More refactor of utils.resolver / keys
git-svn-id: https://svn.apache.org/repos/asf/santuario/xml-security-java/trunk@1877678 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/src/main/java/org/apache/xml/security/keys/content/DEREncodedKeyValue.java b/src/main/java/org/apache/xml/security/keys/content/DEREncodedKeyValue.java
index f2eeb61..ce2f74e 100644
--- a/src/main/java/org/apache/xml/security/keys/content/DEREncodedKeyValue.java
+++ b/src/main/java/org/apache/xml/security/keys/content/DEREncodedKeyValue.java
@@ -116,9 +116,7 @@
if (publicKey != null) {
return publicKey;
}
- } catch (NoSuchAlgorithmException e) { //NOPMD
- // Do nothing, try the next type
- } catch (InvalidKeySpecException e) { //NOPMD
+ } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { //NOPMD
// Do nothing, try the next type
}
}
@@ -136,10 +134,7 @@
KeyFactory keyFactory = KeyFactory.getInstance(publicKey.getAlgorithm());
X509EncodedKeySpec keySpec = keyFactory.getKeySpec(publicKey, X509EncodedKeySpec.class);
return keySpec.getEncoded();
- } catch (NoSuchAlgorithmException e) {
- Object[] exArgs = { publicKey.getAlgorithm(), publicKey.getFormat(), publicKey.getClass().getName() };
- throw new XMLSecurityException(e, "DEREncodedKeyValue.UnsupportedPublicKey", exArgs);
- } catch (InvalidKeySpecException e) {
+ } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
Object[] exArgs = { publicKey.getAlgorithm(), publicKey.getFormat(), publicKey.getClass().getName() };
throw new XMLSecurityException(e, "DEREncodedKeyValue.UnsupportedPublicKey", exArgs);
}
diff --git a/src/main/java/org/apache/xml/security/keys/storage/implementations/CertsInFilesystemDirectoryResolver.java b/src/main/java/org/apache/xml/security/keys/storage/implementations/CertsInFilesystemDirectoryResolver.java
deleted file mode 100644
index f7c0746..0000000
--- a/src/main/java/org/apache/xml/security/keys/storage/implementations/CertsInFilesystemDirectoryResolver.java
+++ /dev/null
@@ -1,180 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.xml.security.keys.storage.implementations;
-
-import java.io.File;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.nio.file.Files;
-import java.nio.file.Paths;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateExpiredException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CertificateNotYetValidException;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Iterator;
-import java.util.List;
-import java.util.NoSuchElementException;
-
-import org.apache.xml.security.keys.storage.StorageResolverException;
-import org.apache.xml.security.keys.storage.StorageResolverSpi;
-
-/**
- * This {@link StorageResolverSpi} makes all raw (binary) {@link X509Certificate}s
- * which reside as files in a single directory available to the
- * {@link org.apache.xml.security.keys.storage.StorageResolver}.
- */
-public class CertsInFilesystemDirectoryResolver extends StorageResolverSpi {
-
- private static final org.slf4j.Logger LOG =
- org.slf4j.LoggerFactory.getLogger(
- CertsInFilesystemDirectoryResolver.class
- );
-
- /** Field certs */
- private final List<X509Certificate> certs;
-
- /**
- * @param directoryName
- * @throws StorageResolverException
- */
- public CertsInFilesystemDirectoryResolver(String directoryName)
- throws StorageResolverException {
-
- File certDir = new File(directoryName);
- List<String> al = new ArrayList<>();
- String[] names = certDir.list();
-
- if (names != null) {
- for (int i = 0; i < names.length; i++) {
- String currentFileName = names[i];
-
- if (currentFileName.endsWith(".crt")) {
- al.add(names[i]);
- }
- }
- }
-
- CertificateFactory cf = null;
- try {
- cf = CertificateFactory.getInstance("X.509");
- } catch (CertificateException ex) {
- throw new StorageResolverException(ex);
- }
-
- List<X509Certificate> tmpCerts = new ArrayList<>();
- for (int i = 0; i < al.size(); i++) {
- String filename = certDir.getAbsolutePath() + File.separator + al.get(i);
- boolean added = false;
- String dn = null;
-
- try (InputStream inputStream = Files.newInputStream(Paths.get(filename))) {
- X509Certificate cert =
- (X509Certificate) cf.generateCertificate(inputStream);
-
- //add to ArrayList
- cert.checkValidity();
- tmpCerts.add(cert);
-
- dn = cert.getSubjectX500Principal().getName();
- added = true;
- } catch (FileNotFoundException ex) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("Could not add certificate from file " + filename, ex);
- }
- } catch (CertificateNotYetValidException ex) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("Could not add certificate from file " + filename, ex);
- }
- } catch (CertificateExpiredException ex) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("Could not add certificate from file " + filename, ex);
- }
- } catch (CertificateException ex) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("Could not add certificate from file " + filename, ex);
- }
- } catch (IOException ex) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("Could not add certificate from file " + filename, ex);
- }
- }
-
- if (added) {
- LOG.debug("Added certificate: {}", dn);
- }
- }
-
- certs = Collections.unmodifiableList(tmpCerts);
- }
-
- /** {@inheritDoc} */
- public Iterator<Certificate> getIterator() {
- return new FilesystemIterator(this.certs);
- }
-
- /**
- * Class FilesystemIterator
- */
- private static class FilesystemIterator implements Iterator<Certificate> {
-
- /** Field certs */
- private final List<X509Certificate> certs;
-
- /** Field i */
- private int i;
-
- /**
- * Constructor FilesystemIterator
- *
- * @param certs
- */
- public FilesystemIterator(List<X509Certificate> certs) {
- this.certs = certs;
- this.i = 0;
- }
-
- /** {@inheritDoc} */
- public boolean hasNext() {
- return this.i < this.certs.size();
- }
-
- /** {@inheritDoc} */
- public Certificate next() {
- if (hasNext()) {
- return this.certs.get(this.i++);
- }
-
- throw new NoSuchElementException();
- }
-
- /**
- * Method remove
- *
- */
- public void remove() {
- throw new UnsupportedOperationException("Can't remove keys from KeyStore");
- }
- }
-
-}
diff --git a/src/main/java/org/apache/xml/security/stax/impl/util/LimitingInputStream.java b/src/main/java/org/apache/xml/security/stax/impl/util/LimitingInputStream.java
deleted file mode 100644
index e376a80..0000000
--- a/src/main/java/org/apache/xml/security/stax/impl/util/LimitingInputStream.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.xml.security.stax.impl.util;
-
-import org.apache.xml.security.utils.I18n;
-
-import java.io.FilterInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-/**
- */
-public class LimitingInputStream extends FilterInputStream {
-
- private long limit;
- private long count;
-
- public LimitingInputStream(InputStream in, long limit) {
- super(in);
- this.limit = limit;
- }
-
- @Override
- public int read() throws IOException {
- int r = super.read();
- if (r >= 0) {
- incrementCountAndTestLimit(r);
- }
- return r;
- }
-
- @Override
- public int read(byte[] b) throws IOException {
- return read(b, 0, b.length);
- }
-
- @Override
- public int read(byte[] b, int off, int len) throws IOException {
- int r = super.read(b, off, len);
- if (r >= 0) {
- incrementCountAndTestLimit(r);
- }
- return r;
- }
-
- private void incrementCountAndTestLimit(long read) throws IOException {
- this.count += read;
- if (this.count > this.limit) {
- throw new IOException(I18n.getExceptionMessage("secureProcessing.inputStreamLimitReached", new Object[]{this.limit}));
- }
- }
-}
diff --git a/src/main/java/org/apache/xml/security/utils/resolver/implementations/ResolverDirectHTTP.java b/src/main/java/org/apache/xml/security/utils/resolver/implementations/ResolverDirectHTTP.java
index 66d7af4..7890bc2 100644
--- a/src/main/java/org/apache/xml/security/utils/resolver/implementations/ResolverDirectHTTP.java
+++ b/src/main/java/org/apache/xml/security/utils/resolver/implementations/ResolverDirectHTTP.java
@@ -22,7 +22,6 @@
import java.io.IOException;
import java.io.InputStream;
import java.net.InetSocketAddress;
-import java.net.MalformedURLException;
import java.net.Proxy;
import java.net.URISyntaxException;
import java.net.URI;
@@ -157,14 +156,8 @@
return result;
}
- } catch (URISyntaxException ex) {
+ } catch (URISyntaxException | IOException | IllegalArgumentException ex) {
throw new ResourceResolverException(ex, context.uriToResolve, context.baseUri, "generic.EmptyMessage");
- } catch (MalformedURLException ex) {
- throw new ResourceResolverException(ex, context.uriToResolve, context.baseUri, "generic.EmptyMessage");
- } catch (IOException ex) {
- throw new ResourceResolverException(ex, context.uriToResolve, context.baseUri, "generic.EmptyMessage");
- } catch (IllegalArgumentException e) {
- throw new ResourceResolverException(e, context.uriToResolve, context.baseUri, "generic.EmptyMessage");
}
}
diff --git a/src/main/java/org/apache/xml/security/utils/resolver/implementations/ResolverXPointer.java b/src/main/java/org/apache/xml/security/utils/resolver/implementations/ResolverXPointer.java
index 4c587c4..b4a77bf 100644
--- a/src/main/java/org/apache/xml/security/utils/resolver/implementations/ResolverXPointer.java
+++ b/src/main/java/org/apache/xml/security/utils/resolver/implementations/ResolverXPointer.java
@@ -101,9 +101,6 @@
* {@inheritDoc}
*/
public boolean engineCanResolveURI(ResourceResolverContext context) {
- if (context.uriToResolve == null) {
- return false;
- }
return isXPointerSlash(context.uriToResolve) || isXPointerId(context.uriToResolve);
}
@@ -124,7 +121,7 @@
* @return whether it has an xpointer id
*/
private static boolean isXPointerId(String uri) {
- if (uri.startsWith(XP) && uri.endsWith("))")) {
+ if (uri != null && uri.startsWith(XP) && uri.endsWith("))")) {
String idPlusDelim = uri.substring(XP_LENGTH, uri.length() - 2);
int idLen = idPlusDelim.length() -1;