From eb4b46f25ca8dec8ac79c26cfb02e8918000c88e Mon Sep 17 00:00:00 2001 From: Abhishek Koneru Date: Thu, 21 Jun 2012 09:44:15 -0400 Subject: Fixes for Forward Null Cases in Coverity for DogTag10 Addressed review coments. --- base/ca/src/com/netscape/ca/CMSCRLExtensions.java | 2 +- .../src/com/netscape/cmscore/apps/CMSEngine.java | 49 +++++----- .../com/netscape/cmscore/cert/CertificatePair.java | 7 ++ .../com/netscape/cmscore/dbs/BigIntegerMapper.java | 3 + .../src/com/netscape/cmscore/dbs/Repository.java | 3 +- .../netscape/cmscore/security/JssSubsystem.java | 106 ++++++++------------- .../src/com/netscape/cmstools/CMCRequest.java | 3 + .../src/com/netscape/cmstools/DRMTool.java | 10 +- .../com/netscape/pkisilent/common/ComCrypto.java | 6 +- .../com/netscape/pkisilent/common/Con2Agent.java | 10 +- .../com/netscape/pkisilent/http/HTTPClient.java | 1 + .../security/extensions/GenericASN1Extension.java | 41 ++++---- .../src/netscape/security/x509/X509CRLImpl.java | 2 +- 13 files changed, 121 insertions(+), 122 deletions(-) (limited to 'base') diff --git a/base/ca/src/com/netscape/ca/CMSCRLExtensions.java b/base/ca/src/com/netscape/ca/CMSCRLExtensions.java index 11f810af2..0c3fb7906 100644 --- a/base/ca/src/com/netscape/ca/CMSCRLExtensions.java +++ b/base/ca/src/com/netscape/ca/CMSCRLExtensions.java @@ -658,8 +658,8 @@ public class CMSCRLExtensions implements ICMSCRLExtensions { //If the CRLCACertsOnly prop is true change it to false to sync. if (value.equals(Constants.FALSE) && (issuingDistPointExtEnabled == true)) { - crlIssuingPointPairs.put(Constants.PR_CA_CERTS_ONLY, Constants.FALSE); if (ip != null) { + crlIssuingPointPairs.put(Constants.PR_CA_CERTS_ONLY, Constants.FALSE); ip.updateConfig(crlIssuingPointPairs); newValue = Constants.FALSE; modifiedCRLConfig = true; diff --git a/base/common/src/com/netscape/cmscore/apps/CMSEngine.java b/base/common/src/com/netscape/cmscore/apps/CMSEngine.java index 855073916..cbdfee8fc 100644 --- a/base/common/src/com/netscape/cmscore/apps/CMSEngine.java +++ b/base/common/src/com/netscape/cmscore/apps/CMSEngine.java @@ -308,13 +308,12 @@ public class CMSEngine implements ICMSEngine { CMS.debug("CMSEngine: getPasswordStore(): password store not initialized before."); String pwdClass = mConfig.getString("passwordClass"); - if (pwdClass != null) { - try { - mPasswordStore = (IPasswordStore) Class.forName(pwdClass).newInstance(); - } catch (Exception e) { - CMS.debug("CMSEngine: getPasswordStore(): password store initialization failure:" - + e.toString()); - } + try { + mPasswordStore = (IPasswordStore) Class.forName(pwdClass).newInstance(); + } catch (Exception e) { + CMS.debug("CMSEngine: getPasswordStore(): password store initialization failure:" + + e.toString()); + throw e; } } else { CMS.debug("CMSEngine: getPasswordStore(): password store initialized before."); @@ -1877,32 +1876,32 @@ public class CMSEngine implements ICMSEngine { checkRevReq.setExtData(IRequest.ISSUED_CERTS, agentCerts); queue.processRequest(checkRevReq); - } catch (EBaseException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AGENT_PROCESS_CHECKING")); - } - RequestStatus status = checkRevReq.getRequestStatus(); + RequestStatus status = checkRevReq.getRequestStatus(); - if (status == RequestStatus.COMPLETE) { - Enumeration enum1 = checkRevReq.getExtDataKeys(); + if (status == RequestStatus.COMPLETE) { + Enumeration enum1 = checkRevReq.getExtDataKeys(); - while (enum1.hasMoreElements()) { - String name = enum1.nextElement(); + while (enum1.hasMoreElements()) { + String name = enum1.nextElement(); - if (name.equals(IRequest.REVOKED_CERTS)) { - revoked = true; + if (name.equals(IRequest.REVOKED_CERTS)) { + revoked = true; + if (mVCList != null) + mVCList.update(cert, VerifiedCert.REVOKED); + } + } + if (revoked == false) { if (mVCList != null) - mVCList.update(cert, VerifiedCert.REVOKED); + mVCList.update(cert, VerifiedCert.NOT_REVOKED); } - } - if (revoked == false) { + + } else { if (mVCList != null) - mVCList.update(cert, VerifiedCert.NOT_REVOKED); + mVCList.update(cert, VerifiedCert.CHECKED); } - - } else { - if (mVCList != null) - mVCList.update(cert, VerifiedCert.CHECKED); + } catch (EBaseException e) { + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AGENT_PROCESS_CHECKING")); } } } diff --git a/base/common/src/com/netscape/cmscore/cert/CertificatePair.java b/base/common/src/com/netscape/cmscore/cert/CertificatePair.java index 306b9d3bd..779e0dafc 100644 --- a/base/common/src/com/netscape/cmscore/cert/CertificatePair.java +++ b/base/common/src/com/netscape/cmscore/cert/CertificatePair.java @@ -207,6 +207,13 @@ public class CertificatePair implements ASN1Value { */ public boolean byteArraysAreEqual(byte[] a, byte[] b) { debug("in byteArraysAreEqual()"); + + if (a == null && b == null) { + return true; + } + if (a == null || b == null) { + return false; + } if (a.length != b.length) { debug("exiting byteArraysAreEqual(): false"); return false; diff --git a/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java b/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java index 9af436295..d59f081db 100644 --- a/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java +++ b/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java @@ -101,6 +101,9 @@ public class BigIntegerMapper implements IDBAttrMapper { } public static String BigIntegerToDB(BigInteger i) { + if (i == null) { + return null; + } int len = i.toString().length(); String ret = null; diff --git a/base/common/src/com/netscape/cmscore/dbs/Repository.java b/base/common/src/com/netscape/cmscore/dbs/Repository.java index 4a438c07c..57ac5004d 100644 --- a/base/common/src/com/netscape/cmscore/dbs/Repository.java +++ b/base/common/src/com/netscape/cmscore/dbs/Repository.java @@ -393,14 +393,13 @@ public abstract class Repository implements IRepository { CMS.debug("Reached the end of the range. Attempting to move to next range"); mMinSerialNo = mNextMinSerialNo; mMaxSerialNo = mNextMaxSerialNo; - mLastSerialNo = mMinSerialNo; mNextMinSerialNo = null; mNextMaxSerialNo = null; if ((mMaxSerialNo == null) || (mMinSerialNo == null)) { throw new EDBException(CMS.getUserMessage("CMS_DBS_LIMIT_REACHED", mLastSerialNo.toString())); } - + mLastSerialNo = mMinSerialNo; // persist the changes mDB.setMinSerialConfig(mRepo, mMinSerialNo.toString()); mDB.setMaxSerialConfig(mRepo, mMaxSerialNo.toString()); diff --git a/base/common/src/com/netscape/cmscore/security/JssSubsystem.java b/base/common/src/com/netscape/cmscore/security/JssSubsystem.java index 12bf8d95a..e3b744220 100644 --- a/base/common/src/com/netscape/cmscore/security/JssSubsystem.java +++ b/base/common/src/com/netscape/cmscore/security/JssSubsystem.java @@ -301,9 +301,7 @@ public final class JssSubsystem implements ICryptoSubsystem { certDir = config.getString(CONFIG_DIR, null); - CryptoManager.InitializationValues vals = - new CryptoManager.InitializationValues(certDir, - "", "", "secmod.db"); + CryptoManager.InitializationValues vals = new CryptoManager.InitializationValues(certDir, "", "", "secmod.db"); vals.removeSunProvider = false; vals.installJSSProvider = true; @@ -313,8 +311,7 @@ public final class JssSubsystem implements ICryptoSubsystem { // do nothing } catch (Exception e) { String[] params = { mId, e.toString() }; - EBaseException ex = new EBaseException( - CMS.getUserMessage("CMS_BASE_CREATE_SERVICE_FAILED", params)); + EBaseException ex = new EBaseException(CMS.getUserMessage("CMS_BASE_CREATE_SERVICE_FAILED", params)); log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_GENERAL_ERROR", ex.toString())); throw ex; @@ -325,8 +322,7 @@ public final class JssSubsystem implements ICryptoSubsystem { initSSL(); } catch (CryptoManager.NotInitializedException e) { String[] params = { mId, e.toString() }; - EBaseException ex = new EBaseException( - CMS.getUserMessage("CMS_BASE_CREATE_SERVICE_FAILED", params)); + EBaseException ex = new EBaseException(CMS.getUserMessage("CMS_BASE_CREATE_SERVICE_FAILED", params)); log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_GENERAL_ERROR", ex.toString())); throw ex; @@ -751,8 +747,7 @@ public final class JssSubsystem implements ICryptoSubsystem { public String getSignatureAlgorithm(String nickname) throws EBaseException { try { - X509Certificate cert = - CryptoManager.getInstance().findCertByNickname(nickname); + X509Certificate cert = CryptoManager.getInstance().findCertByNickname(nickname); X509CertImpl impl = new X509CertImpl(cert.getEncoded()); return impl.getSigAlgName(); @@ -773,10 +768,8 @@ public final class JssSubsystem implements ICryptoSubsystem { public KeyPair getKeyPair(String nickname) throws EBaseException { try { - X509Certificate cert = - CryptoManager.getInstance().findCertByNickname(nickname); - PrivateKey priKey = - CryptoManager.getInstance().findPrivKeyByCert(cert); + X509Certificate cert = CryptoManager.getInstance().findCertByNickname(nickname); + PrivateKey priKey = CryptoManager.getInstance().findPrivKeyByCert(cert); PublicKey publicKey = cert.getPublicKey(); return new KeyPair(publicKey, priKey); @@ -822,7 +815,6 @@ public final class JssSubsystem implements ICryptoSubsystem { try { KeyPair kp = KeyCertUtil.generateKeyPair(token, kpAlg, keySize, pqg); - return kp; } catch (InvalidParameterException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_KEY_PAIR", e.toString())); @@ -856,11 +848,9 @@ public final class JssSubsystem implements ICryptoSubsystem { public String getCertRequest(String subjectName, KeyPair kp) throws EBaseException { try { - netscape.security.pkcs.PKCS10 pkcs = - KeyCertUtil.getCertRequest(subjectName, kp); + netscape.security.pkcs.PKCS10 pkcs = KeyCertUtil.getCertRequest(subjectName, kp); ByteArrayOutputStream bs = new ByteArrayOutputStream(); PrintStream ps = new PrintStream(bs); - pkcs.print(ps); return bs.toString(); } catch (NoSuchAlgorithmException e) { @@ -1151,8 +1141,12 @@ public final class JssSubsystem implements ICryptoSubsystem { try { @SuppressWarnings("unchecked") Enumeration enums = mCryptoManager.getAllTokens(); - if (mNicknameMapCertsTable != null) + if (mNicknameMapCertsTable != null) { mNicknameMapCertsTable.clear(); + } else { + CMS.debug("JssSubsystem::getRootCerts() - mNicknameMapCertsTable is null"); + throw new EBaseException("JssSubsystem::getRootCerts() - mNicknameMapCertsTable is null"); + } // a temp hashtable with vectors Hashtable> vecTable = new Hashtable>(); @@ -1167,8 +1161,7 @@ public final class JssSubsystem implements ICryptoSubsystem { for (int i = 0; i < list.length; i++) { try { @SuppressWarnings("unused") - PrivateKey key = - CryptoManager.getInstance().findPrivKeyByCert(list[i]); // check for errors + PrivateKey key = CryptoManager.getInstance().findPrivKeyByCert(list[i]); // check for errors Debug.trace("JssSubsystem getRootCerts: find private key " + list[i].getNickname()); } catch (ObjectNotFoundException e) { @@ -1291,8 +1284,12 @@ public final class JssSubsystem implements ICryptoSubsystem { NameValuePairs pairs = getCACerts(); - if (mNicknameMapUserCertsTable != null) + if (mNicknameMapUserCertsTable != null) { mNicknameMapUserCertsTable.clear(); + } else { + CMS.debug("JssSubsystem:: getAllCertsManage() : mNicknameMapCertsTable is null"); + throw new EBaseException("JssSubsystem:: getAllCertsManage() : mNicknameMapCertsTable is null"); + } try { @SuppressWarnings("unchecked") @@ -1358,17 +1355,15 @@ public final class JssSubsystem implements ICryptoSubsystem { X509Certificate[] certs; try { - certs = - CryptoManager.getInstance().getCACerts(); + certs = CryptoManager.getInstance().getCACerts(); } catch (NotInitializedException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_GET_CA_CERT", e.toString())); throw new EBaseException(CMS.getUserMessage("CMS_BASE_CRYPTOMANAGER_UNINITIALIZED")); } if (mNicknameMapCertsTable == null) { - CMS.debug("JssSubsystem::getCACerts() - " - + "mNicknameMapCertsTable is null!"); - throw new EBaseException("mNicknameMapCertsTable is null"); + CMS.debug("JssSubsystem::getCACerts() - " + "mNicknameMapCertsTable is null!"); + throw new EBaseException("JssSubsystem::getCACerts() - mNicknameMapCertsTable is null"); } else { mNicknameMapCertsTable.clear(); } @@ -1570,18 +1565,15 @@ public final class JssSubsystem implements ICryptoSubsystem { public void deleteCert(String nickname, String notAfterTime) throws EBaseException { boolean isUserCert = false; X509Certificate[] certs = null; - ; try { if (mNicknameMapCertsTable != null) { - certs = - mNicknameMapCertsTable.get(nickname); + certs = mNicknameMapCertsTable.get(nickname); } if (certs == null) { if (mNicknameMapUserCertsTable != null) { - certs = - mNicknameMapUserCertsTable.get(nickname); + certs = mNicknameMapUserCertsTable.get(nickname); if (certs != null) { CMS.debug("in mNicknameMapUserCertsTable, isUserCert is true"); isUserCert = true; @@ -1712,8 +1704,7 @@ public final class JssSubsystem implements ICryptoSubsystem { public String getSubjectDN(String nickname) throws EBaseException { try { - X509Certificate cert = - CryptoManager.getInstance().findCertByNickname(nickname); + X509Certificate cert = CryptoManager.getInstance().findCertByNickname(nickname); X509CertImpl impl = new X509CertImpl(cert.getEncoded()); return impl.getSubjectDN().getName(); @@ -1758,8 +1749,7 @@ public final class JssSubsystem implements ICryptoSubsystem { nickname = nickname.substring(index + 1); } try { - X509Certificate[] certs = - CryptoManager.getInstance().findCertsByNickname(nickname); + X509Certificate[] certs = CryptoManager.getInstance().findCertsByNickname(nickname); X509CertImpl impl = null; int i = 0; @@ -1771,10 +1761,8 @@ public final class JssSubsystem implements ICryptoSubsystem { return certs[i]; } } else { - EBaseException e = - new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND")); - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString())); + EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString())); throw e; } } catch (NotInitializedException e) { @@ -1799,8 +1787,7 @@ public final class JssSubsystem implements ICryptoSubsystem { nickname = nickname.substring(index + 1); } try { - X509Certificate[] certs = - CryptoManager.getInstance().findCertsByNickname(nickname); + X509Certificate[] certs = CryptoManager.getInstance().findCertsByNickname(nickname); X509CertImpl impl = null; int i = 0; @@ -1812,10 +1799,8 @@ public final class JssSubsystem implements ICryptoSubsystem { break; } } else { - EBaseException e = - new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND")); - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString())); + EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString())); throw e; } @@ -1848,8 +1833,7 @@ public final class JssSubsystem implements ICryptoSubsystem { nickname = nickname.substring(index + 1); } try { - X509Certificate[] certs = - CryptoManager.getInstance().findCertsByNickname(nickname); + X509Certificate[] certs = CryptoManager.getInstance().findCertsByNickname(nickname); X509CertImpl impl = null; if (certs != null && certs.length > 0) { @@ -1860,10 +1844,8 @@ public final class JssSubsystem implements ICryptoSubsystem { break; } } else { - EBaseException e = - new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND")); - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString())); + EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString())); throw e; } CertPrettyPrint print = null; @@ -1895,8 +1877,7 @@ public final class JssSubsystem implements ICryptoSubsystem { nickname = nickname.substring(index + 1); } try { - X509Certificate[] certs = - CryptoManager.getInstance().findCertsByNickname(nickname); + X509Certificate[] certs = CryptoManager.getInstance().findCertsByNickname(nickname); X509CertImpl impl = null; if (certs != null && certs.length > 0) { @@ -1907,10 +1888,8 @@ public final class JssSubsystem implements ICryptoSubsystem { break; } } else { - EBaseException e = - new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND")); - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString())); + EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_PRINT_CERT", e.toString())); throw e; } CertPrettyPrint print = null; @@ -1945,8 +1924,7 @@ public final class JssSubsystem implements ICryptoSubsystem { public String getCertPrettyPrint(String nickname, String date, Locale locale) throws EBaseException { try { - X509Certificate[] certs = - CryptoManager.getInstance().findCertsByNickname(nickname); + X509Certificate[] certs = CryptoManager.getInstance().findCertsByNickname(nickname); if ((certs == null || certs.length == 0) && mNicknameMapCertsTable != null) { @@ -2072,8 +2050,7 @@ public final class JssSubsystem implements ICryptoSubsystem { try { certInfo = cert.getCertInfo(); - SignatureAlgorithm sigAlg = - (SignatureAlgorithm) data.get(Constants.PR_SIGNATURE_ALGORITHM); + SignatureAlgorithm sigAlg = (SignatureAlgorithm) data.get(Constants.PR_SIGNATURE_ALGORITHM); signedCert = KeyCertUtil.signCert(priKey, certInfo, sigAlg); } catch (NoSuchTokenException e) { @@ -2100,15 +2077,14 @@ public final class JssSubsystem implements ICryptoSubsystem { if (certinfo == null) return false; else { - CertificateExtensions exts = - (CertificateExtensions) certinfo.get(X509CertInfo.EXTENSIONS); + CertificateExtensions exts = (CertificateExtensions) certinfo.get(X509CertInfo.EXTENSIONS); if (exts == null) return false; else { try { - BasicConstraintsExtension ext = (BasicConstraintsExtension) - exts.get(BasicConstraintsExtension.NAME); + BasicConstraintsExtension ext = (BasicConstraintsExtension) exts + .get(BasicConstraintsExtension.NAME); if (ext == null) return false; diff --git a/base/java-tools/src/com/netscape/cmstools/CMCRequest.java b/base/java-tools/src/com/netscape/cmstools/CMCRequest.java index f1bc93f68..159759517 100644 --- a/base/java-tools/src/com/netscape/cmstools/CMCRequest.java +++ b/base/java-tools/src/com/netscape/cmstools/CMCRequest.java @@ -519,6 +519,9 @@ public class CMCRequest { hmacDigest.update(b); finalDigest = hmacDigest.digest(); } catch (NoSuchAlgorithmException ex) { + System.out.println("CMCRequest::addIdentityProofAttr() - " + + "No such algorithm!"); + return -1; } TaggedAttribute identityProof = new TaggedAttribute(new diff --git a/base/java-tools/src/com/netscape/cmstools/DRMTool.java b/base/java-tools/src/com/netscape/cmstools/DRMTool.java index 9fbab5da6..4403dc8ec 100644 --- a/base/java-tools/src/com/netscape/cmstools/DRMTool.java +++ b/base/java-tools/src/com/netscape/cmstools/DRMTool.java @@ -4223,9 +4223,13 @@ public class DRMTool { // if one is not already present, // compose and write out the missing // 'extdata_requestnotes' line - create_extdata_request_notes(record_type, - previous_line, - writer); + if (previous_line != null) { + create_extdata_request_notes(record_type, + previous_line, + writer); + } else { + return FAILURE; + } // ALWAYS pass through the original // 'extdata-requesttype' line UNCHANGED diff --git a/base/silent/src/com/netscape/pkisilent/common/ComCrypto.java b/base/silent/src/com/netscape/pkisilent/common/ComCrypto.java index 9b5cf7b52..48b364349 100644 --- a/base/silent/src/com/netscape/pkisilent/common/ComCrypto.java +++ b/base/silent/src/com/netscape/pkisilent/common/ComCrypto.java @@ -241,7 +241,8 @@ public class ComCrypto { } if (manager == null) { - System.out.println("Manager object is null"); + System.out.println("ComCrypto: importCert :Manager object is null"); + throw new Exception("ComCrypto: importCert :Manager Object is null"); } manager.importCertPackage(tmp.getBytes(), cn); @@ -270,7 +271,8 @@ public class ComCrypto { } if (manager == null) { - System.out.println("Manager object is null"); + System.out.println("ComCrypto: importCACert :Manager object is null"); + throw new Exception("ComCrypto: importCACert :Manager object is null"); } manager.importCACertPackage(tmp.getBytes()); diff --git a/base/silent/src/com/netscape/pkisilent/common/Con2Agent.java b/base/silent/src/com/netscape/pkisilent/common/Con2Agent.java index 16fc7c77a..3038a1679 100644 --- a/base/silent/src/com/netscape/pkisilent/common/Con2Agent.java +++ b/base/silent/src/com/netscape/pkisilent/common/Con2Agent.java @@ -238,10 +238,12 @@ public class Con2Agent implements SSLClientCertificateSelectionCallback, e.printStackTrace(); } } - if (socket.isClosed()) { - System.out.println("Con2Agent.java : Socket is Closed"); - } else { - System.out.println("Con2Agent.java : Socket not Closed"); + if (socket != null) { + if (socket.isClosed()) { + System.out.println("Con2Agent.java : Socket is Closed"); + } else { + System.out.println("Con2Agent.java : Socket not Closed"); + } } } return true; diff --git a/base/silent/src/com/netscape/pkisilent/http/HTTPClient.java b/base/silent/src/com/netscape/pkisilent/http/HTTPClient.java index 71e5e8810..c98fe2193 100644 --- a/base/silent/src/com/netscape/pkisilent/http/HTTPClient.java +++ b/base/silent/src/com/netscape/pkisilent/http/HTTPClient.java @@ -658,6 +658,7 @@ public class HTTPClient implements SSLCertificateApprovalCallback { // This should never happen -- an empty response System.out.println("Unable to parse response header -- empty " + "header"); + throw new Exception("Unable to create response. Empty header."); } // If the status code was 100 (continue), then it was an intermediate header diff --git a/base/util/src/netscape/security/extensions/GenericASN1Extension.java b/base/util/src/netscape/security/extensions/GenericASN1Extension.java index b51846498..43b2e0b2b 100644 --- a/base/util/src/netscape/security/extensions/GenericASN1Extension.java +++ b/base/util/src/netscape/security/extensions/GenericASN1Extension.java @@ -418,8 +418,9 @@ public class GenericASN1Extension extends Extension throw new IOException("File name is not provided."); } - FileInputStream fis = new FileInputStream(fname); + FileInputStream fis = null; try { + fis = new FileInputStream(fname); int n = 0; while ((n = fis.available()) > 0) { buff = new byte[n]; @@ -428,28 +429,30 @@ public class GenericASN1Extension extends Extension break; s = new String(buff); } - - for (i = 0, j = 0; j < s.length(); j++) { - int ch = s.charAt(j); - if (ch == 10 || ch == 13 || ch == 9) - continue; - i++; - } - buff = new byte[i]; - for (i = 0, j = 0; j < s.length(); j++) { - int ch = s.charAt(j); - if (ch == 10 || ch == 13 || ch == 9) - continue; - buff[i++] = (byte) ch; - } - - s = new String(buff); - - return s; } finally { if (fis != null) { fis.close(); } } + if (s == null) { + return ""; + } + for (i = 0, j = 0; j < s.length(); j++) { + int ch = s.charAt(j); + if (ch == 10 || ch == 13 || ch == 9) + continue; + i++; + } + buff = new byte[i]; + for (i = 0, j = 0; j < s.length(); j++) { + int ch = s.charAt(j); + if (ch == 10 || ch == 13 || ch == 9) + continue; + buff[i++] = (byte) ch; + } + s = new String(buff); + + return s; } + } diff --git a/base/util/src/netscape/security/x509/X509CRLImpl.java b/base/util/src/netscape/security/x509/X509CRLImpl.java index 6c84084c5..46c3edfcf 100755 --- a/base/util/src/netscape/security/x509/X509CRLImpl.java +++ b/base/util/src/netscape/security/x509/X509CRLImpl.java @@ -404,7 +404,7 @@ public class X509CRLImpl extends X509CRL { Signature sigVerf = null; String sigAlg = sigAlgId.getName(); - if (sigProvider.equals("Mozilla-JSS")) { + if (sigProvider != null && sigProvider.equals("Mozilla-JSS")) { if (sigAlg.equals("MD5withRSA")) { sigAlg = "MD5/RSA"; } else if (sigAlg.equals("MD2withRSA")) { -- cgit