You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2011/11/17 16:28:32 UTC

svn commit: r1203221 - /webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java

Author: coheigea
Date: Thu Nov 17 15:28:32 2011
New Revision: 1203221

URL: http://svn.apache.org/viewvc?rev=1203221&view=rev
Log:
[WSS-324] - org.apache.ws.security.str.SignatureSTRParser throws ArrayIndexOutOfBoundsException: 0 when crypto returns zero-length array of certificates

Modified:
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java?rev=1203221&r1=1203220&r2=1203221&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java Thu Nov 17 15:28:32 2011
@@ -170,7 +170,7 @@ public class SignatureSTRParser implemen
                     }
                     SAMLKeyInfo keyInfo = assertion.getSubjectKeyInfo();
                     X509Certificate[] foundCerts = keyInfo.getCerts();
-                    if (foundCerts != null) {
+                    if (foundCerts != null && foundCerts.length > 0) {
                         certs = new X509Certificate[]{foundCerts[0]};
                     }
                     secretKey = keyInfo.getSecret();
@@ -189,7 +189,7 @@ public class SignatureSTRParser implemen
             }
         } else if (secRef.containsX509Data() || secRef.containsX509IssuerSerial()) {
             X509Certificate[] foundCerts = secRef.getX509IssuerSerial(crypto);
-            if (foundCerts != null) {
+            if (foundCerts != null && foundCerts.length > 0) {
                 certs = new X509Certificate[]{foundCerts[0]};
             }
         } else if (secRef.containsKeyIdentifier()) {
@@ -214,7 +214,7 @@ public class SignatureSTRParser implemen
                     SAMLUtil.getCredentialFromSubject(assertion, data,
                                                       wsDocInfo, bspCompliant);
                 X509Certificate[] foundCerts = samlKi.getCerts();
-                if (foundCerts != null) {
+                if (foundCerts != null && foundCerts.length > 0) {
                     certs = new X509Certificate[]{foundCerts[0]};
                 }
                 secretKey = samlKi.getSecret();
@@ -231,7 +231,7 @@ public class SignatureSTRParser implemen
             );
         }
         
-        if (certs != null && principal == null) {
+        if (certs != null && certs.length > 0 && principal == null) {
             principal = certs[0].getSubjectX500Principal();
         }
     }