From 3ab2518f5ceea45035e915e3a32701ea32dfa9c3 Mon Sep 17 00:00:00 2001
From: Les Hazlewood <121180+lhazlewood@users.noreply.github.com>
Date: Wed, 30 Aug 2023 13:06:01 -0700
Subject: [PATCH] - PKCS11 Certificate access adjustment on JVMs that don't
 support a discovered algorithm

---
 .../io/jsonwebtoken/impl/security/TestCertificates.groovy | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/impl/src/test/groovy/io/jsonwebtoken/impl/security/TestCertificates.groovy b/impl/src/test/groovy/io/jsonwebtoken/impl/security/TestCertificates.groovy
index 6dcd791f3..90598c840 100644
--- a/impl/src/test/groovy/io/jsonwebtoken/impl/security/TestCertificates.groovy
+++ b/impl/src/test/groovy/io/jsonwebtoken/impl/security/TestCertificates.groovy
@@ -117,15 +117,17 @@ class TestCertificates {
 
             for (Identifiable alg : algs) {
                 def priv = null
+                def cert = null
                 def pub
-                def cert
                 try {
                     priv = ks.getKey(alg.id, pin) as PrivateKey
                     //println "key: $key"
                 } catch (Throwable ignored) { // cannot load on current JVM (algorithm not available)
                 }
-
-                cert = ks.getCertificate(alg.id) as X509Certificate
+                try {
+                    cert = ks.getCertificate(alg.id) as X509Certificate
+                } catch (Throwable ignored) { // cannot load on current JVM (algorithm not available)
+                }
                 if (cert != null) { // will be null for PS* algs since SoftHSM2 doesn't support them yet
                     pub = cert.getPublicKey()
                     def bundle = new TestKeys.Bundle(alg, pub, priv, cert)