Skip to content

Instantly share code, notes, and snippets.

@serac
Last active December 25, 2015 17:09
Show Gist options
  • Select an option

  • Save serac/7011620 to your computer and use it in GitHub Desktop.

Select an option

Save serac/7011620 to your computer and use it in GitHub Desktop.
Use Spring Resource abstraction for describing PKI credential locations.
Index: src/main/java/net/shibboleth/ext/spring/factory/PrivateKeyFactoryBean.java
===================================================================
--- src/main/java/net/shibboleth/ext/spring/factory/PrivateKeyFactoryBean.java (revision 459)
+++ src/main/java/net/shibboleth/ext/spring/factory/PrivateKeyFactoryBean.java (working copy)
@@ -17,8 +17,6 @@
package net.shibboleth.ext.spring.factory;
-import java.io.File;
-import java.io.FileInputStream;
import java.security.PrivateKey;
import java.security.Security;
@@ -31,6 +29,7 @@
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.springframework.beans.factory.BeanCreationException;
import org.springframework.beans.factory.FactoryBean;
+import org.springframework.core.io.Resource;
import edu.vt.middleware.crypt.util.CryptReader;
@@ -41,8 +40,8 @@
*/
public class PrivateKeyFactoryBean implements FactoryBean<PrivateKey> {
- /** Private key file. */
- private File keyFile;
+ /** Resource containing private key data. */
+ private Resource resource;
/** Password for the private key. */
private String keyPass;
@@ -51,12 +50,12 @@
private PrivateKey key;
/**
- * Sets the file containing the private key.
+ * Sets the resource containing the private key.
*
- * @param file private key file, never null
+ * @param resource Resource containing private key data.
*/
- public void setPrivateKeyFile(@Nonnull final File file) {
- keyFile = Constraint.isNotNull(file, "Private key file can not be null");
+ public void setPrivateKey(@Nonnull final Resource resource) {
+ this.resource = Constraint.isNotNull(resource, "Private key can not be null");
}
/**
@@ -71,15 +70,15 @@
/** {@inheritDoc} */
public PrivateKey getObject() throws Exception {
if (key == null) {
- if (keyFile == null) {
- throw new BeanCreationException("Private key file must be provided in order to use this factory.");
+ if (resource == null) {
+ throw new BeanCreationException("Private key must be provided in order to use this factory.");
}
Security.addProvider(new BouncyCastleProvider());
if (keyPass == null) {
- key = CryptReader.readPrivateKey(new FileInputStream(keyFile));
+ key = CryptReader.readPrivateKey(resource.getInputStream());
} else {
- key = CryptReader.readPrivateKey(new FileInputStream(keyFile), keyPass.toCharArray());
+ key = CryptReader.readPrivateKey(resource.getInputStream(), keyPass.toCharArray());
}
}
Index: src/main/java/net/shibboleth/ext/spring/factory/PublicKeyFactoryBean.java
===================================================================
--- src/main/java/net/shibboleth/ext/spring/factory/PublicKeyFactoryBean.java (revision 459)
+++ src/main/java/net/shibboleth/ext/spring/factory/PublicKeyFactoryBean.java (working copy)
@@ -17,8 +17,6 @@
package net.shibboleth.ext.spring.factory;
-import java.io.File;
-import java.io.FileInputStream;
import java.security.PublicKey;
import java.security.Security;
@@ -29,6 +27,7 @@
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.springframework.beans.factory.BeanCreationException;
import org.springframework.beans.factory.FactoryBean;
+import org.springframework.core.io.Resource;
import edu.vt.middleware.crypt.util.CryptReader;
@@ -39,30 +38,30 @@
*/
public class PublicKeyFactoryBean implements FactoryBean<PublicKey> {
- /** Public key file. */
- private File keyFile;
+ /** Public key resource. */
+ private Resource resource;
/** The singleton instance of the public key produced by this factory. */
private PublicKey key;
/**
- * Sets the public key file.
+ * Sets the public key resource.
*
- * @param file public key file
+ * @param resource Resource containing public key data.
*/
- public void setPublicKeyFile(@Nonnull final File file) {
- keyFile = Constraint.isNotNull(file, "Public key file can not be null");
+ public void setPublicKey(@Nonnull final Resource resource) {
+ this.resource = Constraint.isNotNull(resource, "Public key resource can not be null");
}
/** {@inheritDoc} */
public PublicKey getObject() throws Exception {
if (key == null) {
- if (keyFile == null) {
- throw new BeanCreationException("Public key file must be provided in order to use this factory.");
+ if (resource == null) {
+ throw new BeanCreationException("Public key must be provided in order to use this factory.");
}
Security.addProvider(new BouncyCastleProvider());
- key = CryptReader.readPublicKey(new FileInputStream(keyFile));
+ key = CryptReader.readPublicKey(resource.getInputStream());
}
return key;
Index: src/main/java/net/shibboleth/ext/spring/factory/X509CertificateChainFactoryBean.java
===================================================================
--- src/main/java/net/shibboleth/ext/spring/factory/X509CertificateChainFactoryBean.java (revision 459)
+++ src/main/java/net/shibboleth/ext/spring/factory/X509CertificateChainFactoryBean.java (working copy)
@@ -17,8 +17,6 @@
package net.shibboleth.ext.spring.factory;
-import java.io.File;
-import java.io.FileInputStream;
import java.security.Security;
import java.security.cert.X509Certificate;
@@ -29,6 +27,7 @@
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.springframework.beans.factory.BeanCreationException;
import org.springframework.beans.factory.FactoryBean;
+import org.springframework.core.io.Resource;
import edu.vt.middleware.crypt.util.CryptReader;
@@ -39,31 +38,30 @@
*/
public class X509CertificateChainFactoryBean implements FactoryBean<X509Certificate[]> {
- /** Certificate chain file. */
- private File certChainFile;
+ /** Certificate chain resource. */
+ private Resource resource;
/** The singleton instance of the public certificate chain produced by this factory. */
private X509Certificate[] certificates;
/**
- * Sets the certificate chain file.
- *
- * @param file certificate chain file
+ * Sets the certificate chain resource.
+ *
+ * @param resource Resource containing X.509 certificate data.
*/
- public void setCertificateChainFile(@Nonnull final File file) {
- certChainFile = Constraint.isNotNull(file, "Certificate chain file can not be null");
+ public void setCertificateChain(@Nonnull final Resource resource) {
+ this.resource = Constraint.isNotNull(resource, "Certificate chain can not be null");
}
/** {@inheritDoc} */
public X509Certificate[] getObject() throws Exception {
if (certificates == null) {
- if (certChainFile == null) {
- throw new BeanCreationException(
- "Certificate chanin file must be provided in order to use this factory.");
+ if (resource == null) {
+ throw new BeanCreationException("Certificate chain must be provided in order to use this factory.");
}
Security.addProvider(new BouncyCastleProvider());
- certificates = (X509Certificate[]) CryptReader.readCertificateChain(new FileInputStream(certChainFile));
+ certificates = (X509Certificate[]) CryptReader.readCertificateChain(resource.getInputStream());
}
return certificates;
Index: src/main/java/net/shibboleth/ext/spring/factory/X509CertificateFactoryBean.java
===================================================================
--- src/main/java/net/shibboleth/ext/spring/factory/X509CertificateFactoryBean.java (revision 459)
+++ src/main/java/net/shibboleth/ext/spring/factory/X509CertificateFactoryBean.java (working copy)
@@ -17,8 +17,6 @@
package net.shibboleth.ext.spring.factory;
-import java.io.File;
-import java.io.FileInputStream;
import java.security.Security;
import java.security.cert.X509Certificate;
@@ -29,6 +27,7 @@
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.springframework.beans.factory.BeanCreationException;
import org.springframework.beans.factory.FactoryBean;
+import org.springframework.core.io.Resource;
import edu.vt.middleware.crypt.util.CryptReader;
@@ -39,30 +38,30 @@
*/
public class X509CertificateFactoryBean implements FactoryBean<X509Certificate> {
- /** Certificate chain file. */
- private File certFile;
+ /** Certificate chain resource. */
+ private Resource resource;
/** The singleton instance of the certificate produced by this factory. */
private X509Certificate certificate;
/**
- * Sets the certificate chain file.
+ * Sets the certificate resource.
*
- * @param file certificate chain file
+ * @param resource Resource containing X.509 certificate data.
*/
- public void setCertificateFile(@Nonnull final File file) {
- certFile = Constraint.isNotNull(file, "Certificate file can not be null");
+ public void setCertificate(@Nonnull final Resource resource) {
+ this.resource = Constraint.isNotNull(resource, "Certificate can not be null");
}
/** {@inheritDoc} */
public X509Certificate getObject() throws Exception {
if (certificate == null) {
- if (certFile == null) {
- throw new BeanCreationException("Certificate file must be provided in order to use this factory.");
+ if (resource == null) {
+ throw new BeanCreationException("Certificate must be provided in order to use this factory.");
}
Security.addProvider(new BouncyCastleProvider());
- certificate = (X509Certificate) CryptReader.readCertificate(new FileInputStream(certFile));
+ certificate = (X509Certificate) CryptReader.readCertificate(resource.getInputStream());
}
return certificate;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment