Bug 49447 - KeyStoreResolver iterator returns null for symmetric keys
Summary: KeyStoreResolver iterator returns null for symmetric keys
Alias: None
Product: Security - Now in JIRA
Classification: Unclassified
Component: Encryption (show other bugs)
Version: unspecified
Hardware: PC Windows NT
: P2 normal
Target Milestone: ---
Assignee: XML Security Developers Mailing List
Depends on:
Blocks: 49450
  Show dependency tree
Reported: 2010-06-16 12:29 UTC by Clement Pellerin
Modified: 2010-06-17 09:26 UTC (History)
0 users

patch to solve problem including new junit test (6.51 KB, application/x-zip-compressed)
2010-06-16 12:29 UTC, Clement Pellerin

Note You need to log in before you can comment on or make changes to this bug.
Description Clement Pellerin 2010-06-16 12:29:05 UTC
Created attachment 25599 [details]
patch to solve problem including new junit test

When iterating the certificates in a KeyStoreResolver, the iterator might return null even though hasNext() says there are more elements. This happens because hasNext() only checks if there are more aliases. If the next alias contains a symmetric key, there is no certificate in the KeyStore entry and next() returns null. When you look at the KeyResolvers, they are not prepared to handle a null value, this will cause a NullPointerException.

To reproduce, use the junit KeyStoreResolverTest in the attachment.
Comment 1 coheigea 2010-06-16 13:31:29 UTC
Thanks for the patch, I'll take a look.

Comment 2 Clement Pellerin 2010-06-16 15:37:45 UTC
This patch has a bug in the implementation of next() because it never returns NoSuchElementException. See an improvement in the incremental patch attached to Bug 49450.
Comment 3 coheigea 2010-06-17 09:26:05 UTC
Patch applied, thanks.