Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6867345

Turkish regional options cause NPE in sun.security.x509.AlgorithmId.algOID

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P4
    • Resolution: Fixed
    • Affects Version/s: 6u14
    • Fix Version/s: 7
    • Component/s: security-libs
    • Labels:
    • Subcomponent:
    • Resolved In Build:
      b105
    • CPU:
      x86
    • OS:
      windows_xp
    • Verification:
      Verified

      Description

      FULL PRODUCT VERSION :
      java version "1.6.0_14"
      Java(TM) SE Runtime Environment (build 1.6.0_14-b08)
      Java HotSpot(TM) Client VM (build 14.0-b16, mixed mode, sharing)

      ADDITIONAL OS VERSION INFORMATION :
      Microsoft Windows XP [Version 5.1.2600]

      EXTRA RELEVANT SYSTEM CONFIGURATION :
      Turkish regional options (under regional settings control panel)

      A DESCRIPTION OF THE PROBLEM :
      I tried to create instance of javax.crypto.EncryptedPrivateKeyInfo class on machine with Turkish regional options, i.e. Locale.getDefault() gives TR locale.
      and the constructor fails with NullPointerexception originating from
      sun.security.x509.AlgorithmId.algOID()
      If regional options are changed to English, the attached code runs without any exception.
      I assume that the problem has something to do with string manipulations that do not take into account the locale, like String.startsWith()
      see steps to reproduce.


      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      run the source code

      ACTUAL -

      java.lang.NullPointerException
      at sun.security.x509.AlgorithmId.algOID(AlgorithmId.java:551)
      at sun.security.x509.AlgorithmId.get(AlgorithmId.java:417)
      at javax.crypto.EncryptedPrivateKeyInfo.<init>(DashoA13*..)
      at TestTest.main(TestTest.java:63)

      REPRODUCIBILITY :
      This bug can be reproduced always.

      ---------- BEGIN SOURCE ----------
      public static void main(String[] args) {
                      char[] password = "somepass".toCharArray();
              PBEKeySpec pbeKeySpec = new PBEKeySpec(password);
              byte[] salt = new byte[8];

              new SecureRandom().nextBytes(salt);

              try {
                  PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt, 500);

                  // convert password into a SecretKey object, using a PBE key factory.
                  SecretKeyFactory keyFac = SecretKeyFactory.getInstance("PBEWITHMD5ANDDES");
                  SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);

                  // Create PBE Cipher
                  Cipher pbeCipher = Cipher.getInstance("PBEWITHMD5ANDDES");

                  // Initialize PBE Cipher with key and parameters
                  pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);

                  byte[] encryptedPrivKey = pbeCipher.doFinal(new byte[]{1,2,3,4,5,6,7,8,9});

                  AlgorithmParameters algo = AlgorithmParameters.getInstance("PBEWITHMD5ANDDES");

                  algo.init(pbeParamSpec);

                  EncryptedPrivateKeyInfo result = new EncryptedPrivateKeyInfo(algo, encryptedPrivKey);


              } catch (Exception failed) {

                  failed.printStackTrace();
              }
      }
      ---------- END SOURCE ----------

      CUSTOMER SUBMITTED WORKAROUND :
      set the locale to US_en in JVM parameters
      (-Duser.country=US -Duser.language=en)

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                xuelei Xue-Lei Fan
                Reporter:
                ndcosta Nelson Dcosta (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: