Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8165751

NPE hit with java.security.debug=provider

    Details

    • Subcomponent:
    • Resolved In Build:
      b150
    • Verification:
      Verified

      Backports

        Description

        3rd party Jsafe provider registered in JDK. When initializing and debugging via java.security.debug=provider flag, we hit an NPE :

             [java] Provider: MessageDigest.SHA-256 algorithm from: SUN
             [java] Provider: Signature.SHA256withRSA verification algorithm from: SunRsaSign
             [java] Provider: MessageDigest.SHA-256 algorithm from: SUN
             [java] Provider: MessageDigest.SHA algorithm from: JsafeJCE
             [java] Exception in thread "main" java.lang.ExceptionInInitializerError
             [java] at javax.crypto.JceSecurity.loadPolicies(JceSecurity.java:318)
             [java] at javax.crypto.JceSecurity.setupJurisdictionPolicies(JceSecurity.java:263)
             [java] at javax.crypto.JceSecurity.access$000(JceSecurity.java:48)
             [java] at javax.crypto.JceSecurity$1.run(JceSecurity.java:81)
             [java] at java.security.AccessController.doPrivileged(Native Method)
             [java] at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:78)
             [java] at javax.crypto.SecretKeyFactory.getInstance(SecretKeyFactory.java:204)
             [java] at jce.common.AESKeyUtil.getSecretKey(AESKeyUtil.java:64)
             [java] at jce.asymCipher.RSAEncryptWithOAEP.runSample(RSAEncryptWithOAEP.java:86)
             [java] at jce.asymCipher.RSAEncryptWithOAEP.main(RSAEncryptWithOAEP.java:56)
             [java] Caused by: java.lang.SecurityException: Framework jar verification can not be initialized
             [java] at javax.crypto.JarVerifier.<clinit>(JarVerifier.java:189)
             [java] ... 10 more
             [java] Caused by: java.lang.NullPointerException
             [java] at java.security.Signature.initVerify(Signature.java:462)
             [java] at com.rsa.cryptoj.o.pq.a(Unknown Source)
             [java] at com.rsa.cryptoj.o.pq.verify(Unknown Source)
             [java] at javax.crypto.JarVerifier.testSignatures(JarVerifier.java:737)
             [java] at javax.crypto.JarVerifier.access$400(JarVerifier.java:34)
             [java] at javax.crypto.JarVerifier$1.run(JarVerifier.java:183)
             [java] at javax.crypto.JarVerifier$1.run(JarVerifier.java:149)
             [java] at java.security.AccessController.doPrivileged(Native Method)
             [java] at javax.crypto.JarVerifier.<clinit>(JarVerifier.java:148)

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  apetcher Adam Petcher
                  Reporter:
                  coffeys Sean Coffey
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  5 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: