You are viewing a plain text version of this content. The canonical link for it is here.

Posted to fx-dev@ws.apache.org by Anderson Jonathan <an...@bah.com> on 2004/04/16 00:39:34 UTC

Proposed Crypto patch

Greetings Werner and Dims,
	I've attached a CVS diff -u that touches Crypto.java and Merlin.java and
essentially exposes some previously private data members, and cleans up what
JavaDoc that I saw was incorrect.  This is but a small step towards Cert
Path validation and enforced signature coverage.  Take a look, tell me what
you think.

Regards,
Jonathan Anderson
Booz Allen Hamilton

Re: Proposed Crypto patch

Posted by Davanum Srinivas <di...@yahoo.com>.

applied patch.

thanks,
dims

--- Anderson Jonathan <an...@bah.com> wrote:
> Greetings Werner and Dims,
> 	I've attached a CVS diff -u that touches Crypto.java and Merlin.java and
> essentially exposes some previously private data members, and cleans up what
> JavaDoc that I saw was incorrect.  This is but a small step towards Cert
> Path validation and enforced signature coverage.  Take a look, tell me what
> you think.
> 
> Regards,
> Jonathan Anderson
> Booz Allen Hamilton
> > ? diff.txt
> Index: org/apache/ws/security/components/crypto/Crypto.java
> ===================================================================
> RCS file: /home/cvspublic/ws-fx/wss4j/src/org/apache/ws/security/components/crypto/Crypto.java,v
> retrieving revision 1.3
> diff -u -r1.3 Crypto.java
> --- org/apache/ws/security/components/crypto/Crypto.java	21 Mar 2004 14:40:40 -0000	1.3
> +++ org/apache/ws/security/components/crypto/Crypto.java	15 Apr 2004 15:36:23 -0000
> @@ -22,8 +22,10 @@
>  import java.io.InputStream;
>  import java.math.BigInteger;
>  import java.security.PrivateKey;
> +import java.security.KeyStore;
>  import java.security.cert.Certificate;
>  import java.security.cert.X509Certificate;
> +import java.security.cert.CertificateFactory;
>  
>  /**
>   * Crypto.
> @@ -36,9 +38,9 @@
>       * load a X509Certificate from the input stream.
>       * <p/>
>       * 
> -     * @param The <code>InputStream</code> array containg the X509 data
> -     * @throws GeneralSecurityException 
> -     * @return	Returns a X509 certificate
> +     * @param in The <code>InputStream</code> array containg the X509 data
> +     * @throws WSSecurityException
> +     * @return	An X509 certificate
>       */
>      X509Certificate loadCertificate(InputStream in) throws WSSecurityException;
>  
> @@ -49,8 +51,7 @@
>       * @param data    The <code>byte</code> array containg the X509 data
>       * @param reverse If set the first certificate in input data will
>       *                the last in the array
> -     * @throws IOException              
> -     * @throws GeneralSecurityException 
> +     * @throws WSSecurityException
>       * @return		An array of X509 certificates, ordered according to
>       * the reverse flag
>       */
> @@ -63,8 +64,8 @@
>       * @param reverse If set the first certificate in the array data will
>       *                the last in the byte array
>       * @param certs   The certificates to convert
> -     * @throws IOException                  
> -     * @throws CertificateEncodingException 
> +
> +     * @throws WSSecurityException
>       * @return		The byte array for the certficates ordered according
>       * to the reverse flag
>       */
> @@ -146,5 +147,20 @@
>  	 * @return 			 The byte array conating the binary SKI data
>  	 */
>  	public byte[] getSKIBytesFromCert(X509Certificate cert)	throws WSSecurityException;
> +
> +    /**
> +     * Gets the Keystore that was loaded by the underlying implementation
> +     *
> +     * @return the Keystore
> +     */
> +    public KeyStore getKeyStore();
> +
> +    /**
> +     * Gets the CertificateFactory instantiated by the underlying implementation
> +     *
> +     * @return the CertificateFactory
> +     * @throws WSSecurityException
> +     */
> +    public CertificateFactory getCertificateFactory() throws WSSecurityException;
>  
>  }
> Index: org/apache/ws/security/components/crypto/Merlin.java
> ===================================================================
> RCS file: /home/cvspublic/ws-fx/wss4j/src/org/apache/ws/security/components/crypto/Merlin.java,v
> retrieving revision 1.13
> diff -u -r1.13 Merlin.java
> --- org/apache/ws/security/components/crypto/Merlin.java	12 Apr 2004 15:52:58 -0000	1.13
> +++ org/apache/ws/security/components/crypto/Merlin.java	15 Apr 2004 15:59:39 -0000
> @@ -60,7 +60,7 @@
>  public class Merlin implements Crypto {
>      private static Log log = LogFactory.getLog(Merlin.class);
>      private static CertificateFactory certFact;
> -    private Properties properties = null;
> +    protected Properties properties = null;
>      protected KeyStore keystore = null;
>  
>      /**
> @@ -125,7 +125,7 @@
>       * 			X509 certficates
>       * @throws	WSSecurityException
>       */
> -    private static synchronized CertificateFactory getCertificateFactory() throws
> WSSecurityException {
> +    public synchronized CertificateFactory getCertificateFactory() throws WSSecurityException {
>          if (certFact == null) {
>  			try {
>  				certFact = CertificateFactory.getInstance("X.509","BC");
> @@ -591,5 +591,10 @@
>  		*/
>  		return abyte0;
>  	}
> +
> +    public KeyStore getKeyStore()
> +    {
> +        return this.keystore;
> +    }
>  }
>  
> 


=====
Davanum Srinivas - http://webservices.apache.org/~dims/