Return-Path: 
 <amber-commits-return-85-apmail-incubator-amber-commits-archive=incubator.apache.org@incubator.apache.org>
Delivered-To: apmail-incubator-amber-commits-archive@minotaur.apache.org
Received: (qmail 90750 invoked from network); 11 Jul 2010 08:04:59 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 11 Jul 2010 08:04:59 -0000
Received: (qmail 91583 invoked by uid 500); 11 Jul 2010 08:04:58 -0000
Delivered-To: apmail-incubator-amber-commits-archive@incubator.apache.org
Received: (qmail 91563 invoked by uid 500); 11 Jul 2010 08:04:58 -0000
Mailing-List: contact amber-commits-help@incubator.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:amber-commits-help@incubator.apache.org>
List-Unsubscribe: <mailto:amber-commits-unsubscribe@incubator.apache.org>
List-Post: <mailto:amber-commits@incubator.apache.org>
List-Id: <amber-commits.incubator.apache.org>
Reply-To: amber-dev@incubator.apache.org
Delivered-To: mailing list amber-commits@incubator.apache.org
Received: (qmail 91556 invoked by uid 99); 11 Jul 2010 08:04:57 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 11 Jul 2010 08:04:57 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=10.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 11 Jul 2010 08:04:55 +0000
Received: by eris.apache.org (Postfix, from userid 65534)
	id CE8E923889CB; Sun, 11 Jul 2010 08:04:01 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r963008 -
 /incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java
Date: Sun, 11 Jul 2010 08:04:01 -0000
To: amber-commits@incubator.apache.org
From: simonetripodi@apache.org
X-Mailer: svnmailer-1.0.8
Message-Id: <20100711080401.CE8E923889CB@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

Author: simonetripodi
Date: Sun Jul 11 08:04:01 2010
New Revision: 963008

URL: http://svn.apache.org/viewvc?rev=963008&view=rev
Log:
added method to block sign/verify operations with unsupported keys

Modified:
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java

Modified: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java?rev=963008&r1=963007&r2=963008&view=diff
==============================================================================
--- incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java (original)
+++ incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java Sun Jul 11 08:04:01 2010
@@ -19,6 +19,7 @@ package org.apache.amber.signature;
 import java.net.URL;
 import java.nio.charset.Charset;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.BitSet;
 import java.util.Collections;
 import java.util.List;
@@ -131,6 +132,7 @@ public abstract class AbstractMethod imp
         if (request == null) {
             throw new IllegalArgumentException("parameter 'request' must not be null");
         }
+        this.checkKey(signingKey);
 
         String baseString = this.createBaseString(request);
         String tokenSecret = extractTokenSecret(token);
@@ -164,6 +166,7 @@ public abstract class AbstractMethod imp
         if (request == null) {
             throw new IllegalArgumentException("parameter 'request' must not be null");
         }
+        this.checkKey(verifyingKey);
 
         String baseString = this.createBaseString(request);
         String tokenSecret = extractTokenSecret(token);
@@ -183,6 +186,27 @@ public abstract class AbstractMethod imp
     protected abstract boolean verify(String signature, VerifyingKey verifyingKey, String tokenSecret, String baseString) throws SignatureException;
 
     /**
+     * 
+     *
+     * @param key
+     * @throws SignatureException
+     */
+    private void checkKey(Key key) throws SignatureException {
+        for (String method : key.getAlgorithmMethods()) {
+            if (this.getAlgorithm().equals(method)) {
+                return;
+            }
+        }
+        throw new SignatureException("Required '"
+                + this.getAlgorithm()
+                + "', key of type '"
+                + key.getClass().getName()
+                + "' only supports "
+                + Arrays.toString(key.getAlgorithmMethods())
+                + " methods");
+    }
+
+    /**
      * Calculates the OAuth base string.
      *
      * @param request