import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.codec.binary.Base64;

import java.util.ArrayList;
import java.util.List;

/**

• PEM Certificates reader with an encoding fallback for base-64 encoded pem string.
• This will extract all trusted certificates from a .pem file content

• @author ney.br.santos@gmail.com
  */
  @Slf4j
  public class CertificatesConfigReader {

  private static final String BEGIN_CERTIFICATE = "-----BEGIN CERTIFICATE-----";
  private static final String END_CERTIFICATE = "-----END CERTIFICATE-----";

  public List<String> loadCertificates(String pemFileContent) {

  String decodedPemFile = decodeIfRequired(pemFileContent);
  
  int nrOfCertificates = count(decodedPemFile, BEGIN_CERTIFICATE);
  log.debug("================= Number of trusted certificates found in .pem file is {}", nrOfCertificates);
  
  List<String> certificates = new ArrayList<>();
  int certificateIndex = 0;
  
  for (int i = 0; i < nrOfCertificates; ++i) {
      DelimitedString delimitedString = getDelimitedSubstring(decodedPemFile, BEGIN_CERTIFICATE, END_CERTIFICATE, certificateIndex);
      certificates.add(delimitedString.getContent());
      certificateIndex = delimitedString.getStart() + 1;
  }
  return certificates;

  }

  /**

  • Count occurrences of a target string into string being tested
  • @param str String being tested
  • @param target target string to count occurrences
  • @return number of occurrences
    */
    private static int count(String str, String target) {
    return (str.length() - str.replace(target, "").length()) / target.length();
    }

  /**

  • Check if provide pem content is base-64 encoded and decode it
  • @param pemFileContent pem content string to decode
  • @return decoded pem content string
    */
    private String decodeIfRequired(String pemFileContent) {
    if (Base64.isBase64(pemFileContent.getBytes())) {
    return new String(Base64.decodeBase64(pemFileContent));
    }
    return pemFileContent;
    }

  /**

  • Returns the first substring that is enclosed by the specified
  • delimiters.
  • <br>
  • The delimiters are not included in the return string.
  • <p>
  • Example:<br> getDelimitedSubstring( "This {placeholder} belongs to me",
  • "{", "}" ) --> returns "placeholder"
  • </p>
  • @param text The input string that contains the delimited part
  • @param startDelimiter The start delimiter of the substring
  • @param endDelimiter The end delimiter of the substring
  • @param fromIndex the index from which to start the search.

  • @return The DelimitedString or an empty DelimitedString, if no delimiters are found.
    */
    private DelimitedString getDelimitedSubstring(String text, String startDelimiter, String endDelimiter, int fromIndex) {
    int start = 0;
    int stop = 0;
    String subStr = "";

    if ((text != null) && (startDelimiter != null) && (endDelimiter != null)) {
    start = text.indexOf(startDelimiter, fromIndex);

    if (start >= 0) {
        stop = text.indexOf(endDelimiter, start + 1);
    
        if (stop > start) {
            subStr = text.substring(start + 1, stop + endDelimiter.length());
        }
    }

    }
    return new DelimitedString(start, stop, subStr);
    }

  @Data
  @AllArgsConstructor
  static class DelimitedString {
  int start;
  int stop;
  String content;
  }
  }