}
};
- String certNonceSeed;
- int certNonceSlopLimit;
+ private String certNonceSeed;
+ private int certNonceSlopLimit;
+ private NonceGenerator nonceGenerator;
/** Create a new config with default values disabling push verification. */
public SignedPushConfig() {
}
SignedPushConfig(Config cfg) {
- certNonceSeed = cfg.getString("receive", null, "certnonceseed"); //$NON-NLS-1$ //$NON-NLS-2$
+ setCertNonceSeed(cfg.getString("receive", null, "certnonceseed")); //$NON-NLS-1$ //$NON-NLS-2$
certNonceSlopLimit = cfg.getInt("receive", "certnonceslop", 0); //$NON-NLS-1$ //$NON-NLS-2$
}
/**
* Set the seed used by the nonce verifier.
* <p>
- * Setting this to a non-null value enables push certificate verification.
+ * Setting this to a non-null value enables push certificate verification
+ * using the default {@link HMACSHA1NonceGenerator} implementation, if a
+ * different implementation was not set using {@link
+ * #setNonceGenerator(NonceGenerator)}.
*
* @param seed
* new seed value.
certNonceSeed = seed;
}
- /** @return the configured seed used by the nonce verifier. */
+ /** @return the configured seed. */
public String getCertNonceSeed() {
return certNonceSeed;
}
public int getCertNonceSlopLimit() {
return certNonceSlopLimit;
}
+
+ /**
+ * Set the {@link NonceGenerator} used for signed pushes.
+ * <p>
+ * Setting this to a non-null value enables push certificate verification. If
+ * this method is called, this implementation will be used instead of the
+ * default {@link HMACSHA1NonceGenerator} even if {@link
+ * #setCertNonceSeed(String)} was called.
+ *
+ * @param generator
+ * new nonce generator.
+ */
+ public void setNonceGenerator(NonceGenerator generator) {
+ nonceGenerator = generator;
+ }
+
+ /**
+ * Get the {@link NonceGenerator} used for signed pushes.
+ * <p>
+ * If {@link #setNonceGenerator(NonceGenerator)} was used to set a non-null
+ * implementation, that will be returned. If no custom implementation was set
+ * but {@link #setCertNonceSeed(String)} was called, returns a newly-created
+ * {@link HMACSHA1NonceGenerator}.
+ *
+ * @return the configured nonce generator.
+ */
+ public NonceGenerator getNonceGenerator() {
+ if (nonceGenerator != null) {
+ return nonceGenerator;
+ } else if (certNonceSeed != null) {
+ return new HMACSHA1NonceGenerator(certNonceSeed);
+ }
+ return null;
+ }
}
projects / jgit.git / commitdiff