cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jburwell <...@git.apache.org>
Subject [GitHub] cloudstack pull request #1511: 4.9/master bountycastle changes
Date Tue, 13 Sep 2016 20:42:38 GMT
Github user jburwell commented on a diff in the pull request:

    https://github.com/apache/cloudstack/pull/1511#discussion_r78640135
  
    --- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java ---
    @@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO cert, List<LoadBalancerCertM
             return response;
         }
     
    -    private void validateCert(Certificate cert, boolean chainPresent) {
    +    private void validateCert(final Certificate cert, final boolean chainPresent) {
     
    -        if (!(cert instanceof X509Certificate))
    +        if (!(cert instanceof X509Certificate)) {
                 throw new IllegalArgumentException("Invalid certificate format. Expected
X509 certificate");
    +        }
     
             try {
                 ((X509Certificate)cert).checkValidity();
    -        } catch (Exception e) {
    +        } catch (final Exception e) {
                 throw new IllegalArgumentException("Certificate expired or not valid", e);
             }
         }
     
    -    private void validateKeys(PublicKey pubKey, PrivateKey privKey) {
    +    private void validateKeys(final PublicKey pubKey, final PrivateKey privKey) {
     
    -        if (pubKey.getAlgorithm() != privKey.getAlgorithm())
    +        if (pubKey.getAlgorithm() != privKey.getAlgorithm()) {
                 throw new IllegalArgumentException("Public and private key have different
algorithms");
    +        }
     
             // No encryption for DSA
    -        if (pubKey.getAlgorithm() != "RSA")
    +        if (pubKey.getAlgorithm() != "RSA") {
                 return;
    +        }
     
             try {
     
    -            String data = "ENCRYPT_DATA";
    -            SecureRandom random = new SecureRandom();
    -            Cipher cipher = Cipher.getInstance(pubKey.getAlgorithm());
    +            final String data = "ENCRYPT_DATA";
    +            final SecureRandom random = new SecureRandom();
    --- End diff --
    
    Initializing `SecureRandom` instances as local variables is unnecessarily expensive. 
Please consider extracting to a `static final` constant.  Also, should we specify the RNG
algorithm using the `SecureRandom.getInstance(String)`.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message