You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by "Pellerin, Clement" <Cl...@ibi.com> on 2010/06/14 22:12:15 UTC

[BUG} KeyStoreResolver iterator can return null

When iterating the certificates in a KeyStoreResolver, the iterator might return null even though hasNext() says there are more elements. This happens because hasNext() only checks if there are more aliases. If the next alias contains a symmetric key, there is no certificate in the KeyStore entry and next() returns null. When you look at the KeyResolvers, they are not prepared to handle a null value, this will cause a NullPointerException.

Which side is wrong here? Should the iterator loop over remaining aliases to find the next one with a certificate, or should the callers be modified to ignore null elements?