This is an automated email from the ASF dual-hosted git repository.
sergeyb pushed a commit to branch 3.1.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
The following commit(s) were added to refs/heads/3.1.x-fixes by this push:
new f5093d9 [CXF-7505] Preventing ClassCastExceptions if JWK and JKS
store end up on the same exchange
f5093d9 is described below
commit f5093d9575a92d4f1f9dec22c077dc8939975f18
Author: Sergey Beryozkin <[email protected]>
AuthorDate: Mon Sep 18 17:04:17 2017 +0100
[CXF-7505] Preventing ClassCastExceptions if JWK and JKS store end up on
the same exchange
---
.../apache/cxf/rs/security/jose/common/KeyManagementUtils.java | 8 +++++++-
.../java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java | 10 +++++++++-
2 files changed, 16 insertions(+), 2 deletions(-)
diff --git
a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java
index f900355..f9409cf 100644
---
a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java
+++
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java
@@ -51,6 +51,7 @@ import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.phase.PhaseInterceptorChain;
+import org.apache.cxf.rs.security.jose.jwk.JwkException;
import org.apache.cxf.rs.security.jose.jwk.KeyOperation;
import org.apache.cxf.rt.security.crypto.CryptoUtils;
import org.apache.cxf.rt.security.crypto.MessageDigestUtils;
@@ -285,7 +286,12 @@ public final class KeyManagementUtils {
throw new JoseException("No keystore file has been
configured");
}
if (m != null) {
- keyStore =
(KeyStore)m.getExchange().get(props.get(JoseConstants.RSSEC_KEY_STORE_FILE));
+ Object keyStoreProp =
m.getExchange().get(props.get(JoseConstants.RSSEC_KEY_STORE_FILE));
+ if (keyStoreProp != null && !(keyStoreProp instanceof
KeyStore)) {
+ throw new JwkException("Unexpected key store class: " +
keyStoreProp.getClass().getName());
+ } else {
+ keyStore = (KeyStore)keyStoreProp;
+ }
}
}
diff --git
a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java
index ffe3223..43b61a4 100644
---
a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java
+++
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java
@@ -244,7 +244,15 @@ public final class JwkUtils {
}
public static JsonWebKeys loadJwkSet(Message m, Properties props,
PrivateKeyPasswordProvider cb) {
String key = (String)props.get(JoseConstants.RSSEC_KEY_STORE_FILE);
- JsonWebKeys jwkSet = key != null ?
(JsonWebKeys)m.getExchange().get(key) : null;
+ JsonWebKeys jwkSet = null;
+ if (key != null) {
+ Object jwkSetProp = m.getExchange().get(key);
+ if (jwkSetProp != null && !(jwkSetProp instanceof JsonWebKeys)) {
+ throw new JwkException("Unexpected key store class: " +
jwkSetProp.getClass().getName());
+ } else {
+ jwkSet = (JsonWebKeys)jwkSetProp;
+ }
+ }
if (jwkSet == null) {
jwkSet = loadJwkSet(props, m.getExchange().getBus(), cb);
if (key != null) {
--
To stop receiving notification emails like this one, please contact
['"[email protected]" <[email protected]>'].
