Last active
December 25, 2015 17:09
-
-
Save serac/7011620 to your computer and use it in GitHub Desktop.
Use Spring Resource abstraction for describing PKI credential locations.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Index: src/main/java/net/shibboleth/ext/spring/factory/PrivateKeyFactoryBean.java | |
| =================================================================== | |
| --- src/main/java/net/shibboleth/ext/spring/factory/PrivateKeyFactoryBean.java (revision 459) | |
| +++ src/main/java/net/shibboleth/ext/spring/factory/PrivateKeyFactoryBean.java (working copy) | |
| @@ -17,8 +17,6 @@ | |
| package net.shibboleth.ext.spring.factory; | |
| -import java.io.File; | |
| -import java.io.FileInputStream; | |
| import java.security.PrivateKey; | |
| import java.security.Security; | |
| @@ -31,6 +29,7 @@ | |
| import org.bouncycastle.jce.provider.BouncyCastleProvider; | |
| import org.springframework.beans.factory.BeanCreationException; | |
| import org.springframework.beans.factory.FactoryBean; | |
| +import org.springframework.core.io.Resource; | |
| import edu.vt.middleware.crypt.util.CryptReader; | |
| @@ -41,8 +40,8 @@ | |
| */ | |
| public class PrivateKeyFactoryBean implements FactoryBean<PrivateKey> { | |
| - /** Private key file. */ | |
| - private File keyFile; | |
| + /** Resource containing private key data. */ | |
| + private Resource resource; | |
| /** Password for the private key. */ | |
| private String keyPass; | |
| @@ -51,12 +50,12 @@ | |
| private PrivateKey key; | |
| /** | |
| - * Sets the file containing the private key. | |
| + * Sets the resource containing the private key. | |
| * | |
| - * @param file private key file, never null | |
| + * @param resource Resource containing private key data. | |
| */ | |
| - public void setPrivateKeyFile(@Nonnull final File file) { | |
| - keyFile = Constraint.isNotNull(file, "Private key file can not be null"); | |
| + public void setPrivateKey(@Nonnull final Resource resource) { | |
| + this.resource = Constraint.isNotNull(resource, "Private key can not be null"); | |
| } | |
| /** | |
| @@ -71,15 +70,15 @@ | |
| /** {@inheritDoc} */ | |
| public PrivateKey getObject() throws Exception { | |
| if (key == null) { | |
| - if (keyFile == null) { | |
| - throw new BeanCreationException("Private key file must be provided in order to use this factory."); | |
| + if (resource == null) { | |
| + throw new BeanCreationException("Private key must be provided in order to use this factory."); | |
| } | |
| Security.addProvider(new BouncyCastleProvider()); | |
| if (keyPass == null) { | |
| - key = CryptReader.readPrivateKey(new FileInputStream(keyFile)); | |
| + key = CryptReader.readPrivateKey(resource.getInputStream()); | |
| } else { | |
| - key = CryptReader.readPrivateKey(new FileInputStream(keyFile), keyPass.toCharArray()); | |
| + key = CryptReader.readPrivateKey(resource.getInputStream(), keyPass.toCharArray()); | |
| } | |
| } | |
| Index: src/main/java/net/shibboleth/ext/spring/factory/PublicKeyFactoryBean.java | |
| =================================================================== | |
| --- src/main/java/net/shibboleth/ext/spring/factory/PublicKeyFactoryBean.java (revision 459) | |
| +++ src/main/java/net/shibboleth/ext/spring/factory/PublicKeyFactoryBean.java (working copy) | |
| @@ -17,8 +17,6 @@ | |
| package net.shibboleth.ext.spring.factory; | |
| -import java.io.File; | |
| -import java.io.FileInputStream; | |
| import java.security.PublicKey; | |
| import java.security.Security; | |
| @@ -29,6 +27,7 @@ | |
| import org.bouncycastle.jce.provider.BouncyCastleProvider; | |
| import org.springframework.beans.factory.BeanCreationException; | |
| import org.springframework.beans.factory.FactoryBean; | |
| +import org.springframework.core.io.Resource; | |
| import edu.vt.middleware.crypt.util.CryptReader; | |
| @@ -39,30 +38,30 @@ | |
| */ | |
| public class PublicKeyFactoryBean implements FactoryBean<PublicKey> { | |
| - /** Public key file. */ | |
| - private File keyFile; | |
| + /** Public key resource. */ | |
| + private Resource resource; | |
| /** The singleton instance of the public key produced by this factory. */ | |
| private PublicKey key; | |
| /** | |
| - * Sets the public key file. | |
| + * Sets the public key resource. | |
| * | |
| - * @param file public key file | |
| + * @param resource Resource containing public key data. | |
| */ | |
| - public void setPublicKeyFile(@Nonnull final File file) { | |
| - keyFile = Constraint.isNotNull(file, "Public key file can not be null"); | |
| + public void setPublicKey(@Nonnull final Resource resource) { | |
| + this.resource = Constraint.isNotNull(resource, "Public key resource can not be null"); | |
| } | |
| /** {@inheritDoc} */ | |
| public PublicKey getObject() throws Exception { | |
| if (key == null) { | |
| - if (keyFile == null) { | |
| - throw new BeanCreationException("Public key file must be provided in order to use this factory."); | |
| + if (resource == null) { | |
| + throw new BeanCreationException("Public key must be provided in order to use this factory."); | |
| } | |
| Security.addProvider(new BouncyCastleProvider()); | |
| - key = CryptReader.readPublicKey(new FileInputStream(keyFile)); | |
| + key = CryptReader.readPublicKey(resource.getInputStream()); | |
| } | |
| return key; | |
| Index: src/main/java/net/shibboleth/ext/spring/factory/X509CertificateChainFactoryBean.java | |
| =================================================================== | |
| --- src/main/java/net/shibboleth/ext/spring/factory/X509CertificateChainFactoryBean.java (revision 459) | |
| +++ src/main/java/net/shibboleth/ext/spring/factory/X509CertificateChainFactoryBean.java (working copy) | |
| @@ -17,8 +17,6 @@ | |
| package net.shibboleth.ext.spring.factory; | |
| -import java.io.File; | |
| -import java.io.FileInputStream; | |
| import java.security.Security; | |
| import java.security.cert.X509Certificate; | |
| @@ -29,6 +27,7 @@ | |
| import org.bouncycastle.jce.provider.BouncyCastleProvider; | |
| import org.springframework.beans.factory.BeanCreationException; | |
| import org.springframework.beans.factory.FactoryBean; | |
| +import org.springframework.core.io.Resource; | |
| import edu.vt.middleware.crypt.util.CryptReader; | |
| @@ -39,31 +38,30 @@ | |
| */ | |
| public class X509CertificateChainFactoryBean implements FactoryBean<X509Certificate[]> { | |
| - /** Certificate chain file. */ | |
| - private File certChainFile; | |
| + /** Certificate chain resource. */ | |
| + private Resource resource; | |
| /** The singleton instance of the public certificate chain produced by this factory. */ | |
| private X509Certificate[] certificates; | |
| /** | |
| - * Sets the certificate chain file. | |
| - * | |
| - * @param file certificate chain file | |
| + * Sets the certificate chain resource. | |
| + * | |
| + * @param resource Resource containing X.509 certificate data. | |
| */ | |
| - public void setCertificateChainFile(@Nonnull final File file) { | |
| - certChainFile = Constraint.isNotNull(file, "Certificate chain file can not be null"); | |
| + public void setCertificateChain(@Nonnull final Resource resource) { | |
| + this.resource = Constraint.isNotNull(resource, "Certificate chain can not be null"); | |
| } | |
| /** {@inheritDoc} */ | |
| public X509Certificate[] getObject() throws Exception { | |
| if (certificates == null) { | |
| - if (certChainFile == null) { | |
| - throw new BeanCreationException( | |
| - "Certificate chanin file must be provided in order to use this factory."); | |
| + if (resource == null) { | |
| + throw new BeanCreationException("Certificate chain must be provided in order to use this factory."); | |
| } | |
| Security.addProvider(new BouncyCastleProvider()); | |
| - certificates = (X509Certificate[]) CryptReader.readCertificateChain(new FileInputStream(certChainFile)); | |
| + certificates = (X509Certificate[]) CryptReader.readCertificateChain(resource.getInputStream()); | |
| } | |
| return certificates; | |
| Index: src/main/java/net/shibboleth/ext/spring/factory/X509CertificateFactoryBean.java | |
| =================================================================== | |
| --- src/main/java/net/shibboleth/ext/spring/factory/X509CertificateFactoryBean.java (revision 459) | |
| +++ src/main/java/net/shibboleth/ext/spring/factory/X509CertificateFactoryBean.java (working copy) | |
| @@ -17,8 +17,6 @@ | |
| package net.shibboleth.ext.spring.factory; | |
| -import java.io.File; | |
| -import java.io.FileInputStream; | |
| import java.security.Security; | |
| import java.security.cert.X509Certificate; | |
| @@ -29,6 +27,7 @@ | |
| import org.bouncycastle.jce.provider.BouncyCastleProvider; | |
| import org.springframework.beans.factory.BeanCreationException; | |
| import org.springframework.beans.factory.FactoryBean; | |
| +import org.springframework.core.io.Resource; | |
| import edu.vt.middleware.crypt.util.CryptReader; | |
| @@ -39,30 +38,30 @@ | |
| */ | |
| public class X509CertificateFactoryBean implements FactoryBean<X509Certificate> { | |
| - /** Certificate chain file. */ | |
| - private File certFile; | |
| + /** Certificate chain resource. */ | |
| + private Resource resource; | |
| /** The singleton instance of the certificate produced by this factory. */ | |
| private X509Certificate certificate; | |
| /** | |
| - * Sets the certificate chain file. | |
| + * Sets the certificate resource. | |
| * | |
| - * @param file certificate chain file | |
| + * @param resource Resource containing X.509 certificate data. | |
| */ | |
| - public void setCertificateFile(@Nonnull final File file) { | |
| - certFile = Constraint.isNotNull(file, "Certificate file can not be null"); | |
| + public void setCertificate(@Nonnull final Resource resource) { | |
| + this.resource = Constraint.isNotNull(resource, "Certificate can not be null"); | |
| } | |
| /** {@inheritDoc} */ | |
| public X509Certificate getObject() throws Exception { | |
| if (certificate == null) { | |
| - if (certFile == null) { | |
| - throw new BeanCreationException("Certificate file must be provided in order to use this factory."); | |
| + if (resource == null) { | |
| + throw new BeanCreationException("Certificate must be provided in order to use this factory."); | |
| } | |
| Security.addProvider(new BouncyCastleProvider()); | |
| - certificate = (X509Certificate) CryptReader.readCertificate(new FileInputStream(certFile)); | |
| + certificate = (X509Certificate) CryptReader.readCertificate(resource.getInputStream()); | |
| } | |
| return certificate; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment