From b74d341ee16175df080379e5752cb91b93124d45 Mon Sep 17 00:00:00 2001 From: Lubos Racansky Date: Mon, 4 Sep 2023 11:07:49 +0200 Subject: [PATCH] Fix #994: Coverity: Unlogged security exception --- .../service/behavior/tasks/ActivationServiceBehavior.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/ActivationServiceBehavior.java b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/ActivationServiceBehavior.java index d9bdd05b9..cc755fa91 100644 --- a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/ActivationServiceBehavior.java +++ b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/ActivationServiceBehavior.java @@ -188,7 +188,6 @@ private void handleInvalidPublicKey(ActivationRecordEntity activation) throws Ge activation.setActivationStatus(ActivationStatus.REMOVED); activationHistoryServiceBehavior.saveActivationAndLogChange(activation); callbackUrlBehavior.notifyCallbackListenersOnActivationChange(activation); - logger.warn("Invalid public key, activation ID: {}", activation.getActivationId()); // Exception must not be rollbacking, otherwise data written to database in this method would be lost throw localizationProvider.buildExceptionForCode(ServiceError.ACTIVATION_NOT_FOUND); } @@ -938,6 +937,8 @@ public PrepareActivationResponse prepareActivation(String activationCode, String try { devicePublicKey = keyConversion.convertBytesToPublicKey(devicePublicKeyBytes); } catch (InvalidKeySpecException ex) { + logger.warn("Invalid public key, activation ID: {}", activation.getActivationId()); + logger.debug("Invalid public key, activation ID: {}", activation.getActivationId(), ex); handleInvalidPublicKey(activation); }