Author: coheigea
Date: Wed Oct 12 09:17:52 2016
New Revision: 1764413

URL: http://svn.apache.org/viewvc?rev=1764413&view=rev
Log:
added support for a comma-separated list of crl

Modified:
    
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java

Modified: 
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java?rev=1764413&r1=1764412&r2=1764413&view=diff
==============================================================================
--- 
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java
 (original)
+++ 
webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java
 Wed Oct 12 09:17:52 2016
@@ -52,7 +52,6 @@ import java.security.cert.X509Certificat
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
-import java.util.Collections;
 import java.util.Enumeration;
 import java.util.HashSet;
 import java.util.List;
@@ -118,6 +117,7 @@ public class Merlin extends CryptoBase {
     private static final org.slf4j.Logger LOG =
         org.slf4j.LoggerFactory.getLogger(Merlin.class);
     private static final boolean DO_DEBUG = LOG.isDebugEnabled();
+    private static final String COMMA_SEPARATOR = ",";
 
     protected Properties properties;
     protected KeyStore keystore;
@@ -304,39 +304,57 @@ public class Merlin extends CryptoBase {
         //
         // Load the CRL file
         //
-        String crlLocation = properties.getProperty(prefix + X509_CRL_FILE);
-        if (crlLocation != null) {
-            crlLocation = crlLocation.trim();
-
-            try (InputStream is = loadInputStream(loader, crlLocation)) {
-                CertificateFactory cf = getCertificateFactory();
-                X509CRL crl = (X509CRL)cf.generateCRL(is);
-
+        String crlLocations = properties.getProperty(prefix + X509_CRL_FILE);
+        if (crlLocations != null) {
+            String[] splittedCrlsLocations = 
crlLocations.split(COMMA_SEPARATOR);
+            List<X509CRL> crls = new ArrayList();
+            for (int i = 0; i < splittedCrlsLocations.length; i++) {
+                String crlLocation = splittedCrlsLocations[i];
+                crlLocation = crlLocation.trim();
+                InputStream is = loadInputStream(loader, crlLocation);
+                try {
+                    CertificateFactory cf = getCertificateFactory();
+                    X509CRL crl = (X509CRL)cf.generateCRL(is);
+                    crls.add(crl);
+                } catch (Exception e) {
+                    if (DO_DEBUG) {
+                        LOG.debug(e.getMessage(), e);
+                    }
+                    throw new 
WSSecurityException(WSSecurityException.ErrorCode.FAILURE,e, "ioError00");
+                } finally {
+                    if (is != null) {
+                        is.close();
+                    }
+                }
+            }
+            try {
                 if (keystoreProvider == null || keystoreProvider.length() == 
0) {
                     crlCertStore =
-                        CertStore.getInstance(
-                            "Collection",
-                            new 
CollectionCertStoreParameters(Collections.singletonList(crl))
-                        );
+                            CertStore.getInstance(
+                                    "Collection",
+                                    new CollectionCertStoreParameters(crls)
+                            );
+
                 } else {
                     crlCertStore =
-                        CertStore.getInstance(
-                            "Collection",
-                            new 
CollectionCertStoreParameters(Collections.singletonList(crl)),
-                                keystoreProvider
-                        );
-                }
-                if (DO_DEBUG) {
-                    LOG.debug(
-                        "The CRL " + crlLocation + " has been loaded"
-                    );
+                            CertStore.getInstance(
+                                    "Collection",
+                                    new CollectionCertStoreParameters(crls),
+                                    keystoreProvider
+                            );
                 }
             } catch (Exception e) {
                 if (DO_DEBUG) {
                     LOG.debug(e.getMessage(), e);
                 }
-                throw new 
WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e, 
"failedCredentialLoad");
+                throw new 
WSSecurityException(WSSecurityException.ErrorCode.FAILURE,e, "ioError00");
             }
+            if (DO_DEBUG) {
+                LOG.debug(
+                        "The CRL " + crlLocations + " has been loaded"
+                );
+            }
+
         }
     }
 


Reply via email to