-
-
Notifications
You must be signed in to change notification settings - Fork 113
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make key store types extensible conveniently #259
base: master
Are you sure you want to change the base?
Conversation
Thank you for the PR, I've made a similar refactoring on a local branch but I was moderately satisfied with the result because many internal details leak in the public API. I'll probably reevaluate this after the 7.0 release. |
jsign-crypto/src/main/resources/META-INF/services/net.jsign.ks.JsignKeyStore
Outdated
Show resolved
Hide resolved
d83bfe3
to
ecbf15c
Compare
I might misremember, but I think I did not publish more than necessary to implement an own key store, so mainly the getters in the key store builder and the |
ecbf15c
to
0b7e0b5
Compare
My concern is mostly the KeyStoreType private methods that become public ( |
Well, custom implementations of To keep them package-private we could move |
By the way, I have just seen that between 6.0 and 7.0-SNAPSHOT you introduced |
b467d10
to
4d6b807
Compare
Yes I'm aware of that, but I'm trying to preserve the backward compatibility as much as possible. Jsign isn't a JPMS module yet so this can be solved later. |
Well, it can nevertheless be put to the module path as automatic module or transformed to be a module for example using the Gradle plugin https://github.com/gradlex-org/extra-java-module-info in consumer projects. Unless it has such split packages which then prevents it. :-) Just wanted to make you aware of it in case you were not as many people out there are not at all JPMS aware still. |
I've updated my refactoring to use a SPI for the keystores and pushed it to the keystore-spi branch:
Some points still have to be addressed:
|
4d6b807
to
5eb5d7f
Compare
In my version it should be fully compatible as I only removed package-private methods and kept it as enum. :-)
I updated my PR to also adapt these refactorings from your branch.
In my version That's also one of the pro-points of having the implementations in a separate package, as you can see what such implementations need, so that they can become public like all the But for better comparability for now I also moved the classes out to the
The intention was not just a performance boost, also to have them more or less singleton, at least at normal usage, while keeping the flexibility to instantiate them when needed.
If such a custom method is used, then yes, I'd say it should at least be a deterministic order if it ist not a by-definition unordered object. But as the return value is an array, I'd say a deterministic order - even if not sorted - would be better.
Imho it is better to throw an exception if multiple have the same ID. Yes, this could easily break if for example I have a
Or use my version, there they effectively are singletons :-) |
This is a follow-up to #258, only the top-most commit is to be reviewed.
This refactors the key store types into services.
This pulls apart the code into separate classes.
And more importantly it allows to easily extends JSign with further key store types in consumer code,
by simply providing the respective service implementation.