Skip to content

Commit

Permalink
8293093: NPE in P11KeyStore.getID
Browse files Browse the repository at this point in the history
Reviewed-by: ascarpino, xuelei
  • Loading branch information
Mark Powers authored and Anthony Scarpino committed Oct 26, 2022
1 parent 3135914 commit 8e5d680
Showing 1 changed file with 18 additions and 11 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -1444,7 +1444,7 @@ private void updatePkey(String alias,
throw new KeyStoreException
("expected but could not find private key " +
"with CKA_ID " +
getID(cka_id));
getIDNullSafe(cka_id));
}

// next find existing end entity cert
Expand All @@ -1454,7 +1454,7 @@ private void updatePkey(String alias,
throw new KeyStoreException
("expected but could not find certificate " +
"with CKA_ID " +
getID(cka_id));
getIDNullSafe(cka_id));
} else {
if (replaceCert) {
// replacing existing cert and chain
Expand Down Expand Up @@ -1964,8 +1964,8 @@ private boolean destroyCert(byte[] cka_id)
token.p11.C_DestroyObject(session.id(), h.handle);
if (debug != null) {
debug.println("destroyCert destroyed cert with CKA_ID [" +
getID(cka_id) +
"]");
getIDNullSafe(cka_id) +
"]");
}
return true;
} finally {
Expand Down Expand Up @@ -1999,7 +1999,7 @@ private boolean destroyChain(byte[] cka_id)
if (debug != null) {
debug.println("destroyChain destroyed end entity cert " +
"with CKA_ID [" +
getID(cka_id) +
getIDNullSafe(cka_id) +
"]");
}

Expand Down Expand Up @@ -2124,7 +2124,7 @@ private boolean destroyPkey(byte[] cka_id)
if (debug != null) {
debug.println
("destroyPkey did not find private key with CKA_ID [" +
getID(cka_id) +
getIDNullSafe(cka_id) +
"]");
}
return false;
Expand Down Expand Up @@ -2169,6 +2169,13 @@ private static String getID(byte[] bytes) {
}
}

/**
* Null safe version of getID.
*/
private static String getIDNullSafe(byte[] bytes) {
return (bytes != null) ? getID(bytes) : "null";
}

/**
* find an object on the token
*
Expand Down Expand Up @@ -2205,12 +2212,12 @@ private THandle getTokenObject(Session session,
} else if (type == ATTR_CLASS_CERT) {
debug.println
("getTokenObject did not find cert with CKA_ID [" +
getID(cka_id) +
getIDNullSafe(cka_id) +
"]");
} else {
debug.println("getTokenObject did not find private key " +
"with CKA_ID [" +
getID(cka_id) +
getIDNullSafe(cka_id) +
"]");
}
}
Expand Down Expand Up @@ -2253,13 +2260,13 @@ private THandle getTokenObject(Session session,
"found " +
h.length +
" certificates sharing CKA_ID " +
getID(cka_id));
getIDNullSafe(cka_id));
} else {
throw new KeyStoreException("invalid KeyStore state: " +
"found " +
h.length +
" private keys sharing CKA_ID " +
getID(cka_id));
getIDNullSafe(cka_id));
}
}
return new THandle(NO_HANDLE, null);
Expand Down Expand Up @@ -2515,7 +2522,7 @@ private ArrayList<AliasInfo> mapPrivateKeys(ArrayList<byte[]> pkeyIDs,
if (debug != null) {
debug.println
("did not find match for private key with CKA_ID [" +
getID(pkeyID) +
getIDNullSafe(pkeyID) +
"] (ignoring entry)");
}
}
Expand Down

1 comment on commit 8e5d680

@openjdk-notifier
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.