Resolved svace issues in AccountServer

Change-Id: I2818113959143b1c1877b7b179ab4b5293d703a3
Signed-off-by: yeonghun.nam <yeonghun.nam@samsung.com>
Signed-off-by: Glen Youngjin Kim <glen.kim@samsung.com>
Signed-off-by: Jung Seungho <shonest.jung@samsung.com>
Signed-off-by: yeonghun.nam <yeonghun.nam@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/10639
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Jee Hyeok Kim <jihyeok13.kim@samsung.com>

diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/oauth/Github.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/oauth/Github.java
index b16b181..73abb96 100644 (file)
--- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/oauth/Github.java
+++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/oauth/Github.java
@@ -130,6 +130,12 @@ public class Github implements OAuthProvider {
         JSONUtil<HashMap<String, String>> util = new JSONUtil<>();
         HashMap<String, String> parsedData = util.parseJSON(response,
                 HashMap.class);
+
+        if (parsedData == null) {
+            Log.d("parsedData is null!");
+            return null;
+        }
+
         String userId = parsedData.get(userIdKey);
         userInfo.setUserid(userId);
 

diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/AccountResource.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/AccountResource.java
index 43545c3..2bba0c5 100644 (file)
--- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/AccountResource.java
+++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/AccountResource.java
@@ -86,15 +86,11 @@ public class AccountResource extends Resource {
     private IResponse handlePostSignUp(IRequest request)
             throws ServerException {
 
-        if (request.getPayload() == null) {
-            throw new BadRequestException("payload is null");
-        }
-
         HashMap<String, Object> payloadData = mCbor
                 .parsePayloadFromCbor(request.getPayload(), HashMap.class);
 
         if (payloadData == null) {
-            throw new BadRequestException("CBOR parsing failed");
+            throw new BadRequestException("payload is null");
         }
 
         HashMap<String, Object> responsePayload = null;

diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/session/SessionResource.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/session/SessionResource.java
index 4266114..b39542c 100644 (file)
--- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/session/SessionResource.java
+++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/session/SessionResource.java
@@ -71,16 +71,11 @@ public class SessionResource extends Resource {
     private IResponse handlePostSigninout(IRequest request)
             throws ServerException {
 
-        // exception handle before getting payload
-        if (request.getPayload() == null) {
-            throw new BadRequestException("payload is empty");
-        }
-
         HashMap<String, Object> payloadData = mCbor
                 .parsePayloadFromCbor(request.getPayload(), HashMap.class);
 
         if (payloadData == null) {
-            throw new BadRequestException("CBOR parsing failed");
+            throw new BadRequestException("payload is null");
         }
 
         HashMap<String, Object> responsePayload = null;

diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/tokenrefresh/TokenRefreshResource.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/tokenrefresh/TokenRefreshResource.java
index ae75708..79abff1 100644 (file)
--- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/tokenrefresh/TokenRefreshResource.java
+++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/tokenrefresh/TokenRefreshResource.java
@@ -36,7 +36,6 @@ import org.iotivity.cloud.base.protocols.enums.ContentFormat;
 import org.iotivity.cloud.base.protocols.enums.ResponseStatus;
 import org.iotivity.cloud.base.resource.Resource;
 import org.iotivity.cloud.util.Cbor;
-import org.iotivity.cloud.util.Log;
 
 public class TokenRefreshResource extends Resource {
 
@@ -71,18 +70,11 @@ public class TokenRefreshResource extends Resource {
     private IResponse handlePostRefreshToken(IRequest request)
             throws ServerException {
 
-        if (request.getPayload() == null) {
-            throw new BadRequestException("payload is null");
-        }
-
         HashMap<String, Object> payloadData = mCbor
                 .parsePayloadFromCbor(request.getPayload(), HashMap.class);
 
-        // temp code
-        Log.v(payloadData.toString());
-
         if (payloadData == null) {
-            throw new BadRequestException("CBOR parsing failed");
+            throw new BadRequestException("payload is null");
         }
 
         HashMap<String, Object> responsePayload = null;

diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/group/Group.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/group/Group.java
index 17038e6..d234d5d 100644 (file)
--- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/group/Group.java
+++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/group/Group.java
@@ -31,6 +31,8 @@ import org.iotivity.cloud.accountserver.db.AccountDBManager;
 import org.iotivity.cloud.accountserver.db.GroupTable;
 import org.iotivity.cloud.accountserver.util.TypeCastingManager;
 import org.iotivity.cloud.base.device.Device;
+import org.iotivity.cloud.base.exception.ServerException.BadRequestException;
+import org.iotivity.cloud.base.exception.ServerException.InternalServerErrorException;
 import org.iotivity.cloud.base.exception.ServerException.UnAuthorizedException;
 import org.iotivity.cloud.base.protocols.IRequest;
 import org.iotivity.cloud.base.protocols.MessageBuilder;
@@ -89,11 +91,16 @@ public class Group {
     public void removeMember(HashSet<String> uuid) {
 
         GroupTable groupTable = getGroupTable();
-
+        if (groupTable.getGmid() == null) {
+            throw new InternalServerErrorException("group master is empty");
+        }
         if (uuid.contains(groupTable.getGmid())) {
             GroupResource.getInstance().deleteGroup(groupTable.getGmid(), mGid);
             notifyToSubscriber(getResponsePayload(false));
         } else {
+            if (groupTable.getMidlist() == null) {
+                throw new BadRequestException("midList is invalid in Group");
+            }
             groupTable.setMidlist(
                     removeGroupListSet(groupTable.getMidlist(), uuid));
             AccountDBManager.getInstance().updateRecord(Constants.GROUP_TABLE,
@@ -112,7 +119,9 @@ public class Group {
     public void removeDevice(HashSet<String> di) {
 
         GroupTable groupTable = getGroupTable();
-
+        if (groupTable.getDilist() == null) {
+            throw new BadRequestException("deviceList is invalid in Group");
+        }
         groupTable.setDilist(removeGroupListSet(groupTable.getDilist(), di));
 
         AccountDBManager.getInstance().updateRecord(Constants.GROUP_TABLE,
@@ -123,16 +132,7 @@ public class Group {
 
     public HashMap<String, Object> getInfo(String mid) {
 
-        GroupTable groupTable = getGroupTable();
-
-        HashSet<String> midListSet = new HashSet<String>(
-                (Collection<? extends String>) groupTable.getMidlist());
-
-        if (!midListSet.contains(mid)) {
-
-            throw new UnAuthorizedException(
-                    mid + " is not Group member in gid=" + mGid);
-        }
+        verifyGroupTableMid(mid);
 
         return getResponsePayload(true);
     }
@@ -140,16 +140,7 @@ public class Group {
     public HashMap<String, Object> addSubscriber(String mid, Device subscriber,
             IRequest request) {
 
-        GroupTable groupTable = getGroupTable();
-
-        HashSet<String> midListSet = new HashSet<String>(
-                (Collection<? extends String>) groupTable.getMidlist());
-
-        if (!midListSet.contains(mid)) {
-
-            throw new UnAuthorizedException(
-                    mid + " is not Group member in gid=" + mGid);
-        }
+        verifyGroupTableMid(mid);
 
         GroupSubscriber newSubscriber = new GroupSubscriber(subscriber,
                 request);
@@ -162,7 +153,8 @@ public class Group {
 
     public HashMap<String, Object> removeSubscriber(String mid) {
 
-        HashMap<String, Object> responsePayload = null;
+        HashMap<String, Object> responsePayload = getResponsePayload(true);
+
         if (mSubscribers.containsKey(mid)) {
             mSubscribers.remove(mid);
         }
@@ -170,6 +162,23 @@ public class Group {
         return responsePayload;
     }
 
+    private void verifyGroupTableMid(String mid) {
+
+        GroupTable groupTable = getGroupTable();
+
+        if (groupTable.getMidlist() == null) {
+            throw new BadRequestException("midList is invalid in Group");
+        }
+        HashSet<String> midListSet = new HashSet<String>(
+                (Collection<? extends String>) groupTable.getMidlist());
+
+        if (!midListSet.contains(mid)) {
+
+            throw new UnAuthorizedException(
+                    mid + " is not Group member in gid=" + mGid);
+        }
+    }
+
     private void notifyToSubscriber(
             HashMap<String, Object> notifiyBtyePayloadData) {
         synchronized (mSubscribers) {

diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/group/GroupManager.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/group/GroupManager.java
index d686684..0f380ae 100644 (file)
--- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/group/GroupManager.java
+++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/group/GroupManager.java
@@ -34,6 +34,7 @@ import org.iotivity.cloud.accountserver.db.GroupTable;
 import org.iotivity.cloud.accountserver.util.TypeCastingManager;
 import org.iotivity.cloud.base.device.Device;
 import org.iotivity.cloud.base.exception.ServerException.BadRequestException;
+import org.iotivity.cloud.base.exception.ServerException.InternalServerErrorException;
 import org.iotivity.cloud.base.protocols.IRequest;
 
 public class GroupManager {
@@ -107,6 +108,14 @@ public class GroupManager {
             getGroupTable = mTypeGroup.convertMaptoObject(element,
                     getGroupTable);
 
+            if (getGroupTable.getGtype() == null) {
+                throw new InternalServerErrorException("gtype is empty");
+            }
+
+            if (getGroupTable.getMidlist() == null) {
+                throw new BadRequestException("midList is invalid in Group");
+            }
+
             HashSet<String> midListSet = new HashSet<String>(
                     (Collection<? extends String>) getGroupTable.getMidlist());
 

diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/group/GroupResource.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/group/GroupResource.java
index f5b8538..be7f3a5 100644 (file)
--- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/group/GroupResource.java
+++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/group/GroupResource.java
@@ -87,6 +87,10 @@ public class GroupResource extends Resource {
         HashMap<String, Object> payloadData = mCbor
                 .parsePayloadFromCbor(request.getPayload(), HashMap.class);
 
+        if (payloadData == null) {
+            throw new BadRequestException("payload is null");
+        }
+
         if (getUriPathSegments().containsAll(request.getUriPathSegments())) {
             String uuid = payloadData.get(Constants.REQ_GROUP_MASTER_ID)
                     .toString();

diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/invite/InviteManager.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/invite/InviteManager.java
index 05d4b68..67146d3 100644 (file)
--- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/invite/InviteManager.java
+++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/acl/invite/InviteManager.java
@@ -30,6 +30,7 @@ import org.iotivity.cloud.accountserver.db.AccountDBManager;
 import org.iotivity.cloud.accountserver.db.InviteTable;
 import org.iotivity.cloud.accountserver.util.TypeCastingManager;
 import org.iotivity.cloud.base.device.Device;
+import org.iotivity.cloud.base.exception.ServerException.BadRequestException;
 import org.iotivity.cloud.base.protocols.IRequest;
 import org.iotivity.cloud.base.protocols.MessageBuilder;
 import org.iotivity.cloud.base.protocols.enums.ContentFormat;
@@ -119,7 +120,7 @@ public class InviteManager {
 
         List<InviteTable> inviteList = getInviteTableList(
                 Constants.KEYFIELD_INVITE_USER, uid);
-        if (inviteList != null) {
+        if (!inviteList.isEmpty()) {
             invitePayloadData = new ArrayList<>();
             for (InviteTable invite : inviteList) {
                 HashMap<String, String> inviteElement = new HashMap<>();
@@ -132,7 +133,7 @@ public class InviteManager {
 
         List<InviteTable> invitedList = getInviteTableList(
                 Constants.KEYFIELD_INVITED_USER, uid);
-        if (invitedList != null) {
+        if (inviteList.isEmpty()) {
             invitedPayloadData = new ArrayList<>();
             for (InviteTable invited : invitedList) {
                 HashMap<String, String> invitedElement = new HashMap<>();
@@ -186,16 +187,15 @@ public class InviteManager {
     private List<InviteTable> getInviteTableList(String property, String uid) {
 
         InviteTable getInviteTable = new InviteTable();
-        ArrayList<InviteTable> inviteList = null;
+        ArrayList<InviteTable> inviteList = new ArrayList<>();
 
         HashMap<String, Object> condition = new HashMap<>();
         condition.put(property, uid);
         ArrayList<HashMap<String, Object>> mapInviteList = AccountDBManager
                 .getInstance().selectRecord(Constants.INVITE_TABLE, condition);
-        if (!mapInviteList.isEmpty()) {
-            inviteList = new ArrayList<>();
+        if (mapInviteList == null) {
+            throw new BadRequestException("uid is invalid");
         }
-
         for (HashMap<String, Object> mapInviteTable : mapInviteList) {
 
             getInviteTable = mTypeInvite.convertMaptoObject(mapInviteTable,

diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/certificate/CertificateResource.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/certificate/CertificateResource.java
index 3e390c1..8abbea2 100644 (file)
--- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/certificate/CertificateResource.java
+++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/certificate/CertificateResource.java
@@ -78,6 +78,10 @@ public class CertificateResource extends Resource {
         Map<String, Object> payloadData = mCbor
                 .parsePayloadFromCbor(request.getPayload(), HashMap.class);
 
+        if (payloadData == null) {
+            throw new BadRequestException("CBOR parsing failed");
+        }
+
         Map<String, Object> responsePayload = null;
 
         if (payloadData.containsKey(Constants.REQ_CSR)) {

diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/x509/cert/CertificateBuilder.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/x509/cert/CertificateBuilder.java
index cc67ef6..00f3038 100644 (file)
--- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/x509/cert/CertificateBuilder.java
+++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/x509/cert/CertificateBuilder.java
@@ -51,42 +51,47 @@ import org.bouncycastle.operator.OperatorCreationException;
 import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
 
 public class CertificateBuilder {
-    private String mIssuer;
-    private String mSubjectCN;
-    private String mSubjectC;
-    private String mSubjectO;
-    private String mSubjectOU;
-    private String mSubjectAltName;
-    private Date mNotBefore;
-    private Date mNotAfter;
-    private PrivateKey mPrivKey;
-    private PublicKey  mPubKey;
-    private BigInteger mSerial;
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-    private static final String SIGNATURE_ALGORITHM = "SHA256withECDSA";
-    private static final String CURVE = "secp256r1";
+    private String              mIssuer;
+    private String              mSubjectCN;
+    private String              mSubjectC;
+    private String              mSubjectO;
+    private String              mSubjectOU;
+    private String              mSubjectAltName;
+    private Date                mNotBefore;
+    private Date                mNotAfter;
+    private PrivateKey          mPrivKey;
+    private PublicKey           mPubKey;
+    private BigInteger          mSerial;
+    private static final String BC                      = BouncyCastleProvider.PROVIDER_NAME;
+    private static final String SIGNATURE_ALGORITHM     = "SHA256withECDSA";
+    private static final String CURVE                   = "secp256r1";
     private static final String KEY_GENERATOR_ALGORITHM = "ECDSA";
 
-    public CertificateBuilder(String subject, Date notBefore, Date notAfter, BigInteger serial) {
+    public CertificateBuilder(String subject, Date notBefore, Date notAfter,
+            BigInteger serial) {
         Security.addProvider(new BouncyCastleProvider());
         init(subject, null, notBefore, notAfter, null, null, serial);
     }
 
-    public CertificateBuilder(String subject, PublicKey pubKey, Date notBefore, Date notAfter,
-            BigInteger serial, CertificatePrivateKeyPair root) {
-        X500Name x500name = new X500Name( root.getCertificate().getSubjectX500Principal().getName() );
+    public CertificateBuilder(String subject, PublicKey pubKey, Date notBefore,
+            Date notAfter, BigInteger serial, CertificatePrivateKeyPair root) {
+        X500Name x500name = new X500Name(
+                root.getCertificate().getSubjectX500Principal().getName());
         RDN cn = x500name.getRDNs(BCStyle.CN)[0];
-        init(subject, IETFUtils.valueToString(cn.getFirst().getValue()), notBefore, notAfter, root.getKey(), pubKey, serial);
+        init(subject, IETFUtils.valueToString(cn.getFirst().getValue()),
+                notBefore, notAfter, root.getKey(), pubKey, serial);
     }
 
-    public CertificateBuilder(String subject, String issuer, Date notBefore, Date notAfter,
-            PrivateKey privKey, PublicKey pubKey, BigInteger serial) {
+    public CertificateBuilder(String subject, String issuer, Date notBefore,
+            Date notAfter, PrivateKey privKey, PublicKey pubKey,
+            BigInteger serial) {
         Security.addProvider(new BouncyCastleProvider());
         init(subject, issuer, notBefore, notAfter, privKey, pubKey, serial);
     }
 
-    private void init(String subject, String issuer, Date notBefore, Date notAfter,
-            PrivateKey privKey, PublicKey pubKey, BigInteger serial) {
+    private void init(String subject, String issuer, Date notBefore,
+            Date notAfter, PrivateKey privKey, PublicKey pubKey,
+            BigInteger serial) {
         this.mSubjectCN = subject;
         this.mIssuer = issuer;
         this.mNotBefore = notBefore;
@@ -112,10 +117,9 @@ public class CertificateBuilder {
         this.mSubjectAltName = subjectAltName;
     }
 
-    public CertificatePrivateKeyPair build()
-            throws GeneralSecurityException, OperatorCreationException, CertIOException {
-        if(null == mPrivKey && null == mPubKey)
-        {
+    public CertificatePrivateKeyPair build() throws GeneralSecurityException,
+            OperatorCreationException, CertIOException {
+        if (null == mPrivKey && null == mPubKey) {
             ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec(CURVE);
             KeyPairGenerator g = null;
 
@@ -133,31 +137,38 @@ public class CertificateBuilder {
 
         subjectNameBld.addRDN(BCStyle.CN, mSubjectCN);
 
-        if(null != mSubjectOU) {
+        if (null != mSubjectOU) {
             subjectNameBld.addRDN(BCStyle.OU, mSubjectOU);
         }
 
-        if(null != mSubjectO) {
+        if (null != mSubjectO) {
             subjectNameBld.addRDN(BCStyle.O, mSubjectO);
         }
 
-        if(null != mSubjectC) {
+        if (null != mSubjectC) {
             subjectNameBld.addRDN(BCStyle.C, mSubjectC);
         }
 
         X500NameBuilder issuerNameBld = new X500NameBuilder(BCStyle.INSTANCE);
         issuerNameBld.addRDN(BCStyle.CN, mIssuer);
 
-        ContentSigner sigGen = new JcaContentSignerBuilder(SIGNATURE_ALGORITHM).setProvider(BC).build(mPrivKey);
+        if (mPrivKey == null || mPubKey == null)
+            throw new CertIOException("mPrivKey or mPubKey is null!");
 
-        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(issuerNameBld.build(),
-                mSerial, mNotBefore, mNotAfter ,subjectNameBld.build(), mPubKey);
+        ContentSigner sigGen = new JcaContentSignerBuilder(SIGNATURE_ALGORITHM)
+                .setProvider(BC).build(mPrivKey);
 
-        if(null != mSubjectAltName) {
-            certGen.addExtension(Extension.subjectAlternativeName, false, new DEROctetString(mSubjectAltName.getBytes()));
+        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(
+                issuerNameBld.build(), mSerial, mNotBefore, mNotAfter,
+                subjectNameBld.build(), mPubKey);
+
+        if (null != mSubjectAltName) {
+            certGen.addExtension(Extension.subjectAlternativeName, false,
+                    new DEROctetString(mSubjectAltName.getBytes()));
         }
 
-        cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certGen.build(sigGen));
+        cert = new JcaX509CertificateConverter().setProvider("BC")
+                .getCertificate(certGen.build(sigGen));
 
         return new CertificatePrivateKeyPair(cert, mPrivKey);
     }

diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/x509/crl/CrlStore.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/x509/crl/CrlStore.java
index 3ed43f1..19b606a 100644 (file)
--- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/x509/crl/CrlStore.java
+++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/x509/crl/CrlStore.java
@@ -23,6 +23,7 @@ package org.iotivity.cloud.accountserver.x509.crl;
 
 import java.io.FileInputStream;
 import java.io.FileOutputStream;
+import java.io.IOException;
 import java.io.InputStream;
 
 public final class CrlStore {
@@ -35,23 +36,32 @@ public final class CrlStore {
     private static final String CRL_FILE_NAME = "crl";
 
     public static void saveCrl(byte[] crl) {
+
+        FileOutputStream out = null;
         try {
-            FileOutputStream out = new FileOutputStream(CRL_FILE_NAME);
+            out = new FileOutputStream(CRL_FILE_NAME);
             out.write(crl);
-            out.close();
         } catch (java.io.IOException e) {
             e.printStackTrace();
         }
+
+        try {
+            if (out != null)
+                out.close();
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
     }
 
     public static byte[] loadCrl() {
 
+        InputStream f = null;
         try {
-            InputStream f = new FileInputStream(CRL_FILE_NAME);
+            f = new FileInputStream(CRL_FILE_NAME);
             int size = f.available();
             byte data[] = new byte[size];
 
-            if(f.read(data) != data.length) {
+            if (f.read(data) != data.length) {
                 System.err.println("couldn't read crl");
             }
             f.close();
@@ -61,6 +71,13 @@ public final class CrlStore {
             e.printStackTrace();
         }
 
+        try {
+            if (f != null)
+                f.close();
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+
         return null;
     }
 }