You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2020/10/19 06:48:11 UTC
[santuario-xml-security-java] 02/02: Catching a few
NumberFormatExceptions
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/santuario-xml-security-java.git
commit 2ea6154b6bcb84af0d0074a05bd177e09124aaae
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Mon Oct 19 07:47:52 2020 +0100
Catching a few NumberFormatExceptions
---
.../xml/dsig/internal/dom/DOMHMACSignatureMethod.java | 6 +++++-
.../dsig/internal/dom/DOMRSAPSSSignatureMethod.java | 17 ++++++++++++++---
.../algorithms/implementations/SignatureBaseRSA.java | 18 ++++++++++++++++--
.../org/apache/xml/security/utils/RFC2253Parser.java | 8 ++++++--
4 files changed, 41 insertions(+), 8 deletions(-)
diff --git a/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMHMACSignatureMethod.java b/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMHMACSignatureMethod.java
index 33ee578..601e35b 100644
--- a/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMHMACSignatureMethod.java
+++ b/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMHMACSignatureMethod.java
@@ -121,7 +121,11 @@ public abstract class DOMHMACSignatureMethod extends AbstractDOMSignatureMethod
SignatureMethodParameterSpec unmarshalParams(Element paramsElem)
throws MarshalException
{
- outputLength = Integer.parseInt(paramsElem.getFirstChild().getNodeValue());
+ try {
+ outputLength = Integer.parseInt(paramsElem.getFirstChild().getNodeValue());
+ } catch (NumberFormatException ex) {
+ throw new MarshalException("Invalid output length supplied: " + paramsElem.getFirstChild().getNodeValue());
+ }
outputLengthSet = true;
LOG.debug("unmarshalled outputLength: {}", outputLength);
return new HMACParameterSpec(outputLength);
diff --git a/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRSAPSSSignatureMethod.java b/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRSAPSSSignatureMethod.java
index ba98427..6d464a1 100644
--- a/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRSAPSSSignatureMethod.java
+++ b/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMRSAPSSSignatureMethod.java
@@ -172,7 +172,14 @@ public abstract class DOMRSAPSSSignatureMethod extends AbstractDOMSignatureMetho
if (paramsElem != null) {
Element saltLengthNode = XMLUtils.selectNode(paramsElem.getFirstChild(), Constants.XML_DSIG_NS_MORE_07_05, Constants._TAG_SALTLENGTH, 0);
Element trailerFieldNode = XMLUtils.selectNode(paramsElem.getFirstChild(), Constants.XML_DSIG_NS_MORE_07_05, Constants._TAG_TRAILERFIELD, 0);
- int trailerField = trailerFieldNode == null ? 1: Integer.parseInt(trailerFieldNode.getTextContent());
+ int trailerField = 1;
+ if (trailerFieldNode != null) {
+ try {
+ trailerField = Integer.parseInt(trailerFieldNode.getTextContent());
+ } catch (NumberFormatException ex) {
+ throw new MarshalException("Invalid trailer field supplied: " + trailerFieldNode.getTextContent());
+ }
+ }
String xmlAlgorithm = XMLUtils.selectDsNode(paramsElem.getFirstChild(), Constants._TAG_DIGESTMETHOD, 0).getAttribute(Constants._ATT_ALGORITHM);
DigestAlgorithm digestAlgorithm;
try {
@@ -181,11 +188,15 @@ public abstract class DOMRSAPSSSignatureMethod extends AbstractDOMSignatureMetho
throw new MarshalException("Invalid digest algorithm supplied: " + xmlAlgorithm);
}
String digestName = digestAlgorithm.getDigestAlgorithm();
- int saltLength = saltLengthNode == null ? digestAlgorithm.getSaltLength() : Integer.parseInt(saltLengthNode.getTextContent());
RSAPSSParameterSpec params = new RSAPSSParameterSpec();
params.setTrailerField(trailerField);
- params.setSaltLength(saltLength);
+ try {
+ int saltLength = saltLengthNode == null ? digestAlgorithm.getSaltLength() : Integer.parseInt(saltLengthNode.getTextContent());
+ params.setSaltLength(saltLength);
+ } catch (NumberFormatException ex) {
+ throw new MarshalException("Invalid salt length supplied: " + saltLengthNode.getTextContent());
+ }
params.setDigestName(digestName);
return params;
}
diff --git a/src/main/java/org/apache/xml/security/algorithms/implementations/SignatureBaseRSA.java b/src/main/java/org/apache/xml/security/algorithms/implementations/SignatureBaseRSA.java
index 72d6e3c..964d9c5 100644
--- a/src/main/java/org/apache/xml/security/algorithms/implementations/SignatureBaseRSA.java
+++ b/src/main/java/org/apache/xml/security/algorithms/implementations/SignatureBaseRSA.java
@@ -686,11 +686,25 @@ public abstract class SignatureBaseRSA extends SignatureAlgorithmSpi {
Element saltLengthNode = XMLUtils.selectNode(rsaPssParams.getFirstChild(), Constants.XML_DSIG_NS_MORE_07_05, Constants._TAG_SALTLENGTH, 0);
Element trailerFieldNode = XMLUtils.selectNode(rsaPssParams.getFirstChild(), Constants.XML_DSIG_NS_MORE_07_05, Constants._TAG_TRAILERFIELD, 0);
- int trailerField = trailerFieldNode == null ? 1: Integer.parseInt(trailerFieldNode.getTextContent());
+ int trailerField = 1;
+ if (trailerFieldNode != null) {
+ try {
+ trailerField = Integer.parseInt(trailerFieldNode.getTextContent());
+ } catch (NumberFormatException ex) {
+ throw new XMLSignatureException("empty", new Object[] {"Invalid trailer field value supplied"});
+ }
+ }
String xmlAlgorithm = XMLUtils.selectDsNode(rsaPssParams.getFirstChild(), Constants._TAG_DIGESTMETHOD, 0).getAttribute(Constants._ATT_ALGORITHM);
DigestAlgorithm digestAlgorithm = DigestAlgorithm.fromXmlDigestAlgorithm(xmlAlgorithm);
String digestAlgorithmName = digestAlgorithm.getDigestAlgorithm();
- int saltLength = saltLengthNode == null ? digestAlgorithm.getSaltLength() : Integer.parseInt(saltLengthNode.getTextContent());
+ int saltLength = digestAlgorithm.getSaltLength();
+ if (saltLengthNode != null) {
+ try {
+ saltLength = Integer.parseInt(saltLengthNode.getTextContent());
+ } catch (NumberFormatException ex) {
+ throw new XMLSignatureException("empty", new Object[] {"Invalid salt length value supplied"});
+ }
+ }
engineSetParameter(new PSSParameterSpec(digestAlgorithmName, "MGF1", new MGF1ParameterSpec(digestAlgorithmName), saltLength, trailerField));
}
}
diff --git a/src/main/java/org/apache/xml/security/utils/RFC2253Parser.java b/src/main/java/org/apache/xml/security/utils/RFC2253Parser.java
index 83e9692..918183e 100644
--- a/src/main/java/org/apache/xml/security/utils/RFC2253Parser.java
+++ b/src/main/java/org/apache/xml/security/utils/RFC2253Parser.java
@@ -277,9 +277,13 @@ public class RFC2253Parser {
&& (c2 >= 48 && c2 <= 57
|| c2 >= 65 && c2 <= 70
|| c2 >= 97 && c2 <= 102)) {
- char ch = (char) Byte.parseByte("" + c1 + c2, 16);
+ try {
+ char ch = (char) Byte.parseByte("" + c1 + c2, 16);
- sb.append(ch);
+ sb.append(ch);
+ } catch (NumberFormatException ex) {
+ throw new IOException(ex);
+ }
} else {
sb.append(c1);
sb.append(c2);