clerezza-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject [5/9] CLEREZZA-435: repaced tabs with spaces in scala files
Date Wed, 04 Dec 2013 15:21:22 GMT
http://git-wip-us.apache.org/repos/asf/clerezza/blob/35448624/platform.logging/initializer/src/main/scala/org/apache/clerezza/platform/logging/initializer/Activator.scala
----------------------------------------------------------------------
diff --git a/platform.logging/initializer/src/main/scala/org/apache/clerezza/platform/logging/initializer/Activator.scala b/platform.logging/initializer/src/main/scala/org/apache/clerezza/platform/logging/initializer/Activator.scala
index cfdc270..c8220db 100644
--- a/platform.logging/initializer/src/main/scala/org/apache/clerezza/platform/logging/initializer/Activator.scala
+++ b/platform.logging/initializer/src/main/scala/org/apache/clerezza/platform/logging/initializer/Activator.scala
@@ -35,54 +35,54 @@ import org.osgi.framework.BundleActivator
 
 class Activator extends BundleActivator {
 
-	private val configurationAdminClassName = classOf[ConfigurationAdmin].getName
+  private val configurationAdminClassName = classOf[ConfigurationAdmin].getName
 
-	def start(context: BundleContext) {
-		import scala.collection.JavaConversions._
-		val paxLoggingLocation: String = context.getBundles().
-			find(bundle => bundle.getSymbolicName().equals("org.ops4j.pax.logging.pax-logging-service")) match {
-				case Some(b) => b.getLocation();
-				case _ => throw new RuntimeException("org.ops4j.pax.logging.pax-logging-service not found")
-			}
-		val serviceReference = context.getServiceReference(configurationAdminClassName);
-		def configureIfUnconfigured(serviceReference: ServiceReference[_]) {
-			val configurationAdmin = context.getService(serviceReference).asInstanceOf[ConfigurationAdmin]
-			val config: Configuration = configurationAdmin.getConfiguration(
-				"org.ops4j.pax.logging", paxLoggingLocation);
-			if (config.getProperties() == null) {
-				val props: Dictionary[String, String] = new Hashtable[String, String]();
-				props.put("log4j.rootLogger", "INFO, R, stdout");
-				props.put("log4j.logger.org.apache.clerezza","DEBUG")
-				props.put("log4j.appender.stdout", "org.apache.log4j.ConsoleAppender");
-				props.put("log4j.appender.stdout.layout", "org.apache.log4j.PatternLayout");
-				props.put("log4j.appender.stdout.Threshold", "WARN");
-				// Pattern to output the caller's file name and line number.
-				props.put("log4j.appender.stdout.layout.ConversionPattern", "%d [%t] %5p [%t] (%F\\:%L) - %m%n");
-				props.put("log4j.appender.R", "org.apache.log4j.FileAppender");
-				props.put("log4j.appender.R.File", "clerezza.log");
-				props.put("log4j.appender.R.layout", "org.apache.log4j.PatternLayout");
-				props.put("log4j.appender.R.layout.ConversionPattern", "%d [%t] %p %t %c - %m%n");
+  def start(context: BundleContext) {
+    import scala.collection.JavaConversions._
+    val paxLoggingLocation: String = context.getBundles().
+      find(bundle => bundle.getSymbolicName().equals("org.ops4j.pax.logging.pax-logging-service")) match {
+        case Some(b) => b.getLocation();
+        case _ => throw new RuntimeException("org.ops4j.pax.logging.pax-logging-service not found")
+      }
+    val serviceReference = context.getServiceReference(configurationAdminClassName);
+    def configureIfUnconfigured(serviceReference: ServiceReference[_]) {
+      val configurationAdmin = context.getService(serviceReference).asInstanceOf[ConfigurationAdmin]
+      val config: Configuration = configurationAdmin.getConfiguration(
+        "org.ops4j.pax.logging", paxLoggingLocation);
+      if (config.getProperties() == null) {
+        val props: Dictionary[String, String] = new Hashtable[String, String]();
+        props.put("log4j.rootLogger", "INFO, R, stdout");
+        props.put("log4j.logger.org.apache.clerezza","DEBUG")
+        props.put("log4j.appender.stdout", "org.apache.log4j.ConsoleAppender");
+        props.put("log4j.appender.stdout.layout", "org.apache.log4j.PatternLayout");
+        props.put("log4j.appender.stdout.Threshold", "WARN");
+        // Pattern to output the caller's file name and line number.
+        props.put("log4j.appender.stdout.layout.ConversionPattern", "%d [%t] %5p [%t] (%F\\:%L) - %m%n");
+        props.put("log4j.appender.R", "org.apache.log4j.FileAppender");
+        props.put("log4j.appender.R.File", "clerezza.log");
+        props.put("log4j.appender.R.layout", "org.apache.log4j.PatternLayout");
+        props.put("log4j.appender.R.layout.ConversionPattern", "%d [%t] %p %t %c - %m%n");
 
-				config.update(props);
-			}
-		}
-		if (serviceReference != null) {
-			configureIfUnconfigured(serviceReference);
-		} else {
-			val filter: String = "(objectclass=" + configurationAdminClassName + ")";
-			context.addServiceListener(new ServiceListener{
-				def serviceChanged(e: ServiceEvent) {
-					if (e.getType == ServiceEvent.REGISTERED) {
-						configureIfUnconfigured(e.getServiceReference)
-					}
-				}
-			},filter)
-		}
-		
-	}
+        config.update(props);
+      }
+    }
+    if (serviceReference != null) {
+      configureIfUnconfigured(serviceReference);
+    } else {
+      val filter: String = "(objectclass=" + configurationAdminClassName + ")";
+      context.addServiceListener(new ServiceListener{
+        def serviceChanged(e: ServiceEvent) {
+          if (e.getType == ServiceEvent.REGISTERED) {
+            configureIfUnconfigured(e.getServiceReference)
+          }
+        }
+      },filter)
+    }
+    
+  }
 
-	def stop(context: BundleContext) {
+  def stop(context: BundleContext) {
 
-	}
+  }
 
 }

http://git-wip-us.apache.org/repos/asf/clerezza/blob/35448624/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/FoafSslAuthentication.scala
----------------------------------------------------------------------
diff --git a/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/FoafSslAuthentication.scala b/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/FoafSslAuthentication.scala
index 45a274a..670c28a 100644
--- a/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/FoafSslAuthentication.scala
+++ b/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/FoafSslAuthentication.scala
@@ -78,14 +78,14 @@ class FoafSslAuthentication extends WeightedAuthenticationMethod {
       claim.principal
     }
 
-	  subject.getPublicCredentials.add(x509c)
-	  if (verified.size > 0) {
-		  subject.getPrincipals().remove(UserUtil.ANONYMOUS)
-		  subject.getPrincipals().addAll(verified)
-		  return true
-	  } else {
-		  return false
-	  }
+    subject.getPublicCredentials.add(x509c)
+    if (verified.size > 0) {
+      subject.getPrincipals().remove(UserUtil.ANONYMOUS)
+      subject.getPrincipals().addAll(verified)
+      return true
+    } else {
+      return false
+    }
   }
 
   def addAgentToSystem(id: WebIDClaim) {

http://git-wip-us.apache.org/repos/asf/clerezza/blob/35448624/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/WebIDClaim.scala
----------------------------------------------------------------------
diff --git a/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/WebIDClaim.scala b/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/WebIDClaim.scala
index 8ae8429..468b350 100644
--- a/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/WebIDClaim.scala
+++ b/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/WebIDClaim.scala
@@ -44,129 +44,129 @@ import scala.None
  */
 class WebIDClaim(val webId: UriRef, val key: PublicKey) {
 
-	import X509Claim._
-
-	val errors = new LinkedList[java.lang.Throwable]()
-
-	lazy val principal = new WebIdPrincipal(webId)
-	var verified = Verification.Unverified
-
-	/*private lazy val selectQuery = {
-		  val query = """PREFIX cert: <http://www.w3.org/ns/auth/cert#>
-		  PREFIX rsa: <http://www.w3.org/ns/auth/rsa#>
-		  SELECT ?m ?e ?mod ?exp
-		  WHERE {
-		  [] cert:identity ?webid ;
-		  rsa:modulus ?m ;
-		  rsa:public_exponent ?e .
-		  OPTIONAL { ?m cert:hex ?mod . }
-		  OPTIONAL { ?e cert:decimal ?exp . }
-		  }"""
-		  queryParser.parse(query).asInstanceOf[SelectQuery]
-		  }*/
-
-
-
-	/**
-	 * verify this claim
-	 * @param authSrvc: the authentication service contains information about where to get graphs
-	 */
-	//todo: make this asynchronous
-	def verify(authSrvc: FoafSslAuthentication) {
-		if (!webId.getUnicodeString.startsWith("http:") && !webId.getUnicodeString.startsWith("https:")) {
-			//todo: ftp, and ftps should also be doable, though content negoations is then lacking
-			verified = Verification.Unsupported
-			return
-		}
-		verified = try {
-			var webIdInfo = authSrvc.webIdSrvc.getWebIdInfo(webId)
-			verify(webIdInfo.localPublicUserData) match {
-				case None => Verification.Verified
-				case Some(err) => {
-					webIdInfo.forceCacheUpdate()
-					webIdInfo = authSrvc.webIdSrvc.getWebIdInfo(webId)
-					verify(webIdInfo.localPublicUserData) match {
-						case None => Verification.Verified
-						case Some(err) => {
-							errors.add(err)
-							Verification.Failed
-						}
-					}
-				}
-			}
-		} catch {
-			case e => {
-				errors.add(e)
-				Verification.Failed
-			}
-		}
-	}
-
-	def verify(tc: TripleCollection): Option[WebIDVerificationError] = {
-		key match {
-			case k: RSAPublicKey => verify(k, tc);
-			case x => Some(new WebIDVerificationError("Unsupported key format "+x.getClass) )
-		}
-	}
-
-	private def verify(publicKey: RSAPublicKey, tc: TripleCollection): Option[WebIDVerificationError] = {
-		val publicKeysInGraph = getPublicKeysInGraph(tc)
-		if (publicKeysInGraph.size==0) return Some(new WebIDVerificationError("No public keys found in WebID Profile for "+webId.getUnicodeString))
-		val publicKeyTuple = (new BigInt(publicKey.getModulus), new BigInt(publicKey.getPublicExponent))
-		val result = publicKeysInGraph.contains(publicKeyTuple)
-		if (logger.isDebugEnabled) {
-			if (!result) {
-				val baos = new ByteArrayOutputStream
-				Serializer.getInstance.serialize(baos, tc, SupportedFormat.TURTLE);
-				logger.debug("no matching key in: \n{}", new String(baos.toByteArray));
-				logger.debug("the public key is not among the " +
-					publicKeysInGraph.size + " keys in the profile graph of size " +
-					tc.size)
-				logger.debug("PublicKey: " + publicKeyTuple)
-				publicKeysInGraph.foreach(k => logger.debug("PublikKey in graph: " + k))
-			}
-		}
-		if (result) return None
-		else return Some(new WebIDVerificationError("No matching keys found in WebID Profile"))
-	}
-
-	private def getPublicKeysInGraph(tc: TripleCollection): Array[(BigInt, BigInt)] = {
-		import scala.collection.JavaConversions._
-		val publicKeys = for (t <- tc.filter(null, CERT.identity, webId)) yield {
-			t.getSubject
-		}
-		(for (p <- publicKeys) yield {
-			val node = new GraphNode(p, tc)
-			val modulusRes = node / RSA.modulus
-			val modulus = intValueOfResource(modulusRes) match {
-				case Some(x) => x
-				case _ => BigInt(0)
-			}
-			val exponentRes = node / RSA.public_exponent
-			val exponent = intValueOfResource(exponentRes) match {
-				case Some(x) => x
-				case _ => BigInt(0)
-			}
-			(modulus, exponent)
-		}).toArray
-	}
-
-
-	def canEqual(other: Any) = other.isInstanceOf[WebIDClaim]
-
-	override
-	def equals(other: Any): Boolean =
-		other match {
-			case that: WebIDClaim => (that eq this) || (that.canEqual(this) && webId == that.webId && key == that.key)
-			case _ => false
-		}
-
-	override
-	lazy val hashCode: Int = 41 * (
-		41 * (
-			41 + (if (webId != null) webId.hashCode else 0)
-			) + (if (key != null) key.hashCode else 0)
-		)
+  import X509Claim._
+
+  val errors = new LinkedList[java.lang.Throwable]()
+
+  lazy val principal = new WebIdPrincipal(webId)
+  var verified = Verification.Unverified
+
+  /*private lazy val selectQuery = {
+      val query = """PREFIX cert: <http://www.w3.org/ns/auth/cert#>
+      PREFIX rsa: <http://www.w3.org/ns/auth/rsa#>
+      SELECT ?m ?e ?mod ?exp
+      WHERE {
+      [] cert:identity ?webid ;
+      rsa:modulus ?m ;
+      rsa:public_exponent ?e .
+      OPTIONAL { ?m cert:hex ?mod . }
+      OPTIONAL { ?e cert:decimal ?exp . }
+      }"""
+      queryParser.parse(query).asInstanceOf[SelectQuery]
+      }*/
+
+
+
+  /**
+   * verify this claim
+   * @param authSrvc: the authentication service contains information about where to get graphs
+   */
+  //todo: make this asynchronous
+  def verify(authSrvc: FoafSslAuthentication) {
+    if (!webId.getUnicodeString.startsWith("http:") && !webId.getUnicodeString.startsWith("https:")) {
+      //todo: ftp, and ftps should also be doable, though content negoations is then lacking
+      verified = Verification.Unsupported
+      return
+    }
+    verified = try {
+      var webIdInfo = authSrvc.webIdSrvc.getWebIdInfo(webId)
+      verify(webIdInfo.localPublicUserData) match {
+        case None => Verification.Verified
+        case Some(err) => {
+          webIdInfo.forceCacheUpdate()
+          webIdInfo = authSrvc.webIdSrvc.getWebIdInfo(webId)
+          verify(webIdInfo.localPublicUserData) match {
+            case None => Verification.Verified
+            case Some(err) => {
+              errors.add(err)
+              Verification.Failed
+            }
+          }
+        }
+      }
+    } catch {
+      case e => {
+        errors.add(e)
+        Verification.Failed
+      }
+    }
+  }
+
+  def verify(tc: TripleCollection): Option[WebIDVerificationError] = {
+    key match {
+      case k: RSAPublicKey => verify(k, tc);
+      case x => Some(new WebIDVerificationError("Unsupported key format "+x.getClass) )
+    }
+  }
+
+  private def verify(publicKey: RSAPublicKey, tc: TripleCollection): Option[WebIDVerificationError] = {
+    val publicKeysInGraph = getPublicKeysInGraph(tc)
+    if (publicKeysInGraph.size==0) return Some(new WebIDVerificationError("No public keys found in WebID Profile for "+webId.getUnicodeString))
+    val publicKeyTuple = (new BigInt(publicKey.getModulus), new BigInt(publicKey.getPublicExponent))
+    val result = publicKeysInGraph.contains(publicKeyTuple)
+    if (logger.isDebugEnabled) {
+      if (!result) {
+        val baos = new ByteArrayOutputStream
+        Serializer.getInstance.serialize(baos, tc, SupportedFormat.TURTLE);
+        logger.debug("no matching key in: \n{}", new String(baos.toByteArray));
+        logger.debug("the public key is not among the " +
+          publicKeysInGraph.size + " keys in the profile graph of size " +
+          tc.size)
+        logger.debug("PublicKey: " + publicKeyTuple)
+        publicKeysInGraph.foreach(k => logger.debug("PublikKey in graph: " + k))
+      }
+    }
+    if (result) return None
+    else return Some(new WebIDVerificationError("No matching keys found in WebID Profile"))
+  }
+
+  private def getPublicKeysInGraph(tc: TripleCollection): Array[(BigInt, BigInt)] = {
+    import scala.collection.JavaConversions._
+    val publicKeys = for (t <- tc.filter(null, CERT.identity, webId)) yield {
+      t.getSubject
+    }
+    (for (p <- publicKeys) yield {
+      val node = new GraphNode(p, tc)
+      val modulusRes = node / RSA.modulus
+      val modulus = intValueOfResource(modulusRes) match {
+        case Some(x) => x
+        case _ => BigInt(0)
+      }
+      val exponentRes = node / RSA.public_exponent
+      val exponent = intValueOfResource(exponentRes) match {
+        case Some(x) => x
+        case _ => BigInt(0)
+      }
+      (modulus, exponent)
+    }).toArray
+  }
+
+
+  def canEqual(other: Any) = other.isInstanceOf[WebIDClaim]
+
+  override
+  def equals(other: Any): Boolean =
+    other match {
+      case that: WebIDClaim => (that eq this) || (that.canEqual(this) && webId == that.webId && key == that.key)
+      case _ => false
+    }
+
+  override
+  lazy val hashCode: Int = 41 * (
+    41 * (
+      41 + (if (webId != null) webId.hashCode else 0)
+      ) + (if (key != null) key.hashCode else 0)
+    )
 }
 
 class WebIDVerificationError(msg: String) extends Error(msg) {
@@ -174,14 +174,14 @@ class WebIDVerificationError(msg: String) extends Error(msg) {
 }
 
 object WebIdPrincipal {
-	//todo: not at all a satisfactory username method. Find something better.
-	def userName(webId: UriRef) = for (c <- webId.getUnicodeString) yield
-		c match {
-			case ':' => '_';
-			case '#' => '_';
-			case '/' => '_';
-			case _ => c
-		}
+  //todo: not at all a satisfactory username method. Find something better.
+  def userName(webId: UriRef) = for (c <- webId.getUnicodeString) yield
+    c match {
+      case ':' => '_';
+      case '#' => '_';
+      case '/' => '_';
+      case _ => c
+    }
 }
 
 class WebIdPrincipal(val webId: UriRef) extends PrincipalImpl(WebIdPrincipal.userName(webId)) {
@@ -191,26 +191,26 @@ class WebIdPrincipal(val webId: UriRef) extends PrincipalImpl(WebIdPrincipal.use
 
 object Verification extends Enumeration {
 
-	/**
-	 * the claim has not yet been verified
-	 */
-	val Unverified = Value
+  /**
+   * the claim has not yet been verified
+   */
+  val Unverified = Value
 
-	/**
-	 * The claim was verified and succeeded
-	 */
-	val Verified = Value
+  /**
+   * The claim was verified and succeeded
+   */
+  val Verified = Value
 
 
-	/**
-	 * The claim was verified and failed
-	 */
-	val Failed = Value
+  /**
+   * The claim was verified and failed
+   */
+  val Failed = Value
 
-	/**
-	 * The claim cannot be verified by this agent
-	 */
-	val Unsupported = Value
+  /**
+   * The claim cannot be verified by this agent
+   */
+  val Unsupported = Value
 
 }
 

http://git-wip-us.apache.org/repos/asf/clerezza/blob/35448624/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/X509Claim.scala
----------------------------------------------------------------------
diff --git a/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/X509Claim.scala b/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/X509Claim.scala
index 96ef674..72004de 100644
--- a/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/X509Claim.scala
+++ b/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/X509Claim.scala
@@ -163,13 +163,13 @@ object X509Claim {
   }
 
   /*
-  	* This method helps us deal with the old style notation
-  	* of  key rsa:modulus [ cert:hex "a342342bde..." ]
-  	*        rsa:public_exponent [ cert:int "256" ]
-  	*
-  	* where the numbers are representated by blank nodes identified by their relation to a string
-  	*
-  	*/
+    * This method helps us deal with the old style notation
+    * of  key rsa:modulus [ cert:hex "a342342bde..." ]
+    *        rsa:public_exponent [ cert:int "256" ]
+    *
+    * where the numbers are representated by blank nodes identified by their relation to a string
+    *
+    */
   def intValueOfResourceByProperty(n: GraphNode): Option[BigInt] = {
     val hexValues = n / CERT.hex
     if (hexValues.length > 0) {
@@ -186,10 +186,10 @@ object X509Claim {
     return None
   }
 
-	/**
-	 * @prefix a typed literal of some some numeric type
-	 * @return the BigInteger it represents
-	 */
+  /**
+   * @prefix a typed literal of some some numeric type
+   * @return the BigInteger it represents
+   */
   def intValueOfTypedLiteral(l: TypedLiteral): Option[BigInt] = {
     try {
       (l.getLexicalForm, l.getDataType) match {

http://git-wip-us.apache.org/repos/asf/clerezza/blob/35448624/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/ssl/Activator.scala
----------------------------------------------------------------------
diff --git a/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/ssl/Activator.scala b/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/ssl/Activator.scala
index ee30378..21e43ee 100644
--- a/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/ssl/Activator.scala
+++ b/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/ssl/Activator.scala
@@ -33,16 +33,16 @@ import org.wymiwyg.jetty.httpservice.{Activator => ServiceActivator}
  */
 class Activator() {
 
-	
-	var x509TrustManagerWrapperService: X509TrustManagerWrapperService = null;
-	protected def bindX509TrustManagerWrapperService(s: X509TrustManagerWrapperService)  = {
-		x509TrustManagerWrapperService = s
-	}
-	protected def unbindX509TrustManagerWrapperService(s: X509TrustManagerWrapperService)  = {
-		x509TrustManagerWrapperService = null
-	}
-	
-	protected def activate(context: ComponentContext) = {
+  
+  var x509TrustManagerWrapperService: X509TrustManagerWrapperService = null;
+  protected def bindX509TrustManagerWrapperService(s: X509TrustManagerWrapperService)  = {
+    x509TrustManagerWrapperService = s
+  }
+  protected def unbindX509TrustManagerWrapperService(s: X509TrustManagerWrapperService)  = {
+    x509TrustManagerWrapperService = null
+  }
+  
+  protected def activate(context: ComponentContext) = {
     try{
       val bundleContext = context.getBundleContext
       //TODO set jvm default ca-store
@@ -50,7 +50,7 @@ class Activator() {
       if (http!=null && "true".equals(http)) {
         val sslContextFactory = new X509SSLContextFactory(
                     getServerCertKeyStore(context),
-			        getKeyStorePassword(bundleContext),
+              getKeyStorePassword(bundleContext),
                     getServerCertKeyStore(context));//getCaKeyStore());
             sslContextFactory
                     .setTrustManagerWrapper(x509TrustManagerWrapperService);
@@ -64,44 +64,44 @@ class Activator() {
     catch{
       case e : Exception => println("unable to activate FOAF+SSL")
     }
-	}
-	
-	
-	def getServerCertKeyStore(context: ComponentContext): KeyStore = {
-		val bundleContext = context.getBundleContext
-		val keyStoreLoader = new KeyStoreLoader
-		keyStoreLoader.setKeyStoreType(getKeyStoreType(bundleContext))
-		keyStoreLoader.setKeyStorePath(getKeyStorePath(bundleContext))
-		keyStoreLoader.setKeyStorePassword(getKeyStorePassword(bundleContext))
+  }
+  
+  
+  def getServerCertKeyStore(context: ComponentContext): KeyStore = {
+    val bundleContext = context.getBundleContext
+    val keyStoreLoader = new KeyStoreLoader
+    keyStoreLoader.setKeyStoreType(getKeyStoreType(bundleContext))
+    keyStoreLoader.setKeyStorePath(getKeyStorePath(bundleContext))
+    keyStoreLoader.setKeyStorePassword(getKeyStorePassword(bundleContext))
         return keyStoreLoader.loadKeyStore();
     }
-	
-	protected def getKeyStoreType(context: BundleContext) = {
-		val property = context.getProperty(ServiceActivator.CONTEXT_PROPERTY_KEYSTORE_TYPE);
-		if (property != null) {
-			property;
-		} else {
-			"JKS"
-		}
-	}
+  
+  protected def getKeyStoreType(context: BundleContext) = {
+    val property = context.getProperty(ServiceActivator.CONTEXT_PROPERTY_KEYSTORE_TYPE);
+    if (property != null) {
+      property;
+    } else {
+      "JKS"
+    }
+  }
 
-	protected def getKeyStorePath(context: BundleContext) = {
-		val property = context.getProperty(ServiceActivator.CONTEXT_PROPERTY_KEYSTORE_PATH);
-		if (property != null) {
-			property;
-		} else {
-			new File(new File(System.getProperty("user.home")), ".keystore").getAbsolutePath
-		}
-	}
+  protected def getKeyStorePath(context: BundleContext) = {
+    val property = context.getProperty(ServiceActivator.CONTEXT_PROPERTY_KEYSTORE_PATH);
+    if (property != null) {
+      property;
+    } else {
+      new File(new File(System.getProperty("user.home")), ".keystore").getAbsolutePath
+    }
+  }
 
-	protected def getKeyStorePassword(context: BundleContext) = {
-		val property = context.getProperty(ServiceActivator.CONTEXT_PROPERTY_KEYSTORE_PASSWORD);
-		if (property != null) {
-			property;
-		} else {
-			"password";
-		}
-	}
+  protected def getKeyStorePassword(context: BundleContext) = {
+    val property = context.getProperty(ServiceActivator.CONTEXT_PROPERTY_KEYSTORE_PASSWORD);
+    if (property != null) {
+      property;
+    } else {
+      "password";
+    }
+  }
 
 }
 

http://git-wip-us.apache.org/repos/asf/clerezza/blob/35448624/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/ssl/X509TrustManagerWrapperService.scala
----------------------------------------------------------------------
diff --git a/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/ssl/X509TrustManagerWrapperService.scala b/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/ssl/X509TrustManagerWrapperService.scala
index e418ed4..ad039b1 100644
--- a/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/ssl/X509TrustManagerWrapperService.scala
+++ b/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/ssl/X509TrustManagerWrapperService.scala
@@ -30,41 +30,41 @@ import org.apache.clerezza.foafssl.auth.X509Claim
 
 
 object X509TrustManagerWrapperService {
-	private val logger = LoggerFactory.getLogger(classOf[X509TrustManagerWrapperService])
+  private val logger = LoggerFactory.getLogger(classOf[X509TrustManagerWrapperService])
 }
 
 
 class X509TrustManagerWrapperService() extends X509TrustManagerWrapper {
 
-	import X509TrustManagerWrapperService._
+  import X509TrustManagerWrapperService._
 
-	override def wrapTrustManager(trustManager: X509TrustManager): X509TrustManager = {
+  override def wrapTrustManager(trustManager: X509TrustManager): X509TrustManager = {
 
-		new TrustAllClientsWrappingTrustManager(trustManager) {
+    new TrustAllClientsWrappingTrustManager(trustManager) {
 
-			//At this level we just check if there are webids
-			override def checkClientTrusted(chain: Array[X509Certificate], authType: String): Unit = {
-				try {
-					val webIdUriRefs = X509Claim.getClaimedWebIds(chain(0))
-					if (webIdUriRefs.isEmpty) {
-						trustManager.checkClientTrusted(chain, authType)
-					}
-					return
+      //At this level we just check if there are webids
+      override def checkClientTrusted(chain: Array[X509Certificate], authType: String): Unit = {
+        try {
+          val webIdUriRefs = X509Claim.getClaimedWebIds(chain(0))
+          if (webIdUriRefs.isEmpty) {
+            trustManager.checkClientTrusted(chain, authType)
+          }
+          return
 
-				} catch {
-					//todo: this should be more clever, only displaying full stack trace if requested
-					//todo: currently could be a denial of service attack - by filling up your hard drive
-					case ex: Throwable => {
-						logger.info("can't check client", ex)
-						throw new CertificateException("cannot check client" + ex.getMessage);
-					}
-				}
-			}
-		}
-	}
+        } catch {
+          //todo: this should be more clever, only displaying full stack trace if requested
+          //todo: currently could be a denial of service attack - by filling up your hard drive
+          case ex: Throwable => {
+            logger.info("can't check client", ex)
+            throw new CertificateException("cannot check client" + ex.getMessage);
+          }
+        }
+      }
+    }
+  }
 
-	protected def activate(context: ComponentContext) = { }
+  protected def activate(context: ComponentContext) = { }
 
 
 }
-	 
\ No newline at end of file
+   
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/clerezza/blob/35448624/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/WebIDTester.scala
----------------------------------------------------------------------
diff --git a/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/WebIDTester.scala b/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/WebIDTester.scala
index 42fdda0..1868112 100644
--- a/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/WebIDTester.scala
+++ b/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/WebIDTester.scala
@@ -65,606 +65,606 @@ class WebIDTester {
 
 
   protected def activate(componentContext: ComponentContext) = {
-    //		configure(componentContext.getBundleContext(), "profile-staticweb");
+    //    configure(componentContext.getBundleContext(), "profile-staticweb");
   }
 
 
 
-	/**
-	 * don't bother converting to rdf here for the moment.
-	 */
+  /**
+   * don't bother converting to rdf here for the moment.
+   */
   @GET
   @Produces(Array("application/xhtml","text/html"))
   def getTestMe(): GraphNode = {
     val resultNode: GraphNode = new GraphNode(new BNode(),new SimpleMGraph())
     resultNode.addProperty(RDF.`type`, testCls)
-	 resultNode.addProperty(RDF.`type`,PLATFORM.HeadedPage)
+   resultNode.addProperty(RDF.`type`,PLATFORM.HeadedPage)
     return resultNode
   }
 
-	@GET
-	@Produces(Array("text/n3","text/rdf+n3","text/turtle"))
-	@Path("n3")
-	def getTestMe_N3(): TripleCollection = getTestMeRDF()
-
-	@GET
-	def getTestMeRDF(): TripleCollection = {
-		val certTester = new CertTester(UserUtil.getCurrentSubject(), webIdGraphsService)
-		certTester.runTests()
-		return certTester.toRdf()
-	}
-
-	@GET
-	@Path("x509")
-	@Produces(Array("text/plain"))
-	def getTestX509(): String = {
-	  val subject = UserUtil.getCurrentSubject();
-	  val creds = subject.getPublicCredentials
+  @GET
+  @Produces(Array("text/n3","text/rdf+n3","text/turtle"))
+  @Path("n3")
+  def getTestMe_N3(): TripleCollection = getTestMeRDF()
+
+  @GET
+  def getTestMeRDF(): TripleCollection = {
+    val certTester = new CertTester(UserUtil.getCurrentSubject(), webIdGraphsService)
+    certTester.runTests()
+    return certTester.toRdf()
+  }
+
+  @GET
+  @Path("x509")
+  @Produces(Array("text/plain"))
+  def getTestX509(): String = {
+    val subject = UserUtil.getCurrentSubject();
+    val creds = subject.getPublicCredentials
       if (creds.size == 0) return "No public keys found"
-	  return creds.iterator.next match {
-	    case x509: X509Claim => "X509 Certificate found. " + x509.cert.toString
-	    case other: Any => "no X509 certificate found: found " + other.getClass()
-	  }
+    return creds.iterator.next match {
+      case x509: X509Claim => "X509 Certificate found. " + x509.cert.toString
+      case other: Any => "no X509 certificate found: found " + other.getClass()
+    }
 
-	}
+  }
 
-	private var webIdGraphsService: WebIdGraphsService = null
-	protected def bindWebIdGraphsService(webIdGraphsService: WebIdGraphsService): Unit = {
-		this.webIdGraphsService = webIdGraphsService
-	}
+  private var webIdGraphsService: WebIdGraphsService = null
+  protected def bindWebIdGraphsService(webIdGraphsService: WebIdGraphsService): Unit = {
+    this.webIdGraphsService = webIdGraphsService
+  }
 
-	protected def unbindWebIdGraphsService(webIdGraphsService: WebIdGraphsService): Unit = {
-		this.webIdGraphsService = null
-	}
+  protected def unbindWebIdGraphsService(webIdGraphsService: WebIdGraphsService): Unit = {
+    this.webIdGraphsService = null
+  }
 
 }
 
 /** All the cert tests are placed here */
 class CertTester(subj: Subject, webIdGraphsService: WebIdGraphsService) extends Assertor {
 
-	import EARL.{passed, failed, cantTell, untested, inapplicable}
-
-	val creds: scala.collection.mutable.Set[X509Claim] = subj.getPublicCredentials(classOf[X509Claim]);
-	val now = new Date()
-
-
-	def runTests() {
-
-		import g._
-		val thisDoc = (g.bnode.a(FOAF.Document) //there really has to be a way to get THIS doc url, to add relative urls to the graph
-			               -- DCTERMS.created --> now
-			)
-		//
-		// Description of certificates and their public profileKeys
-		//
-		val x509claimRefs = for (claim <- creds) yield {
-			val cert = g.bnode
-			(
-				cert.a(CERT.Certificate)
-					-- CERT.base64der --> Base64.encode(claim.cert.getEncoded())
-				)
-
-			//
-			// Assertion public key
-			//
-			val pubkey = claim.cert.getPublicKey
-			val testCertKey = create(TEST.certificatePubkeyRecognised, cert)
-
-			pubkey match {
-				case rsa: RSAPublicKey => {
-					val pk = (g.bnode.a(RSA.RSAPublicKey)
-						-- RSA.modulus --> new TypedLiteralImpl(rsa.getModulus.toString(16), CERT.hex)
-						-- RSA.public_exponent --> new TypedLiteralImpl(rsa.getPublicExponent.toString(10), CERT.int_)
-						)
-					cert -- CERT.principal_key --> pk
-					val res = testCertKey.result;
-					res.description = "Certificate contains RSA key which is recognised"
-					res.outcome = EARL.passed
-					res.pointer(pk.getNode.asInstanceOf[NonLiteral])
-				}
-				case _ => {
-					testCertKey.result.description = "Certificate contains key that is not understood by WebID layer " +
-						"Pubkey algorith is " + pubkey.getAlgorithm
-					testCertKey.result.outcome = EARL.failed
-				}
-			}
-
-			//
-			// Assertion time stamp of certificate
-			//
-			val dateOkAss = create(TEST.certificateDateOk, cert)
-			val notBefore = claim.cert.getNotBefore
-			val notAfter = claim.cert.getNotAfter
-
-			if (now.before(notBefore)) {
-				dateOkAss.result("Certificate time is too early. Watch out this is often due to time " +
-					"synchronisation issues accross servers", failed)
-			} else if (now.after(notAfter)) {
-				dateOkAss.result("Certificate validity time has expired. ", failed, thisDoc.getNode)
-			} else {
-				dateOkAss.result("Certificate time is valid", passed, thisDoc.getNode)
-			}
-
-			cert -> claim
-		}
-
-		//
-		// certificate was provided
-		//
-		val eC = x509claimRefs.size > 0
-		val ass = (
-			g.bnode.a(EARL.Assertion)
-				-- EARL.test --> TEST.certificateProvided
-				-- EARL.result --> (g.bnode.a(EARL.TestResult)
-				                     -- DC.description --> {if (eC) "Certificate available" else "No Certificate Found"}
-				                     -- EARL.outcome --> {if (eC) EARL.passed else EARL.failed})
-			)
-		if (eC) ass -- EARL.subject -->> x509claimRefs.map(p => p._1)
-		else return g
-
-
-		//
-		// WebID authentication succeeded
-		//
-		val principals = for (p <- subj.getPrincipals
-		                      if p.isInstanceOf[WebIdPrincipal]) yield p.asInstanceOf[WebIdPrincipal]
-		(g.bnode.a(EARL.Assertion)
-			-- EARL.test --> TEST.webidAuthentication
-			-- EARL.result --> (g.bnode.a(EARL.TestResult)
-						-- DC.description --> {"found " + principals.size + " valid principals"}
-						-- EARL.outcome --> {if (principals.size > 0) EARL.passed else EARL.failed}
-						-- EARL.pointer -->> principals.map(p => p.webId)
-						)
-			-- EARL.subject -->> x509claimRefs.map(p => p._1)
-			)
-		import collection.JavaConversions._
-
-		for ((certRef, claim) <- x509claimRefs) {
-			for (widc <- claim.webidclaims) {
-				import Verification._
-				val webidAss = create(TEST.webidClaim,
-					Seq(widc.webId, certRef)) //todo, we need to add a description of the profileKeys as found in the remote file
-				val result = webidAss.result
-				result.pointer(widc.webId)
-				result.exceptions = widc.errors
-				widc.verified match {
-					case Verified => {
-						result("claim for WebId " + widc.webId + " was verified", passed)
-						claimTests(widc)
-					}
-					case Failed => {
-						result("claim for WebID " + widc.webId + " failed", failed)
-						claimTests(widc)
-					}
-					case Unverified => {
-						result("claim for WebId " + widc.webId + " was not verified",untested)
-					}
-					case Unsupported => {
-						result("this webid is unsupported ",cantTell)
-					}
-				}
-			}
-		}
-	}
-
-	// more detailed tester for claims that passed or failed
-	// even tester that succeed could be just succeeding by chance (if public profileKeys are badly written out for eg)
-	def claimTests(claim: WebIDClaim) {
-		val sem: Option[GraphNode] = try {
-			Some(new GraphNode(claim.webId, webIdGraphsService.getWebIdInfo(claim.webId).publicProfile)) //webProxy.fetchSemantics(claim.webId, Cache.CacheOnly)
-		} catch {
-			case e: NoSuchEntityException => None
-		}
-		val profileXst = create(TEST.profileGet, claim.webId)
-
-		sem match {
-			case Some(profile) => {
-				if (profile.getGraph.size() > 0) {
-					profileXst.result("Profile was fetched. The information about this is not yet very detailed" +
-						" in Clerezza. Later will be able to give more details.", passed)
-					testKeys(profile /- CERT.identity)
-
-				} else {
-					profileXst.result("Profile seems to have been fetched but it contains very little" +
-						" information. There may be other issues too", cantTell)
-				}
-
-			}
-			case None => {
-				profileXst.result("No profile was found or is in store", failed)
-			}
-		}
-
-	}
-
-	/**
-	 * @param exponentNode the node in the remote profile descrbing the modulus - can be a literal or a resource
-	 * @param litRef a resource to the literal as described in the test graph
-	 * @return true, if the modulus is recognised as parsing
-	 */
-	def testRSAModulus(modulusNode: RichGraphNode, litRef: Resource):Boolean = {
-		val asrtKeyModulusLit = create(TEST.pubkeyRSAModulusLiteral, litRef)
-		val asrtKeyMod = create(TEST.pubkeyRSAModulus, litRef)
-		val asrtKeyModulusOldFunc = create(TEST.pubkeyRSAModulusOldFunctional,litRef)
-		var result = false
-
-		modulusNode! match {
-			case ref: NonLiteral => {
-				asrtKeyModulusLit.result("the modulus of this key is not described directly as" +
-					" a literal. It is currently the preferred practice.", failed)
-				val hex = modulusNode / CERT.hex
-				if (hex.size == 0) {
-					asrtKeyModulusOldFunc.result("no hexadecimal value for the modulus found", failed)
-				} else if (hex.size > 1) {
-					asrtKeyModulusOldFunc.result((hex.size - 1) + " too many hexadecimal values for " +
-						"the modulus found. 1 is enough. If the numbers don't end up matching this is very likely" +
-						" to cause random behavior ", failed)
-				} else {
-					asrtKeyModulusOldFunc.result("one hex value for modulus", EARL.passed)
-					val kmres = asrtKeyMod.result
-					hex(0) ! match {
-						case refh: NonLiteral => {
-							asrtKeyMod.result("The modulus is using old notation and it's hex is not " +
-								"a literal. Going further would require reasoning engines which it is currently unlikely" +
-								"many sites have access to.", failed)
-						}
-						case lith: Literal => {
-							lith match {
-								case plainLit: PlainLiteral => {
-									if (plainLit.getLanguage != null)
-										kmres("keymodulus exists and is parseable", passed)
-									else
-										kmres("keymodulus exists and is parseable, but has a language tag", passed)
-									result = true
-								}
-								case typedLit: TypedLiteral => {
-									if (typedLit.getDataType == null ||
-										XSD.string == typedLit.getDataType) {
-										kmres("keymodulus exists and is parseable", passed)
-										result = true
-									} else {
-										kmres("keymodulus exists but does not have a string type", failed)
-									}
-								}
-								case lit => {
-									// cert:hex cannot be mistyped, since anything that is odd in the string is
-									//removed
-									kmres("keymodulus exists and is parseable", passed)
-									result = true
-								}
-							}
-						}
-					}
-				}
-
-			}
-			case numLit: Literal => {
-				val reskeyModLit = asrtKeyModulusLit.result
-				numLit match {
-					case tl: TypedLiteral => tl.getDataType match {
-						case CERT.int_ => {
-							try {
-								BigInt(tl.getLexicalForm)
-								reskeyModLit("Modulus is of type cert:int. It parsed ok.", passed, tl)
-								result = true
-							} catch {
-								case e: NumberFormatException => {
-									reskeyModLit("Modulus cert:int failed to parse as one", failed, tl)
-								}
-							}
-						}
-						case CERT.decimal => {
-							//todo: need to add cert:decimal parsing flexibility to ontology
-								reskeyModLit("Modulus is of type cert:decimal. It always parses ok", passed, tl)
-								result = true
-						}
-						case CERT.hex => {
-							result = true
-							reskeyModLit("Modulus is of type cert:hex. It will always parse to a positive number.", passed, tl)
-						}
-						case XSD.int_ => {
-							try {
-								BigInt(tl.getLexicalForm)
-								reskeyModLit("Modulus is of type xsd:int. It parsed but it is certainly too small for " +
-									"a modulus", failed)
-							} catch {
-								case e: NumberFormatException => {
-									reskeyModLit("Modulus cert:decimal is failed to parse", failed, tl)
-								}
-							}
-						}
-						case XSD.base64Binary => reskeyModLit("Base 64 binaries are not numbers. If you wish to have " +
-							"a base64 integer notation let the WebId Group know. We can define one easily.", failed, tl)
-						case XSD.hexBinary => reskeyModLit("Base hex binary literals are not a numbers. If you wish to have a hex " +
-							" integer notation use the " + CERT.hex +
-							" relation. It is easier for people to write out.", failed, tl)
-						case XSD.nonNegativeInteger => {
-							try {
-								val bi = BigInt(tl.getLexicalForm)
-								if (bi >= 0) {
-									reskeyModLit("Modulus is declared to be of type non-negative integer and it is", passed, tl)
-									result = true
-								} else {
-									reskeyModLit("Modulus is declared to be of type non-negative integer but it is negative", failed, tl)
-								}
-							} catch {
-								case e: NumberFormatException => {
-									reskeyModLit("Modulus xsd:int is very likely too short a number for a modulus. It also " +
-										"failed to parse as one", failed, tl)
-								}
-							}
-
-						}
-						case XSD.integer => {
-							try {
-								BigInt(tl.getLexicalForm)
-								reskeyModLit("Modulus is of type xsd:integer. It parsed.", passed, tl)
-								result = true
-							} catch {
-								case e: NumberFormatException => {
-									reskeyModLit("Modulus xsd:integer is failed to parse", failed, tl)
-								}
-							}
-
-						}
-						case XSD.positiveInteger => {
-							try {
-								val bi = BigInt(tl.getLexicalForm)
-								if (bi > 0) {
-									reskeyModLit("Modulus is declared to be of type positive integer and it is", passed, tl)
-									result = true
-								} else if (bi == 0) {
-									reskeyModLit("Modulus is 0 which is certainly too small", failed, tl)
-								} else {
-									reskeyModLit("Modulus is declared to be of type positive integer but it is not", failed, tl)
-								}
-							} catch {
-								case e: NumberFormatException => {
-									reskeyModLit("Modulus xsd:positiveInteger failed to parse", failed, tl)
-								}
-							}
-
-						}
-						case littype => reskeyModLit("We don't know how to interpret numbers of type " + littype +
-							"It would be better to use either cert:hex or cert:int", cantTell, tl)
-					}
-					case lit: Literal => reskeyModLit("The literal needs to be of a number type, not a string", failed, lit)
-				}
-			}
-
-
-			//its ok, and do other modulus verification
-		}
-		return result
-	}
-
-
-	/**
-	 * @param exponentNode the node in the remote profile describing the expontent - can be a literal or a resource
-	 * @param litRef a reference to the literal as described in the test graph
-	 * @return true if the exponent parses correctly
-	 */
-	def testRSAExp(exponentNode: RichGraphNode, litRef: Resource) : Boolean = {
-		val asrtKeyExpLit = create(TEST.pubkeyRSAExponentLiteral, litRef)
-		val asrtKeyExp = create(TEST.pubkeyRSAExponent, litRef)
-		val asrtKeyExpOldFunc = create(TEST.pubkeyRSAExponentOldFunctional,litRef)
-		var result = false
-
-		exponentNode! match {
-			case ref: NonLiteral => {
-				asrtKeyExpLit.result("the exponent of this key is not described directly as" +
-					" a literal. It is currently the preferred practice.", failed)
-				val decml = exponentNode / CERT.decimal
-				if (decml.size == 0) {
-					asrtKeyExpOldFunc.result("no decimal value for the exponent found", failed)
-				} else if (decml.size > 1) {
-					asrtKeyExpOldFunc.result((decml.size - 1) + " too many decimal values for " +
-						"the exponent found. 1 is enough. If the numbers don't end up matching this is very likely" +
-						" to cause random behavior ", failed)
-				} else {
-					asrtKeyExpOldFunc.result("one hex value for modulus", EARL.passed)
-					val kExpres = asrtKeyExp.result
-					decml(0) ! match {
-						case refh: NonLiteral => {
-							asrtKeyExp.result("The exponent is using old notation and it's cert:decimal relation is not " +
-								"to a literal. Going further would require reasoning engines which it is currently unlikely" +
-								"many sites have access to.", failed)
-						}
-						case lith: Literal => {
-							lith match {
-								case plainLit: PlainLiteral => {
-									if (plainLit.getLanguage != null)
-										kExpres("key exponent exists and is parseable", passed)
-									else
-										kExpres("key exponent exists and is parseable, but has a language tag", passed)
-									result = true
-								}
-								case typedLit: TypedLiteral => {
-									if (typedLit.getDataType == null ||
-										XSD.string == typedLit.getDataType) {
-										kExpres("keymodulus exists and is parseable", passed)
-										result = true
-									} else {
-										kExpres("keymodulus exists but does not have a string type", failed)
-									}
-								}
-								case lit => {
-									//todo: can cert:int not be mistyped?
-									kExpres("keymodulus exists and is parseable", passed)
-								}
-							}
-						}
-					}
-				}
-
-			}
-			case numLit: Literal => {
-				val reskeyExpLit = asrtKeyExpLit.result
-				numLit match {
-					case tl: TypedLiteral => tl.getDataType match {
-						case CERT.int_ => {
-							try {
-								BigInt(tl.getLexicalForm)
-								reskeyExpLit("Exponent is of type cert:int. It parsed ok.", passed, tl)
-								result = true
-							} catch {
-								case e: NumberFormatException => {
-									reskeyExpLit("Exponent cert:int failed to parse as one", failed, tl)
-								}
-							}
-						}
-						case CERT.hex => {
-							reskeyExpLit("Exponent is of type cert:hex. It will always parse to a positive number.", passed, tl)
-							result = true
-						}
-						case CERT.decimal => {
-							try {
-								BigInt(tl.getLexicalForm)
-								reskeyExpLit("Exponent is of type xsd:int. It parsed ok.", passed)
-								result = true
-							} catch {
-								case e: NumberFormatException => {
-									reskeyExpLit("Exeponent of type cert:decimal failed to parse", failed, tl)
-								}
-							}
-						}
-						case XSD.base64Binary => reskeyExpLit("Base 64 binaries are not numbers. If you wish to have " +
-							"a base64 integer notation let the WebId Group know. We can define one easily.", failed, tl)
-						case XSD.hexBinary => reskeyExpLit("Base hex binary literals are not a numbers. If you wish to have a hex " +
-							" integer notation use the " + CERT.hex +
-							" relation. It is easier for people to write out.", failed, tl)
-						case XSD.nonNegativeInteger => {
-							try {
-								val bi = BigInt(tl.getLexicalForm)
-								if (bi >= 0) {
-									reskeyExpLit("Exponent is declared to be of type non-negative integer and it is", passed, tl)
-									result = true
-								} else {
-									reskeyExpLit("Exponent is declared to be of type non-negative integer but it is negative", failed, tl)
-								}
-							} catch {
-								case e: NumberFormatException => {
-									reskeyExpLit("Exponent xsd:nonNegativeInteger failed to parse as one", failed, tl)
-								}
-							}
-
-						}
-						case XSD.integer => {
-							try {
-								BigInt(tl.getLexicalForm)
-								reskeyExpLit("Exponent is of type xsd:integer. It parsed.", passed, tl)
-								result = true
-							} catch {
-								case e: NumberFormatException => {
-									reskeyExpLit("Exponent xsd:integer is failed to parse", failed, tl)
-								}
-							}
-
-						}
-						case XSD.positiveInteger => {
-							try {
-								val bi = BigInt(tl.getLexicalForm)
-								if (bi > 0) {
-									reskeyExpLit("Exponent is declared to be of type positive integer and it is", passed, tl)
-									result = true
-								} else if (bi == 0) {
-									reskeyExpLit("Exponent is 0 which is certainly too small", failed, tl)
-								} else {
-									reskeyExpLit("Exponent is declared to be of type positive integer but it is not", failed, tl)
-								}
-							} catch {
-								case e: NumberFormatException => {
-									reskeyExpLit("Exponent xsd:positiveInteger failed to parse", failed, tl)
-								}
-							}
-
-						}
-						case littype => reskeyExpLit("We don't know how to interpret numbers of type " + littype +
-							"It would be better to use either cert:hex or cert:int", cantTell, tl)
-					}
-					case lit: Literal => reskeyExpLit("The literal needs to be of a number type, not a string", failed, lit)
-				}
-			}
-		}
-		return result
-	}
-
-
-	def testKeys(profileKeys: CollectedIter[RichGraphNode]) {
-
-		for (pkey <- profileKeys) yield {
-			//
-			//create a pointer to this key, so that future tester can refer to it
-			//
-			val graph: Graph = pkey.getNodeContext
-			val sout = Serializer.getInstance()
-			val out = new ByteArrayOutputStream(512)
-			sout.serialize(out, graph, "text/rdf+n3")
-			val n3String = out.toString("UTF-8")
-			//todo: turtle mime type literal?
-			import g._
-			val keylit: GraphNode = g.bnode --  OWL.sameAs --> (n3String^^"http://example.com/turtle".uri)
-
-
-			//
-			// some of the tester we will complete here
-			//
-			val asrtKeyModulusFunc = create(TEST.pubkeyRSAModulusFunctional, keylit.getNode)
-			val asrtKeyExpoFunc = create(TEST.pubkeyRSAExponentFunctional, keylit.getNode)
-			val asrtWffkey = create(TEST.profileWellFormedKey, keylit.getNode)
-
-
-			var claimsTobeRsaKey = pkey.hasProperty(RDF.`type`, RSA.RSAPublicKey)
-
-			val mods = pkey / RSA.modulus
-			val exps = pkey / RSA.public_exponent
-
-			claimsTobeRsaKey = claimsTobeRsaKey || mods.size > 0 || exps.size > 0
-
-			if (!claimsTobeRsaKey) {
-				asrtWffkey.result("Do not recognise the type of this key", cantTell)
-			}
-
-			var rsaExpOk, rsaModOk: Boolean = false
-
-			if (mods.size == 0) {
-				if (claimsTobeRsaKey) {
-					asrtKeyModulusFunc.result("Missing modulus in RSA key", failed)
-				}
-				else {
-					asrtKeyModulusFunc.result("Can't tell if this is an RSA key", cantTell)
-				}
-			} else if (mods.size > 1) {
-				asrtKeyModulusFunc.result("Found more than one modulus. Careful, unless the numbers are" +
-					" exactly the same, there is a danger of erratic behavior", failed)
-			} else {
-				asrtKeyModulusFunc.result("Found one Modulus", passed)
-
-				rsaModOk = testRSAModulus(mods, keylit.getNode)
-			}
-
-			if (exps.size == 0) {
-				if (claimsTobeRsaKey) {
-					asrtKeyExpoFunc.result("Missing exponent in RSA key", failed)
-				}
-				else {
-					asrtKeyExpoFunc.result("Can't tell if this is an RSA key", cantTell)
-				}
-			} else if (exps.size > 1) {
-				asrtKeyExpoFunc.result("Found more than one exponents. Careful, unless the numbers are" +
-					" exactly the same, there is a danger of erratic behavior", failed)
-				//we could have a problem
-			} else {
-				asrtKeyExpoFunc.result("Found one Modulus", passed)
-				rsaExpOk = testRSAExp(mods, keylit.getNode)
-			}
-
-			if (rsaExpOk && rsaModOk) {
-				asrtWffkey.result("Modulus and Exponent of key good", passed)
-			}
-
-		}
-	}
+  import EARL.{passed, failed, cantTell, untested, inapplicable}
+
+  val creds: scala.collection.mutable.Set[X509Claim] = subj.getPublicCredentials(classOf[X509Claim]);
+  val now = new Date()
+
+
+  def runTests() {
+
+    import g._
+    val thisDoc = (g.bnode.a(FOAF.Document) //there really has to be a way to get THIS doc url, to add relative urls to the graph
+                     -- DCTERMS.created --> now
+      )
+    //
+    // Description of certificates and their public profileKeys
+    //
+    val x509claimRefs = for (claim <- creds) yield {
+      val cert = g.bnode
+      (
+        cert.a(CERT.Certificate)
+          -- CERT.base64der --> Base64.encode(claim.cert.getEncoded())
+        )
+
+      //
+      // Assertion public key
+      //
+      val pubkey = claim.cert.getPublicKey
+      val testCertKey = create(TEST.certificatePubkeyRecognised, cert)
+
+      pubkey match {
+        case rsa: RSAPublicKey => {
+          val pk = (g.bnode.a(RSA.RSAPublicKey)
+            -- RSA.modulus --> new TypedLiteralImpl(rsa.getModulus.toString(16), CERT.hex)
+            -- RSA.public_exponent --> new TypedLiteralImpl(rsa.getPublicExponent.toString(10), CERT.int_)
+            )
+          cert -- CERT.principal_key --> pk
+          val res = testCertKey.result;
+          res.description = "Certificate contains RSA key which is recognised"
+          res.outcome = EARL.passed
+          res.pointer(pk.getNode.asInstanceOf[NonLiteral])
+        }
+        case _ => {
+          testCertKey.result.description = "Certificate contains key that is not understood by WebID layer " +
+            "Pubkey algorith is " + pubkey.getAlgorithm
+          testCertKey.result.outcome = EARL.failed
+        }
+      }
+
+      //
+      // Assertion time stamp of certificate
+      //
+      val dateOkAss = create(TEST.certificateDateOk, cert)
+      val notBefore = claim.cert.getNotBefore
+      val notAfter = claim.cert.getNotAfter
+
+      if (now.before(notBefore)) {
+        dateOkAss.result("Certificate time is too early. Watch out this is often due to time " +
+          "synchronisation issues accross servers", failed)
+      } else if (now.after(notAfter)) {
+        dateOkAss.result("Certificate validity time has expired. ", failed, thisDoc.getNode)
+      } else {
+        dateOkAss.result("Certificate time is valid", passed, thisDoc.getNode)
+      }
+
+      cert -> claim
+    }
+
+    //
+    // certificate was provided
+    //
+    val eC = x509claimRefs.size > 0
+    val ass = (
+      g.bnode.a(EARL.Assertion)
+        -- EARL.test --> TEST.certificateProvided
+        -- EARL.result --> (g.bnode.a(EARL.TestResult)
+                             -- DC.description --> {if (eC) "Certificate available" else "No Certificate Found"}
+                             -- EARL.outcome --> {if (eC) EARL.passed else EARL.failed})
+      )
+    if (eC) ass -- EARL.subject -->> x509claimRefs.map(p => p._1)
+    else return g
+
+
+    //
+    // WebID authentication succeeded
+    //
+    val principals = for (p <- subj.getPrincipals
+                          if p.isInstanceOf[WebIdPrincipal]) yield p.asInstanceOf[WebIdPrincipal]
+    (g.bnode.a(EARL.Assertion)
+      -- EARL.test --> TEST.webidAuthentication
+      -- EARL.result --> (g.bnode.a(EARL.TestResult)
+            -- DC.description --> {"found " + principals.size + " valid principals"}
+            -- EARL.outcome --> {if (principals.size > 0) EARL.passed else EARL.failed}
+            -- EARL.pointer -->> principals.map(p => p.webId)
+            )
+      -- EARL.subject -->> x509claimRefs.map(p => p._1)
+      )
+    import collection.JavaConversions._
+
+    for ((certRef, claim) <- x509claimRefs) {
+      for (widc <- claim.webidclaims) {
+        import Verification._
+        val webidAss = create(TEST.webidClaim,
+          Seq(widc.webId, certRef)) //todo, we need to add a description of the profileKeys as found in the remote file
+        val result = webidAss.result
+        result.pointer(widc.webId)
+        result.exceptions = widc.errors
+        widc.verified match {
+          case Verified => {
+            result("claim for WebId " + widc.webId + " was verified", passed)
+            claimTests(widc)
+          }
+          case Failed => {
+            result("claim for WebID " + widc.webId + " failed", failed)
+            claimTests(widc)
+          }
+          case Unverified => {
+            result("claim for WebId " + widc.webId + " was not verified",untested)
+          }
+          case Unsupported => {
+            result("this webid is unsupported ",cantTell)
+          }
+        }
+      }
+    }
+  }
+
+  // more detailed tester for claims that passed or failed
+  // even tester that succeed could be just succeeding by chance (if public profileKeys are badly written out for eg)
+  def claimTests(claim: WebIDClaim) {
+    val sem: Option[GraphNode] = try {
+      Some(new GraphNode(claim.webId, webIdGraphsService.getWebIdInfo(claim.webId).publicProfile)) //webProxy.fetchSemantics(claim.webId, Cache.CacheOnly)
+    } catch {
+      case e: NoSuchEntityException => None
+    }
+    val profileXst = create(TEST.profileGet, claim.webId)
+
+    sem match {
+      case Some(profile) => {
+        if (profile.getGraph.size() > 0) {
+          profileXst.result("Profile was fetched. The information about this is not yet very detailed" +
+            " in Clerezza. Later will be able to give more details.", passed)
+          testKeys(profile /- CERT.identity)
+
+        } else {
+          profileXst.result("Profile seems to have been fetched but it contains very little" +
+            " information. There may be other issues too", cantTell)
+        }
+
+      }
+      case None => {
+        profileXst.result("No profile was found or is in store", failed)
+      }
+    }
+
+  }
+
+  /**
+   * @param exponentNode the node in the remote profile descrbing the modulus - can be a literal or a resource
+   * @param litRef a resource to the literal as described in the test graph
+   * @return true, if the modulus is recognised as parsing
+   */
+  def testRSAModulus(modulusNode: RichGraphNode, litRef: Resource):Boolean = {
+    val asrtKeyModulusLit = create(TEST.pubkeyRSAModulusLiteral, litRef)
+    val asrtKeyMod = create(TEST.pubkeyRSAModulus, litRef)
+    val asrtKeyModulusOldFunc = create(TEST.pubkeyRSAModulusOldFunctional,litRef)
+    var result = false
+
+    modulusNode! match {
+      case ref: NonLiteral => {
+        asrtKeyModulusLit.result("the modulus of this key is not described directly as" +
+          " a literal. It is currently the preferred practice.", failed)
+        val hex = modulusNode / CERT.hex
+        if (hex.size == 0) {
+          asrtKeyModulusOldFunc.result("no hexadecimal value for the modulus found", failed)
+        } else if (hex.size > 1) {
+          asrtKeyModulusOldFunc.result((hex.size - 1) + " too many hexadecimal values for " +
+            "the modulus found. 1 is enough. If the numbers don't end up matching this is very likely" +
+            " to cause random behavior ", failed)
+        } else {
+          asrtKeyModulusOldFunc.result("one hex value for modulus", EARL.passed)
+          val kmres = asrtKeyMod.result
+          hex(0) ! match {
+            case refh: NonLiteral => {
+              asrtKeyMod.result("The modulus is using old notation and it's hex is not " +
+                "a literal. Going further would require reasoning engines which it is currently unlikely" +
+                "many sites have access to.", failed)
+            }
+            case lith: Literal => {
+              lith match {
+                case plainLit: PlainLiteral => {
+                  if (plainLit.getLanguage != null)
+                    kmres("keymodulus exists and is parseable", passed)
+                  else
+                    kmres("keymodulus exists and is parseable, but has a language tag", passed)
+                  result = true
+                }
+                case typedLit: TypedLiteral => {
+                  if (typedLit.getDataType == null ||
+                    XSD.string == typedLit.getDataType) {
+                    kmres("keymodulus exists and is parseable", passed)
+                    result = true
+                  } else {
+                    kmres("keymodulus exists but does not have a string type", failed)
+                  }
+                }
+                case lit => {
+                  // cert:hex cannot be mistyped, since anything that is odd in the string is
+                  //removed
+                  kmres("keymodulus exists and is parseable", passed)
+                  result = true
+                }
+              }
+            }
+          }
+        }
+
+      }
+      case numLit: Literal => {
+        val reskeyModLit = asrtKeyModulusLit.result
+        numLit match {
+          case tl: TypedLiteral => tl.getDataType match {
+            case CERT.int_ => {
+              try {
+                BigInt(tl.getLexicalForm)
+                reskeyModLit("Modulus is of type cert:int. It parsed ok.", passed, tl)
+                result = true
+              } catch {
+                case e: NumberFormatException => {
+                  reskeyModLit("Modulus cert:int failed to parse as one", failed, tl)
+                }
+              }
+            }
+            case CERT.decimal => {
+              //todo: need to add cert:decimal parsing flexibility to ontology
+                reskeyModLit("Modulus is of type cert:decimal. It always parses ok", passed, tl)
+                result = true
+            }
+            case CERT.hex => {
+              result = true
+              reskeyModLit("Modulus is of type cert:hex. It will always parse to a positive number.", passed, tl)
+            }
+            case XSD.int_ => {
+              try {
+                BigInt(tl.getLexicalForm)
+                reskeyModLit("Modulus is of type xsd:int. It parsed but it is certainly too small for " +
+                  "a modulus", failed)
+              } catch {
+                case e: NumberFormatException => {
+                  reskeyModLit("Modulus cert:decimal is failed to parse", failed, tl)
+                }
+              }
+            }
+            case XSD.base64Binary => reskeyModLit("Base 64 binaries are not numbers. If you wish to have " +
+              "a base64 integer notation let the WebId Group know. We can define one easily.", failed, tl)
+            case XSD.hexBinary => reskeyModLit("Base hex binary literals are not a numbers. If you wish to have a hex " +
+              " integer notation use the " + CERT.hex +
+              " relation. It is easier for people to write out.", failed, tl)
+            case XSD.nonNegativeInteger => {
+              try {
+                val bi = BigInt(tl.getLexicalForm)
+                if (bi >= 0) {
+                  reskeyModLit("Modulus is declared to be of type non-negative integer and it is", passed, tl)
+                  result = true
+                } else {
+                  reskeyModLit("Modulus is declared to be of type non-negative integer but it is negative", failed, tl)
+                }
+              } catch {
+                case e: NumberFormatException => {
+                  reskeyModLit("Modulus xsd:int is very likely too short a number for a modulus. It also " +
+                    "failed to parse as one", failed, tl)
+                }
+              }
+
+            }
+            case XSD.integer => {
+              try {
+                BigInt(tl.getLexicalForm)
+                reskeyModLit("Modulus is of type xsd:integer. It parsed.", passed, tl)
+                result = true
+              } catch {
+                case e: NumberFormatException => {
+                  reskeyModLit("Modulus xsd:integer is failed to parse", failed, tl)
+                }
+              }
+
+            }
+            case XSD.positiveInteger => {
+              try {
+                val bi = BigInt(tl.getLexicalForm)
+                if (bi > 0) {
+                  reskeyModLit("Modulus is declared to be of type positive integer and it is", passed, tl)
+                  result = true
+                } else if (bi == 0) {
+                  reskeyModLit("Modulus is 0 which is certainly too small", failed, tl)
+                } else {
+                  reskeyModLit("Modulus is declared to be of type positive integer but it is not", failed, tl)
+                }
+              } catch {
+                case e: NumberFormatException => {
+                  reskeyModLit("Modulus xsd:positiveInteger failed to parse", failed, tl)
+                }
+              }
+
+            }
+            case littype => reskeyModLit("We don't know how to interpret numbers of type " + littype +
+              "It would be better to use either cert:hex or cert:int", cantTell, tl)
+          }
+          case lit: Literal => reskeyModLit("The literal needs to be of a number type, not a string", failed, lit)
+        }
+      }
+
+
+      //its ok, and do other modulus verification
+    }
+    return result
+  }
+
+
+  /**
+   * @param exponentNode the node in the remote profile describing the expontent - can be a literal or a resource
+   * @param litRef a reference to the literal as described in the test graph
+   * @return true if the exponent parses correctly
+   */
+  def testRSAExp(exponentNode: RichGraphNode, litRef: Resource) : Boolean = {
+    val asrtKeyExpLit = create(TEST.pubkeyRSAExponentLiteral, litRef)
+    val asrtKeyExp = create(TEST.pubkeyRSAExponent, litRef)
+    val asrtKeyExpOldFunc = create(TEST.pubkeyRSAExponentOldFunctional,litRef)
+    var result = false
+
+    exponentNode! match {
+      case ref: NonLiteral => {
+        asrtKeyExpLit.result("the exponent of this key is not described directly as" +
+          " a literal. It is currently the preferred practice.", failed)
+        val decml = exponentNode / CERT.decimal
+        if (decml.size == 0) {
+          asrtKeyExpOldFunc.result("no decimal value for the exponent found", failed)
+        } else if (decml.size > 1) {
+          asrtKeyExpOldFunc.result((decml.size - 1) + " too many decimal values for " +
+            "the exponent found. 1 is enough. If the numbers don't end up matching this is very likely" +
+            " to cause random behavior ", failed)
+        } else {
+          asrtKeyExpOldFunc.result("one hex value for modulus", EARL.passed)
+          val kExpres = asrtKeyExp.result
+          decml(0) ! match {
+            case refh: NonLiteral => {
+              asrtKeyExp.result("The exponent is using old notation and it's cert:decimal relation is not " +
+                "to a literal. Going further would require reasoning engines which it is currently unlikely" +
+                "many sites have access to.", failed)
+            }
+            case lith: Literal => {
+              lith match {
+                case plainLit: PlainLiteral => {
+                  if (plainLit.getLanguage != null)
+                    kExpres("key exponent exists and is parseable", passed)
+                  else
+                    kExpres("key exponent exists and is parseable, but has a language tag", passed)
+                  result = true
+                }
+                case typedLit: TypedLiteral => {
+                  if (typedLit.getDataType == null ||
+                    XSD.string == typedLit.getDataType) {
+                    kExpres("keymodulus exists and is parseable", passed)
+                    result = true
+                  } else {
+                    kExpres("keymodulus exists but does not have a string type", failed)
+                  }
+                }
+                case lit => {
+                  //todo: can cert:int not be mistyped?
+                  kExpres("keymodulus exists and is parseable", passed)
+                }
+              }
+            }
+          }
+        }
+
+      }
+      case numLit: Literal => {
+        val reskeyExpLit = asrtKeyExpLit.result
+        numLit match {
+          case tl: TypedLiteral => tl.getDataType match {
+            case CERT.int_ => {
+              try {
+                BigInt(tl.getLexicalForm)
+                reskeyExpLit("Exponent is of type cert:int. It parsed ok.", passed, tl)
+                result = true
+              } catch {
+                case e: NumberFormatException => {
+                  reskeyExpLit("Exponent cert:int failed to parse as one", failed, tl)
+                }
+              }
+            }
+            case CERT.hex => {
+              reskeyExpLit("Exponent is of type cert:hex. It will always parse to a positive number.", passed, tl)
+              result = true
+            }
+            case CERT.decimal => {
+              try {
+                BigInt(tl.getLexicalForm)
+                reskeyExpLit("Exponent is of type xsd:int. It parsed ok.", passed)
+                result = true
+              } catch {
+                case e: NumberFormatException => {
+                  reskeyExpLit("Exeponent of type cert:decimal failed to parse", failed, tl)
+                }
+              }
+            }
+            case XSD.base64Binary => reskeyExpLit("Base 64 binaries are not numbers. If you wish to have " +
+              "a base64 integer notation let the WebId Group know. We can define one easily.", failed, tl)
+            case XSD.hexBinary => reskeyExpLit("Base hex binary literals are not a numbers. If you wish to have a hex " +
+              " integer notation use the " + CERT.hex +
+              " relation. It is easier for people to write out.", failed, tl)
+            case XSD.nonNegativeInteger => {
+              try {
+                val bi = BigInt(tl.getLexicalForm)
+                if (bi >= 0) {
+                  reskeyExpLit("Exponent is declared to be of type non-negative integer and it is", passed, tl)
+                  result = true
+                } else {
+                  reskeyExpLit("Exponent is declared to be of type non-negative integer but it is negative", failed, tl)
+                }
+              } catch {
+                case e: NumberFormatException => {
+                  reskeyExpLit("Exponent xsd:nonNegativeInteger failed to parse as one", failed, tl)
+                }
+              }
+
+            }
+            case XSD.integer => {
+              try {
+                BigInt(tl.getLexicalForm)
+                reskeyExpLit("Exponent is of type xsd:integer. It parsed.", passed, tl)
+                result = true
+              } catch {
+                case e: NumberFormatException => {
+                  reskeyExpLit("Exponent xsd:integer is failed to parse", failed, tl)
+                }
+              }
+
+            }
+            case XSD.positiveInteger => {
+              try {
+                val bi = BigInt(tl.getLexicalForm)
+                if (bi > 0) {
+                  reskeyExpLit("Exponent is declared to be of type positive integer and it is", passed, tl)
+                  result = true
+                } else if (bi == 0) {
+                  reskeyExpLit("Exponent is 0 which is certainly too small", failed, tl)
+                } else {
+                  reskeyExpLit("Exponent is declared to be of type positive integer but it is not", failed, tl)
+                }
+              } catch {
+                case e: NumberFormatException => {
+                  reskeyExpLit("Exponent xsd:positiveInteger failed to parse", failed, tl)
+                }
+              }
+
+            }
+            case littype => reskeyExpLit("We don't know how to interpret numbers of type " + littype +
+              "It would be better to use either cert:hex or cert:int", cantTell, tl)
+          }
+          case lit: Literal => reskeyExpLit("The literal needs to be of a number type, not a string", failed, lit)
+        }
+      }
+    }
+    return result
+  }
+
+
+  def testKeys(profileKeys: CollectedIter[RichGraphNode]) {
+
+    for (pkey <- profileKeys) yield {
+      //
+      //create a pointer to this key, so that future tester can refer to it
+      //
+      val graph: Graph = pkey.getNodeContext
+      val sout = Serializer.getInstance()
+      val out = new ByteArrayOutputStream(512)
+      sout.serialize(out, graph, "text/rdf+n3")
+      val n3String = out.toString("UTF-8")
+      //todo: turtle mime type literal?
+      import g._
+      val keylit: GraphNode = g.bnode --  OWL.sameAs --> (n3String^^"http://example.com/turtle".uri)
+
+
+      //
+      // some of the tester we will complete here
+      //
+      val asrtKeyModulusFunc = create(TEST.pubkeyRSAModulusFunctional, keylit.getNode)
+      val asrtKeyExpoFunc = create(TEST.pubkeyRSAExponentFunctional, keylit.getNode)
+      val asrtWffkey = create(TEST.profileWellFormedKey, keylit.getNode)
+
+
+      var claimsTobeRsaKey = pkey.hasProperty(RDF.`type`, RSA.RSAPublicKey)
+
+      val mods = pkey / RSA.modulus
+      val exps = pkey / RSA.public_exponent
+
+      claimsTobeRsaKey = claimsTobeRsaKey || mods.size > 0 || exps.size > 0
+
+      if (!claimsTobeRsaKey) {
+        asrtWffkey.result("Do not recognise the type of this key", cantTell)
+      }
+
+      var rsaExpOk, rsaModOk: Boolean = false
+
+      if (mods.size == 0) {
+        if (claimsTobeRsaKey) {
+          asrtKeyModulusFunc.result("Missing modulus in RSA key", failed)
+        }
+        else {
+          asrtKeyModulusFunc.result("Can't tell if this is an RSA key", cantTell)
+        }
+      } else if (mods.size > 1) {
+        asrtKeyModulusFunc.result("Found more than one modulus. Careful, unless the numbers are" +
+          " exactly the same, there is a danger of erratic behavior", failed)
+      } else {
+        asrtKeyModulusFunc.result("Found one Modulus", passed)
+
+        rsaModOk = testRSAModulus(mods, keylit.getNode)
+      }
+
+      if (exps.size == 0) {
+        if (claimsTobeRsaKey) {
+          asrtKeyExpoFunc.result("Missing exponent in RSA key", failed)
+        }
+        else {
+          asrtKeyExpoFunc.result("Can't tell if this is an RSA key", cantTell)
+        }
+      } else if (exps.size > 1) {
+        asrtKeyExpoFunc.result("Found more than one exponents. Careful, unless the numbers are" +
+          " exactly the same, there is a danger of erratic behavior", failed)
+        //we could have a problem
+      } else {
+        asrtKeyExpoFunc.result("Found one Modulus", passed)
+        rsaExpOk = testRSAExp(mods, keylit.getNode)
+      }
+
+      if (rsaExpOk && rsaModOk) {
+        asrtWffkey.result("Modulus and Exponent of key good", passed)
+      }
+
+    }
+  }
 }
 
 /**
@@ -678,80 +678,80 @@ class CertTester(subj: Subject, webIdGraphsService: WebIdGraphsService) extends
   */
 class Assertor {
 
-	val g = new EzMGraph(new SimpleMGraph)
-
-	var assertions: List[Assertion] = Nil
-
-	def add(newAssertion: Assertion) = {
-		assertions = newAssertion :: assertions
-		newAssertion
-	}
-
-	def create(testName: UriRef, subjects: Seq[Resource]) = new Assertion(testName, subjects)
-
-	def create(testName: UriRef, subject: Resource) = new Assertion(testName, Seq[Resource](subject))
-
-	def toRdf(): TripleCollection =  {
-		for (test <- assertions) {
-			test.toRdf()
-		}
-		g
-	}
-
-	class Assertion(testName: UriRef,
-	                subjects: Seq[Resource]) {
-
-		//only add this runTests to the list of assertions if there is a result
-		//this makes it easier to write code that keeps track of assertions, without ending up having to
-		//publish all of them
-		lazy val result = {
-			add(this)
-			new TstResult
-		}
-
-		import g._
-		def toRdf(): GraphNode = (
-			g.bnode.a(EARL.Assertion)
-				-- EARL.test --> testName
-				-- EARL.result --> result.toRdf()
-				-- EARL.subject -->> subjects
-			)
-	}
-
-	class TstResult {
-		var description: String = _
-		var outcome: UriRef = _
-		var pointers: Seq[Resource] = Nil
-		var exceptions: Iterable[java.lang.Throwable] = Nil
-
-		def pointer(point: NonLiteral) {
-			pointers = Seq(point)
-		}
-
-
-		// a method to deal with most usual case
-		def apply(desc: String, success: UriRef) {
-			description = desc
-			outcome = success
-		}
-
-		def apply(desc: String, success: UriRef, pointer: Resource) {
-			description = desc
-			outcome = success
-			pointers = Seq(pointer)
-		}
-
-
-		def toRdf(): GraphNode =  {
-				import g._
-				(g.bnode.a(EARL.TestResult)
-					-- DC.description --> description
-					-- EARL.outcome --> outcome
-					-- EARL.pointer -->> pointers
-				   -- EARL.info -->> { for (e <- exceptions) yield new PlainLiteralImpl(e.toString)  }
-				   )
-		}
-
-	}
+  val g = new EzMGraph(new SimpleMGraph)
+
+  var assertions: List[Assertion] = Nil
+
+  def add(newAssertion: Assertion) = {
+    assertions = newAssertion :: assertions
+    newAssertion
+  }
+
+  def create(testName: UriRef, subjects: Seq[Resource]) = new Assertion(testName, subjects)
+
+  def create(testName: UriRef, subject: Resource) = new Assertion(testName, Seq[Resource](subject))
+
+  def toRdf(): TripleCollection =  {
+    for (test <- assertions) {
+      test.toRdf()
+    }
+    g
+  }
+
+  class Assertion(testName: UriRef,
+                  subjects: Seq[Resource]) {
+
+    //only add this runTests to the list of assertions if there is a result
+    //this makes it easier to write code that keeps track of assertions, without ending up having to
+    //publish all of them
+    lazy val result = {
+      add(this)
+      new TstResult
+    }
+
+    import g._
+    def toRdf(): GraphNode = (
+      g.bnode.a(EARL.Assertion)
+        -- EARL.test --> testName
+        -- EARL.result --> result.toRdf()
+        -- EARL.subject -->> subjects
+      )
+  }
+
+  class TstResult {
+    var description: String = _
+    var outcome: UriRef = _
+    var pointers: Seq[Resource] = Nil
+    var exceptions: Iterable[java.lang.Throwable] = Nil
+
+    def pointer(point: NonLiteral) {
+      pointers = Seq(point)
+    }
+
+
+    // a method to deal with most usual case
+    def apply(desc: String, success: UriRef) {
+      description = desc
+      outcome = success
+    }
+
+    def apply(desc: String, success: UriRef, pointer: Resource) {
+      description = desc
+      outcome = success
+      pointers = Seq(pointer)
+    }
+
+
+    def toRdf(): GraphNode =  {
+        import g._
+        (g.bnode.a(EARL.TestResult)
+          -- DC.description --> description
+          -- EARL.outcome --> outcome
+          -- EARL.pointer -->> pointers
+           -- EARL.info -->> { for (e <- exceptions) yield new PlainLiteralImpl(e.toString)  }
+           )
+    }
+
+  }
 
 }

http://git-wip-us.apache.org/repos/asf/clerezza/blob/35448624/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/pages/WebIDClaimPg.scala
----------------------------------------------------------------------
diff --git a/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/pages/WebIDClaimPg.scala b/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/pages/WebIDClaimPg.scala
index 8bf32ed..890a9d7 100644
--- a/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/pages/WebIDClaimPg.scala
+++ b/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/pages/WebIDClaimPg.scala
@@ -42,21 +42,21 @@ import org.apache.clerezza.platform.users.WebIdGraphsService
  */
 
 class WebIDClaimPg extends SRenderlet {
-	def getRdfType() = WebIDTester.testCls
+  def getRdfType() = WebIDTester.testCls
 
-	override def renderedPage(arguments: XmlResult.Arguments) = new XhtmlWebIDClaimPg(arguments, webIdGraphsService)
+  override def renderedPage(arguments: XmlResult.Arguments) = new XhtmlWebIDClaimPg(arguments, webIdGraphsService)
 
-	//TODO a renderlet should not need services,
+  //TODO a renderlet should not need services,
 
-	private var webIdGraphsService: WebIdGraphsService = null
+  private var webIdGraphsService: WebIdGraphsService = null
 
-	protected def bindWebIdGraphsService(webIdGraphsService: WebIdGraphsService): Unit = {
-		this.webIdGraphsService = webIdGraphsService
-	}
+  protected def bindWebIdGraphsService(webIdGraphsService: WebIdGraphsService): Unit = {
+    this.webIdGraphsService = webIdGraphsService
+  }
 
-	protected def unbindWebIdGraphsService(webIdGraphsService: WebIdGraphsService): Unit = {
-		this.webIdGraphsService = null
-	}
+  protected def unbindWebIdGraphsService(webIdGraphsService: WebIdGraphsService): Unit = {
+    this.webIdGraphsService = null
+  }
 
 
 
@@ -69,9 +69,9 @@ object XhtmlWebIDClaimPg {
 class XhtmlWebIDClaimPg(arguments: XmlResult.Arguments, webIdGraphsService: WebIdGraphsService) extends XmlResult(arguments )  {
   import XhtmlWebIDClaimPg._
 
-	resultDocModifier.setTitle("WebId Tests");
-	resultDocModifier.addNodes2Elem("tx-module", <h1>Test Panel</h1>);
-	resultDocModifier.addNodes2Elem("tx-module-tabs-ol", <li class="tx-active"><a href="#">WebId Tester</a></li>);
+  resultDocModifier.setTitle("WebId Tests");
+  resultDocModifier.addNodes2Elem("tx-module", <h1>Test Panel</h1>);
+  resultDocModifier.addNodes2Elem("tx-module-tabs-ol", <li class="tx-active"><a href="#">WebId Tester</a></li>);
 
   override def content = <div id="tx-content"> <h2>WebID Login Test Page</h2>
     <p>The TLS connection was established. We do not test the basic TLS connection.</p>
@@ -81,7 +81,7 @@ class XhtmlWebIDClaimPg(arguments: XmlResult.Arguments, webIdGraphsService: WebI
     if (creds.size==0) <p>No X509 credentials available.</p>
     else for (cred <- creds) yield describeX509Claim(cred)
     }
-	  <p>For very detailed test information to send to support <a href="WebId/n3">download this n3 file</a>.</p>
+    <p>For very detailed test information to send to support <a href="WebId/n3">download this n3 file</a>.</p>
   </div>
 
 
@@ -144,97 +144,97 @@ class XhtmlWebIDClaimPg(arguments: XmlResult.Arguments, webIdGraphsService: WebI
     </p>
 
   def displayKey(key: RichGraphNode) = <span>
-	  {val errs = verifyKeyClosely(key)
-	  if (errs.size > 0) <ul>{errs}</ul>
-	  else scala.xml.Null
-	  }
-	  <pre>
-		  {val graph: Graph = key.getNodeContext
-	  val sout = Serializer.getInstance()
-	  val out = new ByteArrayOutputStream(1024)
-	  sout.serialize(out, graph, "text/rdf+n3")
-	  out.toString("UTF-8")}
-	  </pre>
+    {val errs = verifyKeyClosely(key)
+    if (errs.size > 0) <ul>{errs}</ul>
+    else scala.xml.Null
+    }
+    <pre>
+      {val graph: Graph = key.getNodeContext
+    val sout = Serializer.getInstance()
+    val out = new ByteArrayOutputStream(1024)
+    sout.serialize(out, graph, "text/rdf+n3")
+    out.toString("UTF-8")}
+    </pre>
   </span>
 
-	/**
-	 * test numbers written in the old style with non literals
-	 *
-	 * @param The node that is the number. Should be a non literal
-	 * @param The relation name to the string that identifies the number
-	 * @param The role of the number in the public key (modulus, exponent, ...)
-	 *
-	*/
-	def nonLiteralNumTest(number: RichGraphNode, relToString: UriRef, numberRole: String ): NodeSeq = {
-		val typeTest = number! match {
-			case uri: UriRef => <li>Warning: your {numberRole} is a uri. The new spec requires this to be a literal.
-					 Uri found: {uri.getUnicodeString}</li>
-			case _: BNode => <li>Warning: your {numberRole} is a blank node. The newer spec requires this to be a literal</li>
-		}
-		typeTest++
-		 {
-			val hexs = number / relToString
-			if (hexs.size > 1) {
-				<li>WARNING: Your {numberRole} has more than one relation to a hexadecimal string. Unless both of those strings
-					map to the same number, your identification experience will be very random</li>
-			} else if (hexs.size == 0) {
-				<li>WARNING: your {numberRole} has no decimal literal attached by the {relToString} relation</li>
-			} else hexs! match {
-				case bnode: NonLiteral => <li>Warning: Your {numberRole} has a relation to a non literal, where it should be a
-					relation to a literal. It is possible that logically it all works out, but don't even expect a few engines to
-					bother reflecting deeply on this. We don't check past here.</li>
-				case lit: Literal => emptyxml
-			}
-		}
-
-	}
-
-	def literalNumTest(number: Literal): NodeSeq = {
-		number match {
-			case tl: TypedLiteral => tl.getDataType match {
-		   	case CERT.int_ => emptyxml
-			   case CERT.hex => emptyxml
-			   case CERT.decimal => emptyxml
-			   case XSD.base64Binary => <li>Base 64 binary is not a number. If you wish to have a base64 integer notation
-				   let the WebId Group know</li>
-				case XSD.hexBinary => <li>Base hex binary is not a number. If you wish to have a hex integer notation
-				   use the {CERT.hex} relation. It is easier for people to write out</li>
-				case XSD.nonNegativeInteger => emptyxml
-				case XSD.integer => emptyxml
-				case XSD.positiveInteger => emptyxml
-				case XSD.int_ => emptyxml
-				case littype => <li>We don't know how to interpret numbers of {littype}.
-					It would be better to use either
-					<a href={CERT.hex.getUnicodeString}>cert:hex</a> or <a href={CERT.int_.getUnicodeString}>cert:int</a></li>
-			}
-			case _: Literal => <li>Warning: you need to put a literal type, so we can know how to interpret the string.
-		</li>
-		}
-	}
-
-	def verifyKeyClosely(key: RichGraphNode) : NodeSeq= {
-		val moduli = key/RSA.modulus
-		val modWarn = if (moduli.size>1) {
-			<li>Warning: you have written the modulus out in more than one way. If they a are not equal your
-				connections might be alternatively successful</li>
-		} else if (moduli.size==0) {
-			<li>Warning: you have no modulus here. RSA keys must have one modulus</li>
-		} else  moduli! match {
-				 case _: NonLiteral => nonLiteralNumTest(moduli(0),CERT.hex,"modulus")
-				 case lit: Literal => literalNumTest(lit)
-		}
-		val expts = key/RSA.public_exponent
-		val expWarn = if (expts.size>1) {
-			<li>Warning: you have more than one exponent. They must be equal, or your connections will be unpredicable</li>
-
-		} else if (expts.size==0) {
-			<li>Warning: you have no exponent here. RSA keys must have one public exponent</li>
-		} else expts! match {
-				 case _: NonLiteral => nonLiteralNumTest(expts(0),CERT.decimal,"exponent")
-				 case lit: Literal => literalNumTest(lit)
-		}
-
-		return modWarn ++ expWarn
-	}
+  /**
+   * test numbers written in the old style with non literals
+   *
+   * @param The node that is the number. Should be a non literal
+   * @param The relation name to the string that identifies the number
+   * @param The role of the number in the public key (modulus, exponent, ...)
+   *
+  */
+  def nonLiteralNumTest(number: RichGraphNode, relToString: UriRef, numberRole: String ): NodeSeq = {
+    val typeTest = number! match {
+      case uri: UriRef => <li>Warning: your {numberRole} is a uri. The new spec requires this to be a literal.
+           Uri found: {uri.getUnicodeString}</li>
+      case _: BNode => <li>Warning: your {numberRole} is a blank node. The newer spec requires this to be a literal</li>
+    }
+    typeTest++
+     {
+      val hexs = number / relToString
+      if (hexs.size > 1) {
+        <li>WARNING: Your {numberRole} has more than one relation to a hexadecimal string. Unless both of those strings
+          map to the same number, your identification experience will be very random</li>
+      } else if (hexs.size == 0) {
+        <li>WARNING: your {numberRole} has no decimal literal attached by the {relToString} relation</li>
+      } else hexs! match {
+        case bnode: NonLiteral => <li>Warning: Your {numberRole} has a relation to a non literal, where it should be a
+          relation to a literal. It is possible that logically it all works out, but don't even expect a few engines to
+          bother reflecting deeply on this. We don't check past here.</li>
+        case lit: Literal => emptyxml
+      }
+    }
+
+  }
+
+  def literalNumTest(number: Literal): NodeSeq = {
+    number match {
+      case tl: TypedLiteral => tl.getDataType match {
+         case CERT.int_ => emptyxml
+         case CERT.hex => emptyxml
+         case CERT.decimal => emptyxml
+         case XSD.base64Binary => <li>Base 64 binary is not a number. If you wish to have a base64 integer notation
+           let the WebId Group know</li>
+        case XSD.hexBinary => <li>Base hex binary is not a number. If you wish to have a hex integer notation
+           use the {CERT.hex} relation. It is easier for people to write out</li>
+        case XSD.nonNegativeInteger => emptyxml
+        case XSD.integer => emptyxml
+        case XSD.positiveInteger => emptyxml
+        case XSD.int_ => emptyxml
+        case littype => <li>We don't know how to interpret numbers of {littype}.
+          It would be better to use either
+          <a href={CERT.hex.getUnicodeString}>cert:hex</a> or <a href={CERT.int_.getUnicodeString}>cert:int</a></li>
+      }
+      case _: Literal => <li>Warning: you need to put a literal type, so we can know how to interpret the string.
+    </li>
+    }
+  }
+
+  def verifyKeyClosely(key: RichGraphNode) : NodeSeq= {
+    val moduli = key/RSA.modulus
+    val modWarn = if (moduli.size>1) {
+      <li>Warning: you have written the modulus out in more than one way. If they a are not equal your
+        connections might be alternatively successful</li>
+    } else if (moduli.size==0) {
+      <li>Warning: you have no modulus here. RSA keys must have one modulus</li>
+    } else  moduli! match {
+         case _: NonLiteral => nonLiteralNumTest(moduli(0),CERT.hex,"modulus")
+         case lit: Literal => literalNumTest(lit)
+    }
+    val expts = key/RSA.public_exponent
+    val expWarn = if (expts.size>1) {
+      <li>Warning: you have more than one exponent. They must be equal, or your connections will be unpredicable</li>
+
+    } else if (expts.size==0) {
+      <li>Warning: you have no exponent here. RSA keys must have one public exponent</li>
+    } else expts! match {
+         case _: NonLiteral => nonLiteralNumTest(expts(0),CERT.decimal,"exponent")
+         case lit: Literal => literalNumTest(lit)
+    }
+
+    return modWarn ++ expWarn
+  }
 
 }


Mime
View raw message