You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by "Pellerin, Clement" <Cl...@ibi.com> on 2010/06/14 20:59:26 UTC

[BUG] StorageResolver.next() gives ClassCastException

The return type of StorageResolver.next() is X509Certificate, but the implementation attempts to return an StorageResolverSpi instance causing a ClassCastException. The way the KeyResolvers call this method, it appears the API is correct but the implementation is wrong. Indeed, I like the fact that we can call the KeyResolver only once with all available StorageResolverSpi's lumped into one StorageResolver. I'm a little perplexed why someone would create multiple StorageResolvers because that forces multiple executions of each KeyResolver. 

StorageResolver.getIterator() returns a raw Iterator, so that iterator's next() method returns Object which pushes the ClassCastException in the caller instead. One would expect the iterator to iterate over the same objects as StorageResolver.next(), so the same ClassCastException is lurking here.

What should be the behavior of those iterators?

To reproduce, run this sample program.

import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.Iterator;

import org.apache.xml.security.keys.storage.StorageResolver;
import org.apache.xml.security.keys.storage.StorageResolverSpi;
import org.apache.xml.security.keys.storage.implementations.KeyStoreResolver;

public class Repro {

	public static void main(String[] args) throws Exception
	{
		KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());

		ks.load(new java.io.FileInputStream(
				"data/org/apache/xml/security/samples/input/keystore.jks"),
				"xmlsecurity".toCharArray());

		KeyStoreResolver ksResolver = new KeyStoreResolver(ks);
		StorageResolver storage = new StorageResolver(ksResolver);
		
		while (storage.hasNext())
		{
			X509Certificate cert = storage.next();  // <--- ClassCastException here
			System.out.println("cert is " + cert);
		}

		/*
		Iterator iter = storage.getIterator();
		while (iter.hasNext())
		{
			X509Certificate cert = (X509Certificate)iter.next();  // <--- iter.next() returns Object but causes ClassCastException if cast to X509Certificate
			System.out.println("cert is " + cert);
		}
		*/
	}
}