summaryrefslogtreecommitdiffstats
path: root/base/common
diff options
context:
space:
mode:
authorAbhishek Koneru <akoneru@redhat.com>2012-06-21 09:44:15 -0400
committerAde Lee <alee@redhat.com>2012-06-29 01:29:03 -0400
commiteb4b46f25ca8dec8ac79c26cfb02e8918000c88e (patch)
tree22223edf9099ac1a3e0c3914d383c373a92950b0 /base/common
parent1eba8264adbe42115caac4db655d450a99791ceb (diff)
downloadpki-eb4b46f25ca8dec8ac79c26cfb02e8918000c88e.tar.gz
pki-eb4b46f25ca8dec8ac79c26cfb02e8918000c88e.tar.xz
pki-eb4b46f25ca8dec8ac79c26cfb02e8918000c88e.zip
Fixes for Forward Null Cases in Coverity for DogTag10
Addressed review coments.
Diffstat (limited to 'base/common')
-rw-r--r--base/common/src/com/netscape/cmscore/apps/CMSEngine.java49
-rw-r--r--base/common/src/com/netscape/cmscore/cert/CertificatePair.java7
-rw-r--r--base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java3
-rw-r--r--base/common/src/com/netscape/cmscore/dbs/Repository.java3
-rw-r--r--base/common/src/com/netscape/cmscore/security/JssSubsystem.java106
5 files changed, 76 insertions, 92 deletions
diff --git a/base/common/src/com/netscape/cmscore/apps/CMSEngine.java b/base/common/src/com/netscape/cmscore/apps/CMSEngine.java
index 855073916..cbdfee8fc 100644
--- a/base/common/src/com/netscape/cmscore/apps/CMSEngine.java
+++ b/base/common/src/com/netscape/cmscore/apps/CMSEngine.java
@@ -308,13 +308,12 @@ public class CMSEngine implements ICMSEngine {
CMS.debug("CMSEngine: getPasswordStore(): password store not initialized before.");
String pwdClass = mConfig.getString("passwordClass");
- if (pwdClass != null) {
- try {
- mPasswordStore = (IPasswordStore) Class.forName(pwdClass).newInstance();
- } catch (Exception e) {
- CMS.debug("CMSEngine: getPasswordStore(): password store initialization failure:"
- + e.toString());
- }
+ try {
+ mPasswordStore = (IPasswordStore) Class.forName(pwdClass).newInstance();
+ } catch (Exception e) {
+ CMS.debug("CMSEngine: getPasswordStore(): password store initialization failure:"
+ + e.toString());
+ throw e;
}
} else {
CMS.debug("CMSEngine: getPasswordStore(): password store initialized before.");
@@ -1877,32 +1876,32 @@ public class CMSEngine implements ICMSEngine {
checkRevReq.setExtData(IRequest.ISSUED_CERTS, agentCerts);
queue.processRequest(checkRevReq);
- } catch (EBaseException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AGENT_PROCESS_CHECKING"));
- }
- RequestStatus status = checkRevReq.getRequestStatus();
+ RequestStatus status = checkRevReq.getRequestStatus();
- if (status == RequestStatus.COMPLETE) {
- Enumeration<String> enum1 = checkRevReq.getExtDataKeys();
+ if (status == RequestStatus.COMPLETE) {
+ Enumeration<String> enum1 = checkRevReq.getExtDataKeys();
- while (enum1.hasMoreElements()) {
- String name = enum1.nextElement();
+ while (enum1.hasMoreElements()) {
+ String name = enum1.nextElement();
- if (name.equals(IRequest.REVOKED_CERTS)) {
- revoked = true;
+ if (name.equals(IRequest.REVOKED_CERTS)) {
+ revoked = true;
+ if (mVCList != null)
+ mVCList.update(cert, VerifiedCert.REVOKED);
+ }
+ }
+ if (revoked == false) {
if (mVCList != null)
- mVCList.update(cert, VerifiedCert.REVOKED);
+ mVCList.update(cert, VerifiedCert.NOT_REVOKED);
}
- }
- if (revoked == false) {
+
+ } else {
if (mVCList != null)
- mVCList.update(cert, VerifiedCert.NOT_REVOKED);
+ mVCList.update(cert, VerifiedCert.CHECKED);
}
-
- } else {
- if (mVCList != null)
- mVCList.update(cert, VerifiedCert.CHECKED);
+ } catch (EBaseException e) {
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AGENT_PROCESS_CHECKING"));
}
}
}
diff --git a/base/common/src/com/netscape/cmscore/cert/CertificatePair.java b/base/common/src/com/netscape/cmscore/cert/CertificatePair.java
index 306b9d3bd..779e0dafc 100644
--- a/base/common/src/com/netscape/cmscore/cert/CertificatePair.java
+++ b/base/common/src/com/netscape/cmscore/cert/CertificatePair.java
@@ -207,6 +207,13 @@ public class CertificatePair implements ASN1Value {
*/
public boolean byteArraysAreEqual(byte[] a, byte[] b) {
debug("in byteArraysAreEqual()");
+
+ if (a == null && b == null) {
+ return true;
+ }
+ if (a == null || b == null) {
+ return false;
+ }
if (a.length != b.length) {
debug("exiting byteArraysAreEqual(): false");
return false;
diff --git a/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java b/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java
index 9af436295..d59f081db 100644
--- a/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java
@@ -101,6 +101,9 @@ public class BigIntegerMapper implements IDBAttrMapper {
}
public static String BigIntegerToDB(BigInteger i) {
+ if (i == null) {
+ return null;
+ }
int len = i.toString().length();
String ret = null;
diff --git a/base/common/src/com/netscape/cmscore/dbs/Repository.java b/base/common/src/com/netscape/cmscore/dbs/Repository.java
index 4a438c07c..57ac5004d 100644
--- a/base/common/src/com/netscape/cmscore/dbs/Repository.java
+++ b/base/common/src/com/netscape/cmscore/dbs/Repository.java
@@ -393,14 +393,13 @@ public abstract class Repository implements IRepository {
CMS.debug("Reached the end of the range. Attempting to move to next range");
mMinSerialNo = mNextMinSerialNo;
mMaxSerialNo = mNextMaxSerialNo;
- mLastSerialNo = mMinSerialNo;
mNextMinSerialNo = null;
mNextMaxSerialNo = null;
if ((mMaxSerialNo == null) || (mMinSerialNo == null)) {
throw new EDBException(CMS.getUserMessage("CMS_DBS_LIMIT_REACHED",
mLastSerialNo.toString()));
}
-
+ mLastSerialNo = mMinSerialNo;
// persist the changes
mDB.setMinSerialConfig(mRepo, mMinSerialNo.toString());
mDB.setMaxSerialConfig(mRepo, mMaxSerialNo.toString());
diff --git a/base/common/src/com/netscape/cmscore/security/JssSubsystem.java b/base/common/src/com/netscape/cmscore/security/JssSubsystem.java
index 12bf8d95a..e3b744220 100644
--- a/base/common/src/com/netscape/cmscore/security/JssSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/security/JssSubsystem.java
@@ -301,9 +301,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
certDir = config.getString(CONFIG_DIR, null);
- CryptoManager.InitializationValues vals =
- new CryptoManager.InitializationValues(certDir,
- "", "", "secmod.db");
+ CryptoManager.InitializationValues vals = new CryptoManager.InitializationValues(certDir, "", "", "secmod.db");
vals.removeSunProvider = false;
vals.installJSSProvider = true;
@@ -313,8 +311,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
// do nothing
} catch (Exception e) {
String[] params = { mId, e.toString() };
- EBaseException ex = new EBaseException(
- CMS.getUserMessage("CMS_BASE_CREATE_SERVICE_FAILED", params));
+ EBaseException ex = new EBaseException(CMS.getUserMessage("CMS_BASE_CREATE_SERVICE_FAILED", params));
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_GENERAL_ERROR", ex.toString()));
throw ex;
@@ -325,8 +322,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
initSSL();
} catch (CryptoManager.NotInitializedException e) {
String[] params = { mId, e.toString() };
- EBaseException ex = new EBaseException(
- CMS.getUserMessage("CMS_BASE_CREATE_SERVICE_FAILED", params));
+ EBaseException ex = new EBaseException(CMS.getUserMessage("CMS_BASE_CREATE_SERVICE_FAILED", params));
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_GENERAL_ERROR", ex.toString()));
throw ex;
@@ -751,8 +747,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
public String getSignatureAlgorithm(String nickname) throws EBaseException {
try {
- X509Certificate cert =
- CryptoManager.getInstance().findCertByNickname(nickname);
+ X509Certificate cert = CryptoManager.getInstance().findCertByNickname(nickname);
X509CertImpl impl = new X509CertImpl(cert.getEncoded());
return impl.getSigAlgName();
@@ -773,10 +768,8 @@ public final class JssSubsystem implements ICryptoSubsystem {
public KeyPair getKeyPair(String nickname) throws EBaseException {
try {
- X509Certificate cert =
- CryptoManager.getInstance().findCertByNickname(nickname);
- PrivateKey priKey =
- CryptoManager.getInstance().findPrivKeyByCert(cert);
+ X509Certificate cert = CryptoManager.getInstance().findCertByNickname(nickname);
+ PrivateKey priKey = CryptoManager.getInstance().findPrivKeyByCert(cert);
PublicKey publicKey = cert.getPublicKey();
return new KeyPair(publicKey, priKey);
@@ -822,7 +815,6 @@ public final class JssSubsystem implements ICryptoSubsystem {
try {
KeyPair kp = KeyCertUtil.generateKeyPair(token, kpAlg, keySize, pqg);
-
return kp;
} catch (InvalidParameterException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_KEY_PAIR", e.toString()));
@@ -856,11 +848,9 @@ public final class JssSubsystem implements ICryptoSubsystem {
public String getCertRequest(String subjectName, KeyPair kp)
throws EBaseException {
try {
- netscape.security.pkcs.PKCS10 pkcs =
- KeyCertUtil.getCertRequest(subjectName, kp);
+ netscape.security.pkcs.PKCS10 pkcs = KeyCertUtil.getCertRequest(subjectName, kp);
ByteArrayOutputStream bs = new ByteArrayOutputStream();
PrintStream ps = new PrintStream(bs);
-
pkcs.print(ps);
return bs.toString();
} catch (NoSuchAlgorithmException e) {
@@ -1151,8 +1141,12 @@ public final class JssSubsystem implements ICryptoSubsystem {
try {
@SuppressWarnings("unchecked")
Enumeration<CryptoToken> enums = mCryptoManager.getAllTokens();
- if (mNicknameMapCertsTable != null)
+ if (mNicknameMapCertsTable != null) {
mNicknameMapCertsTable.clear();
+ } else {
+ CMS.debug("JssSubsystem::getRootCerts() - mNicknameMapCertsTable is null");
+ throw new EBaseException("JssSubsystem::getRootCerts() - mNicknameMapCertsTable is null");
+ }
// a temp hashtable with vectors
Hashtable<String, Vector<X509Certificate>> vecTable = new Hashtable<String, Vector<X509Certificate>>();
@@ -1167,8 +1161,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
for (int i = 0; i < list.length; i++) {
try {
@SuppressWarnings("unused")
- PrivateKey key =
- CryptoManager.getInstance().findPrivKeyByCert(list[i]); // check for errors
+ PrivateKey key = CryptoManager.getInstance().findPrivKeyByCert(list[i]); // check for errors
Debug.trace("JssSubsystem getRootCerts: find private key "
+ list[i].getNickname());
} catch (ObjectNotFoundException e) {
@@ -1291,8 +1284,12 @@ public final class JssSubsystem implements ICryptoSubsystem {
NameValuePairs pairs = getCACerts();
- if (mNicknameMapUserCertsTable != null)
+ if (mNicknameMapUserCertsTable != null) {
mNicknameMapUserCertsTable.clear();
+ } else {
+ CMS.debug("JssSubsystem:: getAllCertsManage() : mNicknameMapCertsTable is null");
+ throw new EBaseException("JssSubsystem:: getAllCertsManage() : mNicknameMapCertsTable is null");
+ }
try {
@SuppressWarnings("unchecked")
@@ -1358,17 +1355,15 @@ public final class JssSubsystem implements ICryptoSubsystem {
X509Certificate[] certs;
try {
- certs =
- CryptoManager.getInstance().getCACerts();
+ certs = CryptoManager.getInstance().getCACerts();
} catch (NotInitializedException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_GET_CA_CERT", e.toString()));
throw new EBaseException(CMS.getUserMessage("CMS_BASE_CRYPTOMANAGER_UNINITIALIZED"));
}
if (mNicknameMapCertsTable == null) {
- CMS.debug("JssSubsystem::getCACerts() - "
- + "mNicknameMapCertsTable is null!");
- throw new EBaseException("mNicknameMapCertsTable is null");
+ CMS.debug("JssSubsystem::getCACerts() - " + "mNicknameMapCertsTable is null!");
+ throw new EBaseException("JssSubsystem::getCACerts() - mNicknameMapCertsTable is null");
} else {
mNicknameMapCertsTable.clear();
}
@@ -1570,18 +1565,15 @@ public final class JssSubsystem implements ICryptoSubsystem {
public void deleteCert(String nickname, String notAfterTime) throws EBaseException {
boolean isUserCert = false;
X509Certificate[] certs = null;
- ;
try {
if (mNicknameMapCertsTable != null) {
- certs =
- mNicknameMapCertsTable.get(nickname);
+ certs = mNicknameMapCertsTable.get(nickname);
}
if (certs == null) {
if (mNicknameMapUserCertsTable != null) {
- certs =
- mNicknameMapUserCertsTable.get(nickname);
+ certs = mNicknameMapUserCertsTable.get(nickname);
if (certs != null) {
CMS.debug("in mNicknameMapUserCertsTable, isUserCert is true");
isUserCert = true;
@@ -1712,8 +1704,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
public String getSubjectDN(String nickname) throws EBaseException {
try {
- X509Certificate cert =
- CryptoManager.getInstance().findCertByNickname(nickname);
+ X509Certificate cert = CryptoManager.getInstance().findCertByNickname(nickname);
X509CertImpl impl = new X509CertImpl(cert.getEncoded());
return impl.getSubjectDN().getName();
@@ -1758,8 +1749,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
nickname = nickname.substring(index + 1);
}
try {
- X509Certificate[] certs =
- CryptoManager.getInstance().findCertsByNickname(nickname);
+ X509Certificate[] certs = CryptoManager.getInstance().findCertsByNickname(nickname);
X509CertImpl impl = null;
int i = 0;
@@ -1771,10 +1761,8 @@ public final class JssSubsystem implements ICryptoSubsystem {
return certs[i];
}
} else {
- EBaseException e =
- new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND"));
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString()));
+ EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND"));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString()));
throw e;
}
} catch (NotInitializedException e) {
@@ -1799,8 +1787,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
nickname = nickname.substring(index + 1);
}
try {
- X509Certificate[] certs =
- CryptoManager.getInstance().findCertsByNickname(nickname);
+ X509Certificate[] certs = CryptoManager.getInstance().findCertsByNickname(nickname);
X509CertImpl impl = null;
int i = 0;
@@ -1812,10 +1799,8 @@ public final class JssSubsystem implements ICryptoSubsystem {
break;
}
} else {
- EBaseException e =
- new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND"));
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString()));
+ EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND"));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString()));
throw e;
}
@@ -1848,8 +1833,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
nickname = nickname.substring(index + 1);
}
try {
- X509Certificate[] certs =
- CryptoManager.getInstance().findCertsByNickname(nickname);
+ X509Certificate[] certs = CryptoManager.getInstance().findCertsByNickname(nickname);
X509CertImpl impl = null;
if (certs != null && certs.length > 0) {
@@ -1860,10 +1844,8 @@ public final class JssSubsystem implements ICryptoSubsystem {
break;
}
} else {
- EBaseException e =
- new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND"));
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString()));
+ EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND"));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString()));
throw e;
}
CertPrettyPrint print = null;
@@ -1895,8 +1877,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
nickname = nickname.substring(index + 1);
}
try {
- X509Certificate[] certs =
- CryptoManager.getInstance().findCertsByNickname(nickname);
+ X509Certificate[] certs = CryptoManager.getInstance().findCertsByNickname(nickname);
X509CertImpl impl = null;
if (certs != null && certs.length > 0) {
@@ -1907,10 +1888,8 @@ public final class JssSubsystem implements ICryptoSubsystem {
break;
}
} else {
- EBaseException e =
- new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND"));
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString()));
+ EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND"));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString()));
throw e;
}
CertPrettyPrint print = null;
@@ -1945,8 +1924,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
public String getCertPrettyPrint(String nickname, String date,
Locale locale) throws EBaseException {
try {
- X509Certificate[] certs =
- CryptoManager.getInstance().findCertsByNickname(nickname);
+ X509Certificate[] certs = CryptoManager.getInstance().findCertsByNickname(nickname);
if ((certs == null || certs.length == 0) &&
mNicknameMapCertsTable != null) {
@@ -2072,8 +2050,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
try {
certInfo = cert.getCertInfo();
- SignatureAlgorithm sigAlg =
- (SignatureAlgorithm) data.get(Constants.PR_SIGNATURE_ALGORITHM);
+ SignatureAlgorithm sigAlg = (SignatureAlgorithm) data.get(Constants.PR_SIGNATURE_ALGORITHM);
signedCert = KeyCertUtil.signCert(priKey, certInfo, sigAlg);
} catch (NoSuchTokenException e) {
@@ -2100,15 +2077,14 @@ public final class JssSubsystem implements ICryptoSubsystem {
if (certinfo == null)
return false;
else {
- CertificateExtensions exts =
- (CertificateExtensions) certinfo.get(X509CertInfo.EXTENSIONS);
+ CertificateExtensions exts = (CertificateExtensions) certinfo.get(X509CertInfo.EXTENSIONS);
if (exts == null)
return false;
else {
try {
- BasicConstraintsExtension ext = (BasicConstraintsExtension)
- exts.get(BasicConstraintsExtension.NAME);
+ BasicConstraintsExtension ext = (BasicConstraintsExtension) exts
+ .get(BasicConstraintsExtension.NAME);
if (ext == null)
return false;
generated by cgit (git 2.34.1) at 2024-05-10 17:05:32 +0000