Support for client certificate chains (docker-java#1371)

silme · bsideup · web-flow · commit ee2b24911b03 · 2020-06-01T09:56:55.000+02:00
* Support for client certificate chains

* Add test for client certificate chains

Co-authored-by: Sergei Egorov &lt;segorov@pivotal.io&gt;
diff --git a/docker-java-core/src/main/java/com/github/dockerjava/core/util/CertificateUtils.java b/docker-java-core/src/main/java/com/github/dockerjava/core/util/CertificateUtils.java
@@ -89,11 +89,13 @@ public static List<Certificate> loadCertificates(final Reader reader) throws IOE
 
             JcaX509CertificateConverter certificateConverter = new JcaX509CertificateConverter()
                     .setProvider(BouncyCastleProvider.PROVIDER_NAME);
-            Object certObj = pemParser.readObject();
+            Object certObj;
 
-            if (certObj instanceof X509CertificateHolder) {
-                X509CertificateHolder certificateHolder = (X509CertificateHolder) certObj;
-                certificates.add(certificateConverter.getCertificate(certificateHolder));
+            while ((certObj = pemParser.readObject()) != null) {
+                if (certObj instanceof X509CertificateHolder) {
+                    X509CertificateHolder certificateHolder = (X509CertificateHolder) certObj;
+                    certificates.add(certificateConverter.getCertificate(certificateHolder));
+                }
             }
 
             return certificates;
diff --git a/docker-java/src/test/java/com/github/dockerjava/core/util/CertificateUtilsTest.java b/docker-java/src/test/java/com/github/dockerjava/core/util/CertificateUtilsTest.java
@@ -11,6 +11,8 @@
 import java.nio.file.Paths;
 import java.security.KeyStore;
 import java.security.Security;
+import java.security.cert.Certificate;
+import java.util.List;
 
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.core.Is.is;
@@ -86,6 +88,20 @@ public void readMultipleCaCerts() throws Exception {
         assertThat(keyStore.isCertificateEntry("ca-2"), is(true));
     }
 
+    @Test
+    public void readCert() throws Exception {
+        String certpem = readFileAsString("caTest/single_ca.pem");
+        List<Certificate> certs = CertificateUtils.loadCertificates(certpem);
+        assertThat(certs.size(), is(1));
+    }
+
+    @Test
+    public void readMultipleCerts() throws Exception {
+        String certpem = readFileAsString("caTest/multiple_ca.pem");
+        List<Certificate> certs = CertificateUtils.loadCertificates(certpem);
+        assertThat(certs.size(), is(2));
+    }
+
     private String readFileAsString(String path) throws IOException {
         return new String(Files.readAllBytes(Paths.get(new File(baseDir + path).getPath())));
     }
