Github user jburwell commented on a diff in the pull request:
https://github.com/apache/cloudstack/pull/1799#discussion_r90340246
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO
cert, List<LoadBalancerCertM
return response;
}
- private void validateCert(Certificate cert, boolean chainPresent) {
+ private void validateCert(final Certificate cert, final boolean
chainPresent) {
- if (!(cert instanceof X509Certificate))
+ if (!(cert instanceof X509Certificate)) {
throw new IllegalArgumentException("Invalid certificate
format. Expected X509 certificate");
+ }
try {
((X509Certificate)cert).checkValidity();
- } catch (Exception e) {
+ } catch (final Exception e) {
throw new IllegalArgumentException("Certificate expired or not
valid", e);
}
}
- private void validateKeys(PublicKey pubKey, PrivateKey privKey) {
+ private void validateKeys(final PublicKey pubKey, final PrivateKey
privKey) {
- if (pubKey.getAlgorithm() != privKey.getAlgorithm())
+ if (pubKey.getAlgorithm() != privKey.getAlgorithm()) {
throw new IllegalArgumentException("Public and private key
have different algorithms");
+ }
// No encryption for DSA
- if (pubKey.getAlgorithm() != "RSA")
+ if (pubKey.getAlgorithm() != "RSA") {
return;
+ }
try {
- String data = "ENCRYPT_DATA";
- SecureRandom random = new SecureRandom();
- Cipher cipher = Cipher.getInstance(pubKey.getAlgorithm());
+ final String data = "ENCRYPT_DATA";
+ final SecureRandom random = new SecureRandom();
+ final Cipher cipher =
Cipher.getInstance(pubKey.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, privKey, random);
- byte[] encryptedData = cipher.doFinal(data.getBytes());
+ final byte[] encryptedData = cipher.doFinal(data.getBytes());
cipher.init(Cipher.DECRYPT_MODE, pubKey, random);
- String decreptedData = new
String(cipher.doFinal(encryptedData));
- if (!decreptedData.equals(data))
+ final String decreptedData = new
String(cipher.doFinal(encryptedData));
+ if (!decreptedData.equals(data)) {
throw new IllegalArgumentException("Bad public-private
key");
+ }
- } catch (BadPaddingException e) {
+ } catch (final BadPaddingException e) {
throw new IllegalArgumentException("Bad public-private key",
e);
- } catch (IllegalBlockSizeException e) {
+ } catch (final IllegalBlockSizeException e) {
throw new IllegalArgumentException("Bad public-private key",
e);
- } catch (NoSuchPaddingException e) {
+ } catch (final NoSuchPaddingException e) {
--- End diff --
Please consolidate lines 389-394 into a multi-catch. Also,
`InvalidArgumentException` seems inappropriate as it indicates that a parameter
did not match the expected contract. `IllegalStateException` seems the more
appropriate type.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
