Make it possible to load certificates from the classpath and not just a filename
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java
index 9b37eb2..b47a46f 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java
@@ -358,8 +358,11 @@
X509Certificate x509Certificate = null;
try {
- x509Certificate = (X509Certificate) CertificateHelper.loadCerts(
- anchorFileName).iterator().next();
+ List<java.security.cert.Certificate> certs =
+ CertificateHelper.loadCerts(anchorFileName);
+ if (certs != null && !certs.isEmpty()) {
+ x509Certificate = (X509Certificate) certs.iterator().next();
+ }
} catch (KrbException e) {
e.printStackTrace();
}
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/CertificateHelper.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/CertificateHelper.java
index db96ed6..53096d4 100644
--- a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/CertificateHelper.java
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/CertificateHelper.java
@@ -21,6 +21,7 @@
import org.apache.kerby.kerberos.kerb.KrbException;
+import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
@@ -35,12 +36,19 @@
public static List<Certificate> loadCerts(String filename) throws KrbException {
+
+ File file = new File(filename);
InputStream res = null;
- try {
- res = new FileInputStream(filename);
- } catch (FileNotFoundException e) {
- e.printStackTrace();
+ if (file.isFile()) {
+ try {
+ res = new FileInputStream(file);
+ } catch (FileNotFoundException e) {
+ e.printStackTrace();
+ }
+ } else {
+ res = CertificateHelper.class.getClassLoader().getResourceAsStream(filename);
}
+
return loadCerts(res);
}