From 899c176b1d25cf0bd5b33dcb61a9f7d73e549a4b Mon Sep 17 00:00:00 2001
From: Dmitriy Tverdiakov <dmitriy.tverdiakov@neo4j.com>
Date: Tue, 8 Mar 2022 16:28:56 +0000
Subject: [PATCH] Add safety checks to
 Config.TrustStrategy.trustCustomCertificateSignedBy

---
 driver/src/main/java/org/neo4j/driver/Config.java | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/driver/src/main/java/org/neo4j/driver/Config.java b/driver/src/main/java/org/neo4j/driver/Config.java
index 75377bcb9f..3f0c0f6947 100644
--- a/driver/src/main/java/org/neo4j/driver/Config.java
+++ b/driver/src/main/java/org/neo4j/driver/Config.java
@@ -838,11 +838,16 @@ public TrustStrategy withoutHostnameVerification()
          * The certificate(s) in the file(s) must be encoded using PEM encoding, meaning the certificates in the file(s) should be encoded using Base64, and
          * each certificate is bounded at the beginning by "-----BEGIN CERTIFICATE-----", and bounded at the end by "-----END CERTIFICATE-----".
          *
-         * @param certFiles the trusted certificate files
+         * @param certFiles the trusted certificate files, it must not be {@code null} or empty
          * @return an authentication config
          */
         public static TrustStrategy trustCustomCertificateSignedBy( File... certFiles )
         {
+            Objects.requireNonNull( certFiles, "certFiles can't be null" );
+            if ( certFiles.length == 0 )
+            {
+                throw new IllegalArgumentException( "certFiles can't be empty" );
+            }
             return new TrustStrategy( Strategy.TRUST_CUSTOM_CA_SIGNED_CERTIFICATES, Arrays.asList( certFiles ) );
         }