Remove `bouncycastle` deps for `sslcontext-kickstart-for-pem`

[sureshg]

Thanks for this nice useful library. This makes it easy for Java/Kotlin developers to configure the SSLContext. Bouncycastle dependency is huge (more than 10 MBs including transitive dependencies), and these days we can read the PEM with just pure JDK standard libraries. So this is a feature request to remove the BC and add something like the following using just the JDK APIs.

• https://gist.github.com/dain/29ce5c135796c007f9ec88e82ab21822#file-pemreader-java
• https://github.com/airlift/airlift/tree/master/security/src/main/java/io/airlift/security

[Hakky54]

Hi @sureshg thank you for suggesting to replace bouncy castle. The bouncy castle transitive dependency is indeed 10 MB which is also to me a bit too much.

In the past I did an attempt to handle pen files without additional dependencies and to be honest I could not find a way to handle all of the different pem files which I have added in the test resources. The links which you provided are useful, I will give it a try, let's see how it will work out. I will be able to work on this topic in September because I need to finish other work. Feel free to submit a pull request or else I will work on it in September

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[Hakky54]

@sureshg

I have spent some time to get it working, however faced some challanges. Both of the links you shared didn't work with all of the pem files which I have in the test resources. I even tried pem-utils of Christopher Schultz and that one also failed to parsed them all.

Would you like to give it a try?