(axis-axis2-java-rampart) 01/02: RAMPART-396 NullPointerException using STS, Trust and entropy

Tue, 05 Nov 2024 18:26:46 -0800 

This is an automated email from the ASF dual-hosted git repository.

robertlazarski pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-rampart.git

commit 01a401cf2ec8f559717890292715ce64f9878296
Author: Robert Lazarski <robertlazar...@gmail.com>
AuthorDate: Tue Nov 5 16:22:44 2024 -1000

    RAMPART-396 NullPointerException using STS, Trust and entropy
---
 .../src/main/java/org/apache/rahas/client/STSClient.java  | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git 
a/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java 
b/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
index f8ca8789..af43d188 100644
--- a/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
+++ b/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
@@ -675,8 +675,9 @@ public class STSClient {
      * the RST.
      *
      * @param servicePolicy
+     * @throws TrustException 
      */
-    private void processPolicy(Policy issuerPolicy, Policy servicePolicy) {
+    private void processPolicy(Policy issuerPolicy, Policy servicePolicy) 
throws TrustException {
         //Get the policy assertions
         //Assumption: there's only one alternative
 
@@ -694,6 +695,10 @@ public class STSClient {
 
                     this.algorithmSuite = ((Binding) tempAssertion)
                             .getAlgorithmSuite();
+                    
+                    if(algorithmSuite == null) {
+                       throw new TrustException("Invalid STS policy. 
AlgorithmSuite not found");
+                    }
                 }
             }
         }
@@ -768,6 +773,8 @@ public class STSClient {
                 }
             }
         }
+        
+        int nonceLength = this.algorithmSuite != null ? 
this.algorithmSuite.getMaximumSymmetricKeyLength() / 8 : 16; 
 
         try {
             // Handle entropy
@@ -786,8 +793,7 @@ public class STSClient {
                                                                 ent,
                                                                 
RahasConstants.BIN_SEC_TYPE_NONCE);
                     this.requestorEntropy =
-                            
UsernameTokenUtil.generateNonce(this.algorithmSuite.
-                                    getMaximumSymmetricKeyLength()/8);
+                            UsernameTokenUtil.generateNonce(nonceLength);
                     binSec.setText(Base64Utils.encode(this.requestorEntropy));
 
                     if (log.isDebugEnabled()) {
@@ -812,8 +818,7 @@ public class STSClient {
                                                                 ent,
                                                                 
RahasConstants.BIN_SEC_TYPE_NONCE);
                     this.requestorEntropy =
-                            
UsernameTokenUtil.generateNonce(this.algorithmSuite.
-                                    getMaximumSymmetricKeyLength()/8);
+                            UsernameTokenUtil.generateNonce(nonceLength);
                     binSec.setText(Base64Utils.encode(this.requestorEntropy));
 
                     if (log.isDebugEnabled()) {

Reply via email to