DO NOT REPLY [Bug 49447] New: KeyStoreResolver iterator returns null for symmetric keys
https://issues.apache.org/bugzilla/show_bug.cgi?id=49447 Summary: KeyStoreResolver iterator returns null for symmetric keys Product: Security Version: unspecified Platform: PC OS/Version: Windows NT Status: NEW Severity: normal Priority: P2 Component: Encryption AssignedTo: security-dev@xml.apache.org ReportedBy: clement_pelle...@ibi.com Created an attachment (id=25599) --> (https://issues.apache.org/bugzilla/attachment.cgi?id=25599) patch to solve problem including new junit test When iterating the certificates in a KeyStoreResolver, the iterator might return null even though hasNext() says there are more elements. This happens because hasNext() only checks if there are more aliases. If the next alias contains a symmetric key, there is no certificate in the KeyStore entry and next() returns null. When you look at the KeyResolvers, they are not prepared to handle a null value, this will cause a NullPointerException. To reproduce, use the junit KeyStoreResolverTest in the attachment. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug.
DO NOT REPLY [Bug 49447] KeyStoreResolver iterator returns null for symmetric keys
https://issues.apache.org/bugzilla/show_bug.cgi?id=49447 --- Comment #1 from coheigea 2010-06-16 13:31:29 EDT --- Thanks for the patch, I'll take a look. Colm. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug.
DO NOT REPLY [Bug 49450] New: KeyStoreResolver always exhausted after first use
https://issues.apache.org/bugzilla/show_bug.cgi?id=49450 Summary: KeyStoreResolver always exhausted after first use Product: Security Version: unspecified Platform: PC OS/Version: Windows NT Status: NEW Severity: normal Priority: P2 Component: Encryption AssignedTo: security-dev@xml.apache.org ReportedBy: clement_pelle...@ibi.com Depends on: 49447 The KeyStoreResolver creates an iterator once and always returns the same iterator afterwards. After the iterator is traversed once, it will always appear empty. Even if the implementation would be changed to reset the alias enumeration to the beginning, the single iterator instance approach will never be thread-safe. To reproduce, run the KeyStoreResolverTest in attachment. The solution is to return a new iterator instance each time. This patch is built on top of the patch found in Bug 49447. This patch also fixes a bug with the NoSuchElementException that was introduced in the patch attached to 49447. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug.
DO NOT REPLY [Bug 49447] KeyStoreResolver iterator returns null for symmetric keys
https://issues.apache.org/bugzilla/show_bug.cgi?id=49447 Clement Pellerin changed: What|Removed |Added Blocks||49450 -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug.
DO NOT REPLY [Bug 49450] KeyStoreResolver always exhausted after first use
https://issues.apache.org/bugzilla/show_bug.cgi?id=49450 --- Comment #1 from Clement Pellerin 2010-06-16 15:35:20 EDT --- Created an attachment (id=25600) --> (https://issues.apache.org/bugzilla/attachment.cgi?id=25600) proposed source code patch with junit -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug.
DO NOT REPLY [Bug 49447] KeyStoreResolver iterator returns null for symmetric keys
https://issues.apache.org/bugzilla/show_bug.cgi?id=49447 --- Comment #2 from Clement Pellerin 2010-06-16 15:37:45 EDT --- This patch has a bug in the implementation of next() because it never returns NoSuchElementException. See an improvement in the incremental patch attached to Bug 49450. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug.
