TrustService construction fails unless tsl:DigitalId/tsl:X509Certificate is the first subelement

What steps will reproduce the problem?
1. Open the attached TSL file
2. Navigate to the first CSP, fifth service

What is the expected output? What do you see instead?
A NPE ensues:
Exception in thread "AWT-EventQueue-0" java.lang.NullPointerException
        at java.io.ByteArrayInputStream.<init>(ByteArrayInputStream.java:89)
        at
be.fedict.eid.tsl.TrustService.getServiceDigitalIdentity(TrustService.java:265)
        at
be.fedict.eid.tsl.tool.TslInternalFrame.valueChanged(TslInternalFrame.java:276)
        at javax.swing.JTree.fireValueChanged(JTree.java:2820)
        at
javax.swing.JTree$TreeSelectionRedirector.valueChanged(JTree.java:3191)
        at
javax.swing.tree.DefaultTreeSelectionModel.fireValueChanged(DefaultTreeSelection
Model.java:629)
        at
javax.swing.tree.DefaultTreeSelectionModel.notifyPathChange(DefaultTreeSelection
Model.java:1078)
        at
javax.swing.tree.DefaultTreeSelectionModel.setSelectionPaths(DefaultTreeSelectio
nModel.java:287)
        at
javax.swing.tree.DefaultTreeSelectionModel.setSelectionPath(DefaultTreeSelection
Model.java:170)
        at javax.swing.JTree.setSelectionPath(JTree.java:1598)
        at
javax.swing.plaf.basic.BasicTreeUI.selectPathForEvent(BasicTreeUI.java:2311)
        at
javax.swing.plaf.basic.BasicTreeUI$Handler.handleSelection(BasicTreeUI.java:3520
)
        at
javax.swing.plaf.basic.BasicTreeUI$Handler.mousePressed(BasicTreeUI.java:3459)
        at java.awt.Component.processMouseEvent(Component.java:6260)
        at javax.swing.JComponent.processMouseEvent(JComponent.java:3255)
        at java.awt.Component.processEvent(Component.java:6028)
        at java.awt.Container.processEvent(Container.java:2041)
        at java.awt.Component.dispatchEventImpl(Component.java:4630)
        at java.awt.Container.dispatchEventImpl(Container.java:2099)
        at java.awt.Component.dispatchEvent(Component.java:4460)
        at
java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4574)
        at
java.awt.LightweightDispatcher.processMouseEvent(Container.java:4235)
        at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4168)
        at java.awt.Container.dispatchEventImpl(Container.java:2085)
        at java.awt.Window.dispatchEventImpl(Window.java:2475)
        at java.awt.Component.dispatchEvent(Component.java:4460)
        at java.awt.EventQueue.dispatchEvent(EventQueue.java:599)
        at
java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:269
)
        at
java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:184)
        at
java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:174
)
        at
java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:169)
        at
java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:161)
        at java.awt.EventDispatchThread.run(EventDispatchThread.java:122)

What version of the product are you using? On what operating system?
I'm using the binary snapshot downloaded yesterday in the morning.
Windows XP, alas.

Please provide any additional information below.
We should probably loop through all digital ids and grab the first one that
contains the X.509 certificate.

Original issue reported on code.google.com by jan.dvo...@mathan.cz on 3 Dec 2009 at 6:04

Attachments:

TSL_CZ.xml

Here is a patch:
Index: src/main/java/be/fedict/eid/tsl/TrustService.java
===================================================================
--- src/main/java/be/fedict/eid/tsl/TrustService.java   (revision 42)
+++ src/main/java/be/fedict/eid/tsl/TrustService.java   (working copy)
@@ -281,17 +281,21 @@
                                .getServiceInformation();
                DigitalIdentityListType digitalIdentityList = tspServiceInformation
                                .getServiceDigitalIdentity();
-               List<DigitalIdentityType> digitalIdentities = 
digitalIdentityList
-                               .getDigitalId();
-               DigitalIdentityType digitalIdentity = digitalIdentities.get(0);
-               byte[] x509CertificateData = 
digitalIdentity.getX509Certificate();
                try {
-                       CertificateFactory certificateFactory = 
CertificateFactory
-                                       .getInstance("X.509");
-                       X509Certificate certificate = (X509Certificate) 
certificateFactory
-                                       .generateCertificate(new 
ByteArrayInputStream(
-                                                       x509CertificateData));
-                       return certificate;
+                       final CertificateFactory certificateFactory = 
CertificateFactory.getInstance("X.509");
+                       for ( final DigitalIdentityType digitalIdentity : 
digitalIdentityList.getDigitalId() ) {
+                               byte[] x509CertificateData = 
digitalIdentity.getX509Certificate();
+                               if ( x509CertificateData != null ) {
+                                       try {
+                                               X509Certificate certificate = 
(X509Certificate) certificateFactory
+                                                               
.generateCertificate(new 
ByteArrayInputStream(x509CertificateData));
+                                               return certificate;
+                                       } catch (CertificateException e) {
+                                               throw new 
RuntimeException("X509 
error: " + e.getMessage(), e);
+                                       }
+                               }
+                       }
+                       throw new RuntimeException("No X509Certificate identity 
specified");
                } catch (CertificateException e) {
                        throw new RuntimeException("X509 error: " + e.getMessage(), 
e);
                }

Original comment by jan.dvo...@mathan.cz on 5 Dec 2009 at 10:26

Fedict / eid-tsl

TrustService construction fails unless tsl:DigitalId/tsl:X509Certificate is the first subelement #1