santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pellerin, Clement" <Clement_Pelle...@ibi.com>
Subject [BUG] StorageResolver.next() gives ClassCastException
Date Mon, 14 Jun 2010 18:59:26 GMT
The return type of StorageResolver.next() is X509Certificate, but the implementation attempts
to return an StorageResolverSpi instance causing a ClassCastException. The way the KeyResolvers
call this method, it appears the API is correct but the implementation is wrong. Indeed, I
like the fact that we can call the KeyResolver only once with all available StorageResolverSpi's
lumped into one StorageResolver. I'm a little perplexed why someone would create multiple
StorageResolvers because that forces multiple executions of each KeyResolver. 

StorageResolver.getIterator() returns a raw Iterator, so that iterator's next() method returns
Object which pushes the ClassCastException in the caller instead. One would expect the iterator
to iterate over the same objects as StorageResolver.next(), so the same ClassCastException
is lurking here.

What should be the behavior of those iterators?

To reproduce, run this sample program.

import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.Iterator;

import org.apache.xml.security.keys.storage.StorageResolver;
import org.apache.xml.security.keys.storage.StorageResolverSpi;
import org.apache.xml.security.keys.storage.implementations.KeyStoreResolver;

public class Repro {

	public static void main(String[] args) throws Exception
	{
		KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());

		ks.load(new java.io.FileInputStream(
				"data/org/apache/xml/security/samples/input/keystore.jks"),
				"xmlsecurity".toCharArray());

		KeyStoreResolver ksResolver = new KeyStoreResolver(ks);
		StorageResolver storage = new StorageResolver(ksResolver);
		
		while (storage.hasNext())
		{
			X509Certificate cert = storage.next();  // <--- ClassCastException here
			System.out.println("cert is " + cert);
		}

		/*
		Iterator iter = storage.getIterator();
		while (iter.hasNext())
		{
			X509Certificate cert = (X509Certificate)iter.next();  // <--- iter.next() returns Object
but causes ClassCastException if cast to X509Certificate
			System.out.println("cert is " + cert);
		}
		*/
	}
}

Mime
View raw message