[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] Using CertificateFactory to read certificates in multiple formats

I'm looking for a way to use the CertificateFactory to read in certificates
from a file in multiple formats. (DER, base64 encoded, PKCS7). How can I use
the IAIK toolkit to automatically figure out what type of format the
certificates are in and read them in from file? I am writing a tool similiar
to the JDK "keytool" command that allows you to do this.

Suns implementation of the CertificateFactory allows you to do the following
regardless of the actual input file format and it magically figures out the
file format and does the right thing.
	FileInputStream fis = new FileInputStream(certFile);
	CertificateFactory cf = CertificateFactory.getInstance("X.509");
	Collection c = cf.generateCertificates(fis);
	Certificate[] certs = (Certificate[])c.toArray(); 

In the IAIK implementation, however, this doesn't work. The above code works
fine if the input file is in PKCS7 format, but I get a certificate parsing
exception in any other format.

So as an alternative I've also tried to use the IAIK CertificateFactory to
read the certs from the file one at a time as follows.

 FileInputStream fis = new FileInputStream(filename);
 DataInputStream dis = new DataInputStream(fis);

 CertificateFactory cf = CertificateFactory.getInstance("X.509");

 byte[] bytes = new byte[dis.available()];
 ByteArrayInputStream bais = new ByteArrayInputStream(bytes);

 while (bais.available() > 0) {
    Certificate cert = cf.generateCertificate(bais);

This works for DER encoded files, but not PKCS7. So what is the best way to
use the toolkit to read in certificates in multiple file formats?

Joe Sanfilippo

Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-jce