[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

ASF GitHub Bot (JIRA) Wed, 30 Nov 2016 14:39:51 -0800

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15710037#comment-15710037
 ]


ASF GitHub Bot commented on CLOUDSTACK-9632:
--------------------------------------------

Github user jburwell commented on a diff in the pull request:

    https://github.com/apache/cloudstack/pull/1799#discussion_r90309869
  
    --- Diff: 
utils/src/main/java/com/cloud/utils/security/CertificateHelper.java ---
    @@ -40,123 +46,122 @@
     import java.util.ArrayList;
     import java.util.List;
     
    -import com.cloud.utils.exception.CloudRuntimeException;
    -import org.apache.commons.codec.binary.Base64;
    -
    -import com.cloud.utils.Ternary;
    -import org.bouncycastle.openssl.PEMReader;
    -
     public class CertificateHelper {
    -    public static byte[] buildAndSaveKeystore(String alias, String cert, 
String privateKey, String storePassword) throws KeyStoreException, 
CertificateException,
    -        NoSuchAlgorithmException, InvalidKeySpecException, IOException {
    -        KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
    -
    -        ByteArrayOutputStream os = new ByteArrayOutputStream();
    -        ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
    -        os.close();
    -        return os.toByteArray();
    +    public static byte[] buildAndSaveKeystore(final String alias, final 
String cert, final String privateKey, final String storePassword) throws 
KeyStoreException, CertificateException,
    +    NoSuchAlgorithmException, InvalidKeySpecException, IOException {
    +        final KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
    +
    +        try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
    +            ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
    +            return os.toByteArray();
    +        }
         }
     
    -    public static byte[] buildAndSaveKeystore(List<Ternary<String, String, 
String>> certs, String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
    -        CertificateException, IOException, InvalidKeySpecException {
    -        KeyStore ks = KeyStore.getInstance("JKS");
    +    public static byte[] buildAndSaveKeystore(final List<Ternary<String, 
String, String>> certs, final String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
    +    CertificateException, IOException, InvalidKeySpecException {
    +        final KeyStore ks = KeyStore.getInstance("JKS");
             ks.load(null, storePassword != null ? storePassword.toCharArray() 
: null);
     
             //name,cert,key
    -        for (Ternary<String, String, String> cert : certs) {
    +        for (final Ternary<String, String, String> cert : certs) {
                 if (cert.third() == null) {
    -                Certificate c = buildCertificate(cert.second());
    +                final Certificate c = buildCertificate(cert.second());
                     ks.setCertificateEntry(cert.first(), c);
                 } else {
    -                Certificate[] c = new Certificate[certs.size()];
    +                final Certificate[] c = new Certificate[certs.size()];
                     int i = certs.size();
    -                for (Ternary<String, String, String> ct : certs) {
    +                for (final Ternary<String, String, String> ct : certs) {
                         c[i - 1] = buildCertificate(ct.second());
                         i--;
                     }
                     ks.setKeyEntry(cert.first(), 
buildPrivateKey(cert.third()), storePassword != null ? 
storePassword.toCharArray() : null, c);
                 }
             }
     
    -        ByteArrayOutputStream os = new ByteArrayOutputStream();
    -        ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
    -        os.close();
    -        return os.toByteArray();
    +        try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
    +            ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
    +            return os.toByteArray();
    +        }
         }
     
    -    public static KeyStore loadKeystore(byte[] ksData, String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
    -        assert (ksData != null);
    -        KeyStore ks = KeyStore.getInstance("JKS");
    -        ks.load(new ByteArrayInputStream(ksData), storePassword != null ? 
storePassword.toCharArray() : null);
    +    public static KeyStore loadKeystore(final byte[] ksData, final String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
    +        assert ksData != null;
    --- End diff --
    
    Since we don't usually run with assertions enabled, please consider 
converting `assert` to `Preconditions.checkArgument`.


> Upgrade bountycastle to 1.55+
> -----------------------------
>
>                 Key: CLOUDSTACK-9632
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>            Reporter: Rohit Yadav
>            Assignee: Rohit Yadav
>             Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

Reply via email to