ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1771309 - in /webservices/wss4j/trunk: ws-security-common/src/main/java/org/apache/wss4j/common/crypto/ ws-security-common/src/main/java/org/apache/wss4j/common/util/ ws-security-dom/src/main/java/org/apache/wss4j/dom/action/ ws-security-d...
Date Fri, 25 Nov 2016 12:31:29 GMT
Author: coheigea
Date: Fri Nov 25 12:31:29 2016
New Revision: 1771309

URL: http://svn.apache.org/viewvc?rev=1771309&view=rev
Log:
Findbugs analysis

Modified:
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureDerivedAction.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/KerberosSecurity.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java

Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java?rev=1771309&r1=1771308&r2=1771309&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java
(original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java
Fri Nov 25 12:31:29 2016
@@ -664,7 +664,7 @@ public class Merlin extends CryptoBase {
         String identifier = getIdentifier(certificate, keystore);
         if (identifier == null) {
             try {
-                String msg = "Cannot find key for alias: [" + identifier + "]";
+                String msg = "Cannot find key for certificate";
                 String logMsg = createKeyStoreErrorMessage(keystore);
                 LOG.error(msg + logMsg);
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "empty",
@@ -703,7 +703,7 @@ public class Merlin extends CryptoBase {
         String identifier = getIdentifier(publicKey, keystore);
         if (identifier == null) {
             try {
-                String msg = "Cannot find key for alias: [" + identifier + "]";
+                String msg = "Cannot find key for corresponding public key";
                 String logMsg = createKeyStoreErrorMessage(keystore);
                 LOG.error(msg + logMsg);
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "empty",

Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java?rev=1771309&r1=1771308&r2=1771309&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
(original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
Fri Nov 25 12:31:29 2016
@@ -1,5 +1,5 @@
 /**
- * Licensed to the Apache Software Foundation (ASF) under one
+L * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements. See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership. The ASF licenses this file
@@ -128,7 +128,7 @@ public final class XMLUtils {
     public static String prettyDocumentToString(Document doc) throws IOException, TransformerException
{
         try (ByteArrayOutputStream baos = new ByteArrayOutputStream()) {
             elementToStream(doc.getDocumentElement(), baos);
-            return new String(baos.toByteArray());
+            return new String(baos.toByteArray(), "UTF-8");
         }
     }
 

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureDerivedAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureDerivedAction.java?rev=1771309&r1=1771308&r2=1771309&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureDerivedAction.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureDerivedAction.java
Fri Nov 25 12:31:29 2016
@@ -99,7 +99,7 @@ public class SignatureDerivedAction exte
 
             wsSign.prepare();
 
-            List<javax.xml.crypto.dsig.Reference> referenceList = wsSign.addReferencesToSign(parts);
+            List<javax.xml.crypto.dsig.Reference> referenceList = wsSign.addReferencesToSign(wsSign.getParts());
 
             // Put the DerivedKeyToken Element in the right place in the security header
             Node nextSibling = null;

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java?rev=1771309&r1=1771308&r2=1771309&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
Fri Nov 25 12:31:29 2016
@@ -1183,7 +1183,7 @@ public abstract class WSHandler {
         int doAction
     ) throws WSSecurityException {
 
-        int reason = WSPasswordCallback.UNKNOWN;
+        int reason;
 
         switch (doAction) {
         case WSConstants.UT:
@@ -1202,6 +1202,8 @@ public abstract class WSHandler {
         case WSConstants.DKT_ENCR:
             reason = WSPasswordCallback.SECRET_KEY;
             break;
+        default:
+            reason = WSPasswordCallback.UNKNOWN;
         }
         return new WSPasswordCallback(username, reason);
     }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/KerberosSecurity.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/KerberosSecurity.java?rev=1771309&r1=1771308&r2=1771309&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/KerberosSecurity.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/KerberosSecurity.java
Fri Nov 25 12:31:29 2016
@@ -319,4 +319,28 @@ public class KerberosSecurity extends Bi
         return false;
     }
 
+    @Override
+    public boolean equals(Object object) {
+        if (!(object instanceof KerberosSecurity)) {
+            return false;
+        }
+        
+        KerberosSecurity that = (KerberosSecurity)object;
+        if (secretKey != null && !secretKey.equals(that.secretKey)) {
+            return false;
+        } else if (secretKey == null && that.secretKey != null) {
+            return false;
+        }
+        
+        return super.equals(object);
+    }
+    
+    @Override
+    public int hashCode() {
+        int hashCode = 17;
+        if (secretKey != null) {
+            hashCode *= 31 + secretKey.hashCode();
+        }
+        return hashCode *= 31 + super.hashCode();
+    }
 }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java?rev=1771309&r1=1771308&r2=1771309&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedDataProcessor.java
Fri Nov 25 12:31:29 2016
@@ -176,7 +176,9 @@ public class EncryptedDataProcessor impl
         wsDocInfo.addTokenElement(elem);
 
         List<WSSecurityEngineResult> completeResults = new LinkedList<>();
-        completeResults.addAll(encrKeyResults);
+        if (encrKeyResults != null) {
+            completeResults.addAll(encrKeyResults);
+        }
         completeResults.add(result);
 
         WSSConfig wssConfig = request.getWssConfig();



Mime
View raw message