Make PrivateKeyUtils#load method file extension agnostic
#267
Conversation
|
It looks good, thanks a lot. Using suppressed exceptions is as good idea. I know the line endings are inconsistent, but I'd prefer to keep them as is to keep the diff readable by default. I'll probably normalize the whole project at some point in the future anyway. |
jsign-core/src/test/resources/keystores/generate-private-key.sh
Outdated
Show resolved
Hide resolved
| */ | ||
| public static PrivateKey load(File file, String password) throws KeyException { | ||
| try { | ||
| if (file.getName().endsWith(".pvk")) { |
There was a problem hiding this comment.
What about keeping the extension based detection and then falling back to the other method?
There was a problem hiding this comment.
I considered that approach for a while, and realized it wouldn't handle cases where key files have misleading extensions (e.g., a PVK key with a That said, I don’t feel strongly about this and am open to changing it if requested 😄.pem extension, or vice versa). Ultimately, I believe that allowing the key to be parsed regardless of the file extension, even if it's misleading, is more user-friendly.
Edit: nevermind the reason above, it's kinda late over here and didn't really consider how a misleading extension could be satisfactorily handled anyway by falling back to the other key type... I think that could work well, but I'm not sure if it's worth the added complexity; PVK and PEM files have unambiguous headers with respect to the other.
|
That's fine, let's keep it this way. Could you just squash your commits into one before I merge the PR please? |
AlexTMjugador
force-pushed
the
feat/ext-agnostic-pkey-load
branch
from
ca7e356 to
941c937
Compare
|
Okay! I've just squashed the commits into one 👍 |
As outlined in #264, this is achieved by trying to parse the key file according to one of the supported formats in sequence until one works. Given that there are only two supported formats at the moment, and that PEM files are attempted first and more common in the wild than PVK, this approach should have good enough performance. Because a Java exception can only have a single cause, I've attached the underlying parse exceptions to the higher-level `KeyException` as supressed exceptions. These get displayed to consumers on e.g. stacktraces, allowing them to know what exactly went wrong when parsing either format. While at it, I've added a test to ensure that this extension-agnostic behavior is maintained over time. Resolves #264.
AlexTMjugador
force-pushed
the
feat/ext-agnostic-pkey-load
branch
from
941c937 to
18e4228
Compare
|
Perfect, thank you! |
As outlined in #264, this is achieved by trying to parse the key file according to one of the supported formats in sequence until one works. Given that there are only two supported formats at the moment, and that PEM files are attempted first and more common in the wild than PVK, this approach should have good enough performance. Because a Java exception can only have a single cause, I've attached the underlying parse exceptions to the higher-level
KeyExceptionas supressed exceptions. These get displayed to consumers on e.g. stacktraces, allowing them to know what exactly went wrong when parsing either format.While at it, I've added a test to ensure that this extension-agnostic behavior is maintained over time. Also, the
PrivateKeyUtils.javafile had inconsistent line endings with respect to the rest of the repository, so I fixed that, causing Git to report a big diff there.Resolves #264.
Private key load errors display preview
Note how the underlying exceptions are marked as "suppressed", but still retain their message, cause and other diagnostic data.