diff options
author | 2022-09-12 13:27:04 +0200 | |
---|---|---|
committer | 2022-09-20 10:08:05 +0200 | |
commit | 0587da741a0edad6e5eefedbc1d200f0e2c81f2b (patch) | |
tree | 2db6f1849ce6c01e2ee945ae8a50e3459bae054e /certServicePostProcessor/src | |
parent | 187d1435142c50e627890ddd5049a9f43ebbe1a2 (diff) |
[OOM-CERT-SERVICE] Fix vulnerabilities for Kohn
- update gson to 2.9.0
- update commons-io to 2.11.0
- update httpclient to 4.5.13
- update bcprov-jdk15on to 1.70
- left version of sonar-go-pluging at 1.1.1.2000
- fix the implementation in respect to the update
- include py3.8 fix (https://gerrit.onap.org/r/c/oom/platform/cert-service/+/130574)
Issue-ID: OOM-2985
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I0d6b775c3f09b283900981c49db4abaf80d33b11
Diffstat (limited to 'certServicePostProcessor/src')
-rw-r--r-- | certServicePostProcessor/src/main/java/org/onap/oom/certservice/postprocessor/merger/model/PemTruststore.java | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/certServicePostProcessor/src/main/java/org/onap/oom/certservice/postprocessor/merger/model/PemTruststore.java b/certServicePostProcessor/src/main/java/org/onap/oom/certservice/postprocessor/merger/model/PemTruststore.java index 642721cc..8e360523 100644 --- a/certServicePostProcessor/src/main/java/org/onap/oom/certservice/postprocessor/merger/model/PemTruststore.java +++ b/certServicePostProcessor/src/main/java/org/onap/oom/certservice/postprocessor/merger/model/PemTruststore.java @@ -29,6 +29,7 @@ import java.io.IOException; import java.io.StringWriter; import java.security.Security; import java.security.cert.Certificate; +import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.util.ArrayList; import java.util.List; @@ -89,8 +90,13 @@ public class PemTruststore extends Truststore { } boolean isFileWithoutPemCertificate() throws TruststoreDataOperationException { - List<Certificate> certificateList = extractCertificatesFromFile(); - return certificateList.isEmpty(); + try { + List<Certificate> certificateList = extractCertificatesFromFile(); + return certificateList.isEmpty(); + } catch (TruststoreDataOperationException e) { + LOGGER.error("Cannot extract certificates from file: {}", storeFile.getPath()); + } + return true; } String transformToStringInPemFormat(List<Certificate> certificates) throws TruststoreDataOperationException { @@ -112,7 +118,12 @@ public class PemTruststore extends Truststore { Security.addProvider(new BouncyCastleProvider()); CertificateFactory certFactory = CertificateFactory.getInstance(X_509_CERTIFICATE, BOUNCY_CASTLE_PROVIDER); return new ArrayList<>(certFactory.generateCertificates(inputStream)); - } catch (Exception e) { + } + catch (CertificateException e) { + LOGGER.error("Cannot read certificates from file: {}", storeFile.getPath()); + throw new TruststoreDataOperationException(e); + } + catch (Exception e) { LOGGER.error("Cannot read certificates from file: {}", storeFile.getPath()); throw new TruststoreDataOperationException(e); } |