Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-610

Missing null check in build() method of X509CertificateBuilder

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 1.1.0.Beta8
    • 1.1.0.Beta7
    • None

      Calling ASN1.oidFromSignatureAlgorithm(String) in org.wildfly.security.x500.cert.X509CertificateBuilder.build() method on line 375 [1] for unknown algorithms returns null which is assigned to signatureAlgorithmOid and results to NPE thrown from derEncoder.encodeObjectIdentifier(signatureAlgorithmOid) on line 377.

      [1] https://github.com/wildfly-security/wildfly-elytron/blob/e01a09572b02f33db01695eb85638e88b0cd944f/src/main/java/org/wildfly/security/x500/cert/X509CertificateBuilder.java#L375

            dlloyd@redhat.com David Lloyd
            olukas Ondrej Lukas (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: