I suggest you ...

In The source of org.opensaml.saml2.encryption.Encrypter we noticed a bug:

498 if (dataEncKeyNames.size() == 0 || DatatypeHelper.isEmpty(dataEncKeyNames.get(0).getValue()) ) {
499 // If there isn't one, autogenerate a random key name.
500 String keyNameValue = idGenerator.generateIdentifier();
501 log.debug("EncryptedData encryption key had no KeyName, generated one for use in CarriedKeyName: {}",
502 keyNameValue);
503
504 KeyName keyName = dataEncKeyNames.get(0);
505 if (keyName == null) {
506 keyName = keyNameBuilder.buildObject();
507 dataEncKeyNames.add(keyName);
508 }
509 keyName.setValue(keyNameValue);
510 carriedKeyNameValue = keyNameValue;

In line 498 is cheked if dataEncKeyNames is empty. On line 504 it tried to fetch element 0 (of an empty collection): Exception is thrown

4 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Paul NiedenzuPaul Niedenzu shared this idea  ·   ·  Admin →

    0 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base