Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8079129

NullPointerException in PKCS#12 Keystore in PKCS12KeyStore.java

    Details

    • Subcomponent:
    • Resolved In Build:
      b64
    • CPU:
      x86_64
    • OS:
      windows_7
    • Verification:
      Verified

      Backports

        Description

        FULL PRODUCT VERSION :
        java version "1.8.0_20"
        Java(TM) SE Runtime Environment (build 1.8.0_20-b26)
        Java HotSpot(TM) Client VM (build 25.20-b23, mixed mode)

        Also in Java SE Embedded ejre1.8.0_06

        ADDITIONAL OS VERSION INFORMATION :
        Microsoft Windows [Version 6.1.7601]

        A DESCRIPTION OF THE PROBLEM :
        The keystore save operation fails when the KeyStore contains only TrustedCertificateEntry or SecretKeyEntry entries.


        java.lang.NullPointerException
        at sun.security.pkcs12.PKCS12KeyStore.createEncryptedData(PKCS12KeyStore.java:1620)
        at sun.security.pkcs12.PKCS12KeyStore.engineStore(PKCS12KeyStore.java:1151)
        at java.security.KeyStore.store(KeyStore.java:1365)


        In PKCS12KeyStore.java createEncryptedData function only checks PrivateKeyEntry and CertEntry instances. As "chainLen = 1" and "Certificate[] certs" is not populated it throws NullPointerException;

        STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
        Create a PKCS12 keystore with only one TrustedCertificateEntry and one SecretKeyEntry and try to save the file.



        EXPECTED VERSUS ACTUAL BEHAVIOR :
        EXPECTED -
        Keystore saved to given path
        ACTUAL -
        java.lang.NullPointerException

        at sun.security.pkcs12.PKCS12KeyStore.createEncryptedData(PKCS12KeyStore.java:1620)
        at sun.security.pkcs12.PKCS12KeyStore.engineStore(PKCS12KeyStore.java:1151)
        at java.security.KeyStore.store(KeyStore.java:1365)

        ERROR MESSAGES/STACK TRACES THAT OCCUR :
        java.lang.NullPointerException

        at sun.security.pkcs12.PKCS12KeyStore.createEncryptedData(PKCS12KeyStore.java:1620)
        at sun.security.pkcs12.PKCS12KeyStore.engineStore(PKCS12KeyStore.java:1151)
        at java.security.KeyStore.store(KeyStore.java:1365)

        REPRODUCIBILITY :
        This bug can be reproduced always.

        ---------- BEGIN SOURCE ----------
        KeyStore ks = KeyStore.getInstance("pkcs12");
        ks.load(null, null);
        ks.setCertificateEntry("aaa", getTrustedCertificate());
        ks.setKeyEntry("bbb", key, passwd, null);
        ks.store(new FileOutputStream("deneme.p12", passwd);
        ---------- END SOURCE ----------

        CUSTOMER SUBMITTED WORKAROUND :
        Store SecretKey and TrustedCertificates in different keystores

        SUPPORT :
        YES

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  vinnie Vincent Ryan
                  Reporter:
                  webbuggrp Webbug Group
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  7 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: