Fixed NPE issue in KeyVaultKeysModelsUtils (#43776)

* Fixed possible NPE issues when calling toString() in Key Vault libraries. * Removed unused import. * Ran Spotless.
Azure · Jan 14, 2025 · d12b697 · d12b697
1 parent 70e1ebe
commit d12b697
Show file tree

Hide file tree

Showing 8 changed files with 46 additions and 37 deletions.
diff --git a/.../java/com/azure/security/keyvault/certificates/implementation/models/CertificateItem.java b/.../java/com/azure/security/keyvault/certificates/implementation/models/CertificateItem.java
@@ -48,7 +48,7 @@ public CertificateItem() {
 
     /**
      * Get the id property: Certificate identifier.
-     * 
+     *
      * @return the id value.
      */
     public String getId() {
@@ -57,7 +57,7 @@ public String getId() {
 
     /**
      * Set the id property: Certificate identifier.
-     * 
+     *
      * @param id the id value to set.
      * @return the CertificateItem object itself.
      */
@@ -68,7 +68,7 @@ public CertificateItem setId(String id) {
 
     /**
      * Get the attributes property: The certificate management attributes.
-     * 
+     *
      * @return the attributes value.
      */
     public CertificateAttributes getAttributes() {
@@ -77,7 +77,7 @@ public CertificateAttributes getAttributes() {
 
     /**
      * Set the attributes property: The certificate management attributes.
-     * 
+     *
      * @param attributes the attributes value to set.
      * @return the CertificateItem object itself.
      */
@@ -88,7 +88,7 @@ public CertificateItem setAttributes(CertificateAttributes attributes) {
 
     /**
      * Get the tags property: Application specific metadata in the form of key-value pairs.
-     * 
+     *
      * @return the tags value.
      */
     public Map<String, String> getTags() {
@@ -97,7 +97,7 @@ public Map<String, String> getTags() {
 
     /**
      * Set the tags property: Application specific metadata in the form of key-value pairs.
-     * 
+     *
      * @param tags the tags value to set.
      * @return the CertificateItem object itself.
      */
@@ -108,7 +108,7 @@ public CertificateItem setTags(Map<String, String> tags) {
 
     /**
      * Get the x509Thumbprint property: Thumbprint of the certificate.
-     * 
+     *
      * @return the x509Thumbprint value.
      */
     public byte[] getX509Thumbprint() {
@@ -120,7 +120,7 @@ public byte[] getX509Thumbprint() {
 
     /**
      * Set the x509Thumbprint property: Thumbprint of the certificate.
-     * 
+     *
      * @param x509Thumbprint the x509Thumbprint value to set.
      * @return the CertificateItem object itself.
      */
@@ -141,14 +141,14 @@ public JsonWriter toJson(JsonWriter jsonWriter) throws IOException {
         jsonWriter.writeStartObject();
         jsonWriter.writeStringField("id", this.id);
         jsonWriter.writeJsonField("attributes", this.attributes);
-        jsonWriter.writeMapField("tags", this.tags, (writer, element) -> writer.writeString(element));
+        jsonWriter.writeMapField("tags", this.tags, JsonWriter::writeString);
         jsonWriter.writeStringField("x5t", Objects.toString(this.x509Thumbprint, null));
         return jsonWriter.writeEndObject();
     }
 
     /**
      * Reads an instance of CertificateItem from the JsonReader.
-     * 
+     *
      * @param jsonReader The JsonReader being read.
      * @return An instance of CertificateItem if the JsonReader was pointing to an instance of it, or null if it was
      * pointing to JSON null.

diff --git a/...om/azure/security/keyvault/certificates/implementation/models/DeletedCertificateItem.java b/...om/azure/security/keyvault/certificates/implementation/models/DeletedCertificateItem.java
@@ -9,12 +9,12 @@
 import com.azure.json.JsonReader;
 import com.azure.json.JsonToken;
 import com.azure.json.JsonWriter;
+
 import java.io.IOException;
 import java.time.Instant;
 import java.time.OffsetDateTime;
 import java.time.ZoneOffset;
 import java.util.Map;
-import java.util.Objects;
 
 /**
  * The deleted certificate item containing metadata about the deleted certificate.
@@ -45,7 +45,7 @@ public DeletedCertificateItem() {
     /**
      * Get the recoveryId property: The url of the recovery object, used to identify and recover the deleted
      * certificate.
-     * 
+     *
      * @return the recoveryId value.
      */
     public String getRecoveryId() {
@@ -55,7 +55,7 @@ public String getRecoveryId() {
     /**
      * Set the recoveryId property: The url of the recovery object, used to identify and recover the deleted
      * certificate.
-     * 
+     *
      * @param recoveryId the recoveryId value to set.
      * @return the DeletedCertificateItem object itself.
      */
@@ -66,7 +66,7 @@ public DeletedCertificateItem setRecoveryId(String recoveryId) {
 
     /**
      * Get the scheduledPurgeDate property: The time when the certificate is scheduled to be purged, in UTC.
-     * 
+     *
      * @return the scheduledPurgeDate value.
      */
     public OffsetDateTime getScheduledPurgeDate() {
@@ -78,7 +78,7 @@ public OffsetDateTime getScheduledPurgeDate() {
 
     /**
      * Get the deletedDate property: The time when the certificate was deleted, in UTC.
-     * 
+     *
      * @return the deletedDate value.
      */
     public OffsetDateTime getDeletedDate() {
@@ -132,17 +132,20 @@ public JsonWriter toJson(JsonWriter jsonWriter) throws IOException {
         jsonWriter.writeStartObject();
         jsonWriter.writeStringField("id", getId());
         jsonWriter.writeJsonField("attributes", getAttributes());
-        jsonWriter.writeMapField("tags", getTags(), (writer, element) -> writer.writeString(element));
+        jsonWriter.writeMapField("tags", getTags(), JsonWriter::writeString);
+
         if (getX509Thumbprint() != null) {
-            jsonWriter.writeStringField("x5t", Objects.toString(Base64Url.encode(getX509Thumbprint()), null));
+            jsonWriter.writeStringField("x5t", Base64Url.encode(getX509Thumbprint()).toString());
         }
+
         jsonWriter.writeStringField("recoveryId", this.recoveryId);
+
         return jsonWriter.writeEndObject();
     }
 
     /**
      * Reads an instance of DeletedCertificateItem from the JsonReader.
-     * 
+     *
      * @param jsonReader The JsonReader being read.
      * @return An instance of DeletedCertificateItem if the JsonReader was pointing to an instance of it, or null if it
      * was pointing to JSON null.

diff --git a/...om/azure/security/keyvault/keys/cryptography/implementation/AesKeyCryptographyClient.java b/...om/azure/security/keyvault/keys/cryptography/implementation/AesKeyCryptographyClient.java
@@ -48,9 +48,6 @@ class AesKeyCryptographyClient extends LocalKeyCryptographyClient {
 
     @Override
     public Mono<EncryptResult> encryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext, Context context) {
-        Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
-        Objects.requireNonNull(plaintext, "Plaintext cannot be null.");
-
         try {
             return encryptInternalAsync(algorithm, plaintext, null, null, context);
         } catch (Exception e) {
@@ -60,9 +57,6 @@ public Mono<EncryptResult> encryptAsync(EncryptionAlgorithm algorithm, byte[] pl
 
     @Override
     public EncryptResult encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, Context context) {
-        Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
-        Objects.requireNonNull(plaintext, "Plaintext cannot be null.");
-
         try {
             return encryptInternal(algorithm, plaintext, null, null, context);
         } catch (Exception e) {
@@ -96,6 +90,10 @@ public EncryptResult encrypt(EncryptParameters encryptParameters, Context contex
 
     private Mono<EncryptResult> encryptInternalAsync(EncryptionAlgorithm algorithm, byte[] plaintext, byte[] iv,
         byte[] additionalAuthenticatedData, Context context) throws NoSuchAlgorithmException {
+
+        Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
+        Objects.requireNonNull(plaintext, "Plaintext cannot be null.");
+
         // Interpret the algorithm
         Algorithm baseAlgorithm = AlgorithmResolver.DEFAULT.get(algorithm.toString());
 
@@ -142,6 +140,9 @@ private EncryptResult encryptInternal(EncryptionAlgorithm algorithm, byte[] plai
         byte[] additionalAuthenticatedData, Context context) throws BadPaddingException, IllegalBlockSizeException,
         InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException {
 
+        Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
+        Objects.requireNonNull(plaintext, "Plaintext cannot be null.");
+
         // Interpret the algorithm
         Algorithm baseAlgorithm = AlgorithmResolver.DEFAULT.get(algorithm.toString());
 
@@ -178,9 +179,6 @@ private EncryptResult encryptInternal(EncryptionAlgorithm algorithm, byte[] plai
 
     @Override
     public Mono<DecryptResult> decryptAsync(EncryptionAlgorithm algorithm, byte[] ciphertext, Context context) {
-        Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
-        Objects.requireNonNull(ciphertext, "Ciphertext cannot be null.");
-
         try {
             return decryptInternalAsync(algorithm, ciphertext, null, null, null, context);
         } catch (Exception e) {
@@ -190,9 +188,6 @@ public Mono<DecryptResult> decryptAsync(EncryptionAlgorithm algorithm, byte[] ci
 
     @Override
     public DecryptResult decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext, Context context) {
-        Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
-        Objects.requireNonNull(ciphertext, "Ciphertext cannot be null.");
-
         try {
             return decryptInternal(algorithm, ciphertext, null, null, null, context);
         } catch (Exception e) {
@@ -228,6 +223,10 @@ public DecryptResult decrypt(DecryptParameters decryptParameters, Context contex
 
     private Mono<DecryptResult> decryptInternalAsync(EncryptionAlgorithm algorithm, byte[] ciphertext, byte[] iv,
         byte[] additionalAuthenticatedData, byte[] authenticationTag, Context context) throws NoSuchAlgorithmException {
+
+        Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
+        Objects.requireNonNull(ciphertext, "Ciphertext cannot be null.");
+
         // Interpret the algorithm
         Algorithm baseAlgorithm = AlgorithmResolver.DEFAULT.get(algorithm.toString());
 
@@ -260,6 +259,9 @@ private DecryptResult decryptInternal(EncryptionAlgorithm algorithm, byte[] ciph
         throws BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException, InvalidKeyException,
         NoSuchAlgorithmException, NoSuchPaddingException {
 
+        Objects.requireNonNull(algorithm, "Encryption algorithm cannot be null.");
+        Objects.requireNonNull(ciphertext, "Ciphertext cannot be null.");
+
         // Interpret the algorithm
         Algorithm baseAlgorithm = AlgorithmResolver.DEFAULT.get(algorithm.toString());
 

diff --git a/.../java/com/azure/security/keyvault/keys/cryptography/implementation/CryptographyUtils.java b/.../java/com/azure/security/keyvault/keys/cryptography/implementation/CryptographyUtils.java
@@ -143,8 +143,10 @@ public static LocalKeyCryptographyClient createLocalClient(JsonWebKey jsonWebKey
 
     public static void verifyKeyPermissions(JsonWebKey jsonWebKey, KeyOperation keyOperation) {
         if (!jsonWebKey.getKeyOps().contains(keyOperation)) {
+            String keyOperationName = keyOperation == null ? null : keyOperation.toString().toLowerCase(Locale.ROOT);
+
             throw new UnsupportedOperationException(String.format("The %s operation is not allowed for key with id: %s",
-                keyOperation.toString().toLowerCase(Locale.ROOT), jsonWebKey.getId()));
+                keyOperationName, jsonWebKey.getId()));
         }
     }
 

diff --git a/...com/azure/security/keyvault/keys/cryptography/implementation/EcKeyCryptographyClient.java b/...com/azure/security/keyvault/keys/cryptography/implementation/EcKeyCryptographyClient.java
@@ -326,7 +326,7 @@ public VerifyResult verifyData(SignatureAlgorithm algorithm, byte[] data, byte[]
 
     private static byte[] calculateDigest(SignatureAlgorithm algorithm, byte[] data) throws NoSuchAlgorithmException {
         HashAlgorithm hashAlgorithm = SignatureHashResolver.DEFAULT.get(algorithm);
-        MessageDigest md = MessageDigest.getInstance(hashAlgorithm.toString());
+        MessageDigest md = MessageDigest.getInstance(Objects.toString(hashAlgorithm, null));
 
         md.update(data);
 

diff --git a/...om/azure/security/keyvault/keys/cryptography/implementation/RsaKeyCryptographyClient.java b/...om/azure/security/keyvault/keys/cryptography/implementation/RsaKeyCryptographyClient.java
@@ -445,7 +445,7 @@ public VerifyResult verifyData(SignatureAlgorithm algorithm, byte[] data, byte[]
 
     private static byte[] calculateDigest(SignatureAlgorithm algorithm, byte[] data) throws NoSuchAlgorithmException {
         HashAlgorithm hashAlgorithm = SignatureHashResolver.DEFAULT.get(algorithm);
-        MessageDigest md = MessageDigest.getInstance(hashAlgorithm.toString());
+        MessageDigest md = MessageDigest.getInstance(Objects.toString(hashAlgorithm, null));
 
         md.update(data);
 

diff --git a/.../java/com/azure/security/keyvault/keys/implementation/models/KeyVaultKeysModelsUtils.java b/.../java/com/azure/security/keyvault/keys/implementation/models/KeyVaultKeysModelsUtils.java
@@ -195,8 +195,7 @@ private static void populateKeyProperties(KeyBundle bundle, KeyProperties proper
 
             KeyPropertiesHelper.setCreatedOn(properties, attributes.getCreated());
             KeyPropertiesHelper.setUpdatedOn(properties, attributes.getUpdated());
-            KeyPropertiesHelper.setRecoveryLevel(properties,
-                Objects.toString(attributes.getRecoveryLevel().toString(), null));
+            KeyPropertiesHelper.setRecoveryLevel(properties, Objects.toString(attributes.getRecoveryLevel(), null));
             KeyPropertiesHelper.setRecoverableDays(properties, attributes.getRecoverableDays());
             KeyPropertiesHelper.setHsmPlatform(properties, attributes.getHsmPlatform());
         }

diff --git a/...in/java/com/azure/security/keyvault/secrets/implementation/models/SecretsModelsUtils.java b/...in/java/com/azure/security/keyvault/secrets/implementation/models/SecretsModelsUtils.java
@@ -17,6 +17,7 @@
 import java.time.Instant;
 import java.time.OffsetDateTime;
 import java.time.ZoneOffset;
+import java.util.Objects;
 import java.util.function.Consumer;
 
 /**
@@ -72,7 +73,8 @@ private static void setSecretPropertiesValues(SecretBundle secretBundle, SecretP
 
             SecretPropertiesHelper.setCreatedOn(secretProperties, secretAttributes.getCreated());
             SecretPropertiesHelper.setUpdatedOn(secretProperties, secretAttributes.getUpdated());
-            SecretPropertiesHelper.setRecoveryLevel(secretProperties, secretAttributes.getRecoveryLevel().toString());
+            SecretPropertiesHelper.setRecoveryLevel(secretProperties,
+                Objects.toString(secretAttributes.getRecoveryLevel(), null));
             SecretPropertiesHelper.setRecoverableDays(secretProperties, secretAttributes.getRecoverableDays());
         }
 
@@ -105,7 +107,8 @@ private static void setSecretPropertiesValues(SecretItem secretItem, SecretPrope
 
             SecretPropertiesHelper.setCreatedOn(secretProperties, secretAttributes.getCreated());
             SecretPropertiesHelper.setUpdatedOn(secretProperties, secretAttributes.getUpdated());
-            SecretPropertiesHelper.setRecoveryLevel(secretProperties, secretAttributes.getRecoveryLevel().toString());
+            SecretPropertiesHelper.setRecoveryLevel(secretProperties,
+                Objects.toString(secretAttributes.getRecoveryLevel(), null));
             SecretPropertiesHelper.setRecoverableDays(secretProperties, secretAttributes.getRecoverableDays());
         }