certificate

---
 .../acme4j/util/CertificateUtils.java         | 33 +++++++++++++++++++
 .../acme4j/util/CertificateUtilsTest.java     | 19 +++++------
 2 files changed, 41 insertions(+), 11 deletions(-)

diff --git a/acme4j-utils/src/main/java/org/shredzone/acme4j/util/CertificateUtils.java b/acme4j-utils/src/main/java/org/shredzone/acme4j/util/CertificateUtils.java
index 3769e767..25ca9742 100644
--- a/acme4j-utils/src/main/java/org/shredzone/acme4j/util/CertificateUtils.java
+++ b/acme4j-utils/src/main/java/org/shredzone/acme4j/util/CertificateUtils.java
@@ -14,7 +14,12 @@
 package org.shredzone.acme4j.util;
 
 import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.OutputStreamWriter;
 import java.io.Writer;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
 
 import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
@@ -32,6 +37,34 @@ public final class CertificateUtils {
         // utility class without constructor
     }
 
+    /**
+     * Reads an {@link X509Certificate} PEM file from an {@link InputStream}.
+     *
+     * @param in
+     *            {@link InputStream} to read the certificate from.
+     * @return {@link X509Certificate} that was read
+     */
+    public static X509Certificate readX509Certificate(InputStream in) throws IOException {
+        try (InputStream uin = in) {
+            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
+            return (X509Certificate) certificateFactory.generateCertificate(uin);
+        } catch (CertificateException ex) {
+            throw new IOException(ex);
+        }
+    }
+
+    /**
+     * Writes an X.509 certificate PEM file.
+     *
+     * @param cert
+     *            {@link X509Certificate} to write
+     * @param out
+     *            {@link OutputStream} to write the PEM file to
+     */
+    public static void writeX509Certificate(X509Certificate cert, OutputStream out) throws IOException {
+        writeX509Certificate(cert, new OutputStreamWriter(out, "utf-8"));
+    }
+
     /**
      * Writes an X.509 certificate PEM file.
      *
diff --git a/acme4j-utils/src/test/java/org/shredzone/acme4j/util/CertificateUtilsTest.java b/acme4j-utils/src/test/java/org/shredzone/acme4j/util/CertificateUtilsTest.java
index a7f9da3d..c9421e60 100644
--- a/acme4j-utils/src/test/java/org/shredzone/acme4j/util/CertificateUtilsTest.java
+++ b/acme4j-utils/src/test/java/org/shredzone/acme4j/util/CertificateUtilsTest.java
@@ -17,9 +17,9 @@ import static org.hamcrest.Matchers.*;
 import static org.junit.Assert.assertThat;
 
 import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
-import java.io.StringWriter;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
@@ -44,12 +44,12 @@ public class CertificateUtilsTest {
     }
 
     /**
-     * Test if
+     * Test if {@link CertificateUtils#readX509Certificate(InputStream)} reads and
      * {@link CertificateUtils#writeX509Certificate(X509Certificate, java.io.Writer)}
      * writes a proper X.509 certificate.
      */
     @Test
-    public void testWriteX509Certificate() throws IOException, CertificateException {
+    public void testReadWriteX509Certificate() throws IOException, CertificateException {
         // Read a demonstration certificate
         X509Certificate original;
         try (InputStream cert = getClass().getResourceAsStream("/cert.pem")) {
@@ -58,23 +58,20 @@ public class CertificateUtilsTest {
         assertThat(original, is(notNullValue()));
 
         // Write to StringWriter
-        String pem;
-        try (StringWriter out = new StringWriter()) {
+        byte[] pem;
+        try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
             CertificateUtils.writeX509Certificate(original, out);
-            pem = out.toString();
+            pem = out.toByteArray();
         }
 
         // Make sure it is a good PEM file
-        assertThat(pem, RegexMatchers.matchesPattern(
+        assertThat(new String(pem, "utf-8"), RegexMatchers.matchesPattern(
                         "-----BEGIN CERTIFICATE-----[\\r\\n]+"
                       + "([a-zA-Z0-9/+=]+[\\r\\n]+)+"
                       + "-----END CERTIFICATE-----[\\r\\n]*"));
 
         // Read it back in
-        X509Certificate written;
-        try (InputStream cert = new ByteArrayInputStream(pem.getBytes("utf-8"))) {
-            written = (X509Certificate) certificateFactory.generateCertificate(cert);
-        }
+        X509Certificate written = CertificateUtils.readX509Certificate(new ByteArrayInputStream(pem));
 
         // Verify that both certificates are the same
         assertThat(original.getEncoded(), is(equalTo(written.getEncoded())));