Skip to content

Commit

Permalink
Release | Fixed issued reported by SonarQube
Browse files Browse the repository at this point in the history 
* SonarQube fixes

* Fix resource leak in AE

* Addressing comments

* throw exception if 3rd resultset is empty
  • Loading branch information
@rene-ye @ulvii
rene-ye authored and ulvii committed Jan 23, 2020
1 parent f9c6112 commit f5f582d
Show file tree
Hide file tree
Showing 8 changed files with 157 additions and 187 deletions.
2 changes: 1 addition & 1 deletion src/main/java/com/microsoft/sqlserver/jdbc/IOBuffer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6202,7 +6202,7 @@ void writeRPCReaderUnicode(String sName, Reader re, long reLength, boolean bOut,

void sendEnclavePackage(String sql, ArrayList<byte[]> enclaveCEKs) throws SQLServerException {
if (null != con && con.isAEv2()) {
if (null != sql && "" != sql && null != enclaveCEKs && 0 < enclaveCEKs.size() && con.enclaveEstablished()) {
if (null != sql && !sql.isEmpty() && null != enclaveCEKs && 0 < enclaveCEKs.size() && con.enclaveEstablished()) {
byte[] b = con.generateEnclavePackage(sql, enclaveCEKs);
if (null != b && 0 != b.length) {
this.writeShort((short) b.length);
Expand Down
17 changes: 6 additions & 11 deletions src/main/java/com/microsoft/sqlserver/jdbc/ISQLServerEnclaveProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -292,21 +292,16 @@ void initBcryptECDH() throws SQLServerException {
/*
* Create our BCRYPT_ECCKEY_BLOB
*/
KeyPairGenerator kpg = null;
try {
kpg = KeyPairGenerator.getInstance("EC");
KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC");
kpg.initialize(new ECGenParameterSpec("secp384r1"));
} catch (GeneralSecurityException e) {
SQLServerException.makeFromDriverError(null, kpg, e.getLocalizedMessage(), "0", false);
}
KeyPair kp = kpg.generateKeyPair();
ECPublicKey publicKey = (ECPublicKey) kp.getPublic();
privateKey = kp.getPrivate();
ECPoint w = publicKey.getW();
try {
KeyPair kp = kpg.generateKeyPair();
ECPublicKey publicKey = (ECPublicKey) kp.getPublic();
privateKey = kp.getPrivate();
ECPoint w = publicKey.getW();
x = adjustBigInt(w.getAffineX().toByteArray());
y = adjustBigInt(w.getAffineY().toByteArray());
} catch (IOException e) {
} catch (GeneralSecurityException | IOException e) {
SQLServerException.makeFromDriverError(null, this, e.getLocalizedMessage(), "0", false);
}
}
Expand Down
58 changes: 28 additions & 30 deletions src/main/java/com/microsoft/sqlserver/jdbc/SQLServerAASEnclaveProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,47 +102,45 @@ public EnclaveSession getEnclaveSession() {
return enclaveSession;
}

private AASAttestationResponse validateAttestationResponse(AASAttestationResponse ar) throws SQLServerException {
try {
ar.validateToken(attestationURL, aasParams.getNonce());
ar.validateDHPublicKey(aasParams.getNonce());
} catch (GeneralSecurityException e) {
SQLServerException.makeFromDriverError(null, this, e.getLocalizedMessage(), "0", false);
private void validateAttestationResponse() throws SQLServerException {
if (null != hgsResponse) {
try {
hgsResponse.validateToken(attestationURL, aasParams.getNonce());
hgsResponse.validateDHPublicKey(aasParams.getNonce());
} catch (GeneralSecurityException e) {
SQLServerException.makeFromDriverError(null, this, e.getLocalizedMessage(), "0", false);
}
}
return ar;
}

private ArrayList<byte[]> describeParameterEncryption(SQLServerConnection connection, String userSql,
String preparedTypeDefinitions, Parameter[] params,
ArrayList<String> parameterNames) throws SQLServerException {
ArrayList<byte[]> enclaveRequestedCEKs = new ArrayList<>();
ResultSet rs = null;
try (PreparedStatement stmt = connection.prepareStatement(connection.enclaveEstablished() ? SDPE1 : SDPE2)) {
if (connection.enclaveEstablished()) {
rs = executeSDPEv1(stmt, userSql, preparedTypeDefinitions);
} else {
rs = executeSDPEv2(stmt, userSql, preparedTypeDefinitions, aasParams);
}
if (null == rs) {
// No results. Meaning no parameter.
// Should never happen.
return enclaveRequestedCEKs;
}
processSDPEv1(userSql, preparedTypeDefinitions, params, parameterNames, connection, stmt, rs,
enclaveRequestedCEKs);
// Process the third resultset.
if (connection.isAEv2() && stmt.getMoreResults()) {
rs = (SQLServerResultSet) stmt.getResultSet();
while (rs.next()) {
hgsResponse = new AASAttestationResponse(rs.getBytes(1));
// This validates and establishes the enclave session if valid
if (!connection.enclaveEstablished()) {
hgsResponse = validateAttestationResponse(hgsResponse);
try (ResultSet rs = connection.enclaveEstablished() ? executeSDPEv1(stmt, userSql,
preparedTypeDefinitions) : executeSDPEv2(stmt, userSql, preparedTypeDefinitions, aasParams)) {
if (null == rs) {
// No results. Meaning no parameter.
// Should never happen.
return enclaveRequestedCEKs;
}
processSDPEv1(userSql, preparedTypeDefinitions, params, parameterNames, connection, stmt, rs,
enclaveRequestedCEKs);
// Process the third resultset.
if (connection.isAEv2() && stmt.getMoreResults()) {
try (ResultSet hgsRs = (SQLServerResultSet) stmt.getResultSet()) {
if (hgsRs.next()) {
hgsResponse = new AASAttestationResponse(hgsRs.getBytes(1));
// This validates and establishes the enclave session if valid
validateAttestationResponse();
} else {
SQLServerException.makeFromDriverError(null, this,
SQLServerException.getErrString("R_UnableRetrieveParameterMetadata"), "0", false);
}
}
}
}
// Null check for rs is done already.
rs.close();
} catch (SQLException | IOException e) {
if (e instanceof SQLServerException) {
throw (SQLServerException) e;
Expand Down
4 changes: 3 additions & 1 deletion ...main/java/com/microsoft/sqlserver/jdbc/SQLServerColumnEncryptionJavaKeyStoreProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -348,6 +348,9 @@ public boolean verifyColumnMasterKeyMetadata(String masterKeyPath, boolean allow

KeyStoreProviderCommon.validateNonEmptyMasterKeyPath(masterKeyPath);
CertificateDetails certificateDetails = getCertificateDetails(masterKeyPath);
if (null == certificateDetails) {
return false;
}

try {
MessageDigest md = MessageDigest.getInstance("SHA-256");
Expand All @@ -356,7 +359,6 @@ public boolean verifyColumnMasterKeyMetadata(String masterKeyPath, boolean allow
// value of allowEnclaveComputations is always true here
md.update("true".getBytes(java.nio.charset.StandardCharsets.UTF_16LE));
return rsaVerifySignature(md.digest(), signature, certificateDetails);

} catch (NoSuchAlgorithmException e) {
throw new SQLServerException(SQLServerException.getErrString("R_NoSHA256Algorithm"), e);
}
Expand Down
4 changes: 2 additions & 2 deletions src/main/java/com/microsoft/sqlserver/jdbc/SQLServerDatabaseMetaData.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1047,9 +1047,9 @@ private ResultSet executeSPFkeys(String[] procParams) throws SQLException, SQLTi
cstmt.setString(i + 1, procParams[i]);
}
String currentDB = null;
if (null != procParams[2] && procParams[2] != "") {// pktable_qualifier
if (null != procParams[2] && !procParams[2].isEmpty()) {// pktable_qualifier
currentDB = switchCatalogs(procParams[2]);
} else if (null != procParams[5] && procParams[5] != "") {// fktable_qualifier
} else if (null != procParams[5] && !procParams[5].isEmpty()) {// fktable_qualifier
currentDB = switchCatalogs(procParams[5]);
}
ResultSet rs = cstmt.executeQuery();
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/com/microsoft/sqlserver/jdbc/SQLServerFMTQuery.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ String constructTableTargets() {

String getFMTQuery() {
StringBuilder sb = new StringBuilder(FMT_ON);
if (prefix != "") {
if (!"".equals(prefix)) {
sb.append(prefix);
}
sb.append(SELECT);
Expand Down
Loading

0 comments on commit f5f582d

Please sign in to comment.