Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8266279

8u292 NoSuchAlgorithmException unrecognized algorithm name: PBEWithSHA1AndDESede

    XMLWordPrintable

    Details

      Description

      ADDITIONAL SYSTEM INFORMATION :
      Windows Server 2019 Standard

      openjdk version "1.8.0_292"
      OpenJDK Runtime Environment (AdoptOpenJDK)(build 1.8.0_292-b10)
      OpenJDK 64-Bit Server VM (AdoptOpenJDK)(build 25.292-b10, mixed mode)

      A DESCRIPTION OF THE PROBLEM :
      NoSuchAlgorithmException exception is thrown when invoking java.security.KeyStore.setKeyEntry(String alias, Key key, char[] password, Certificate[] chain) method.

      The root cause is at: sun.security.x509.AlgorithmId.get(AlgorithmId.java:448), and it does not appear to be related to the input arguments passed to the setKeyEntry method.

      It's possible that other factors, like order of other classes being loaded, are impacting the correct initialization/loading of oidTable in AlgorithmId, and result in incomplete populating of algorithms in oidTable.

      In addition to setKeyEntry, the issue can be also be reproduced by invoking: new
      EncryptedPrivateKeyInfo("PBEWithSHA1AndDESede", new byte[] {0}). Moreover, the issue can also be reproduced by directly invoking sun.security.x509.AlgorithmId.get("PBEWithSHA1AndDESede") under certain conditions (see sample code).

      Not reproducible using: 8u282-b08, 11.0.11+9.


      REGRESSION : Last worked in version 8

      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      There are two different, minimal ways to reproduce this issue:

      Example 1: Using bouncycastle (Eclipse IDE not required):
      ---------------------------------------------------------------
      Compile and run the program on command line with bouncy castle (https://bouncycastle.org/download/bcprov-jdk15on-168.jar) JAR in classpath.

      javac -cp bcprov-jdk15on-168.jar TestAlgorithm.java
      java -cp bcprov-jdk15on-168.jar;. TestAlgorithm


      Example 2: Using Eclipse IDE Debug:
      ----------------------------------------
      - Create Java file in Eclipse. Do not add any breakpoint.
      - Compile.
      - Right click and Debug as Java Application.


      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      Example 1: using bouncycastle:
      No exception.

      Example 2: using Eclipse IDE Debug:
      No exception.
      ACTUAL -
      Example 1: using bouncycastle:
      ----------------------------------
      Exception in thread "main" java.security.NoSuchAlgorithmException: unrecognized algorithm name: PBEWithSHA1AndDESede
              at sun.security.x509.AlgorithmId.get(AlgorithmId.java:448)
              at javax.crypto.EncryptedPrivateKeyInfo.<init>(EncryptedPrivateKeyInfo.java:137)
              at TestAlgorithm.main(TestAlgorithm.java:8)

      Example 2: using Eclipse IDE Debug:
      ---------------------------------------
      Exception in thread "main" java.security.NoSuchAlgorithmException: unrecognized algorithm name: PBEWithSHA1AndDESede
      at sun.security.x509.AlgorithmId.get(AlgorithmId.java:448)
      at javax.crypto.EncryptedPrivateKeyInfo.<init>(EncryptedPrivateKeyInfo.java:137)
      at TestAlgorithmEclipseDebug.main(TestAlgorithmEclipseDebug.java:6)

      ---------- BEGIN SOURCE ----------
      Example 1: using bouncycastle:

      TestAlgorithm.java
      ---------------------

      import javax.crypto.EncryptedPrivateKeyInfo;

      import org.bouncycastle.asn1.x500.X500Name;

      public class TestAlgorithm {
          public static void main(String[] args) throws Exception {
              new X500Name("CN=Test");
              new EncryptedPrivateKeyInfo("PBEWithSHA1AndDESede", new byte[] { 0 });
              // Or use sun package directly.
              // sun.security.x509.AlgorithmId.get("PBEWithSHA1AndDESede");
          }
      }

      ---------------------------------------------

      Example 2: using Eclipse IDE Debug:

      TestAlgorithmEclipseDebug.java
      -----------------------------------

      import javax.crypto.EncryptedPrivateKeyInfo;

      public class TestAlgorithmEclipseDebug {

          public static void main(String[] args) throws Exception {
              new EncryptedPrivateKeyInfo("PBEWithSHA1AndDESede", new byte[] { 0 });
              // Or use sun package directly.
              // sun.security.x509.AlgorithmId.get("PBEWithSHA1AndDESede");
          }
      }
      ---------- END SOURCE ----------

      CUSTOMER SUBMITTED WORKAROUND :
      A static block like the following to load the oidTable first could be tried in simple cases like Example 1. But this does not work for Example 2.

      static {
              try {
                  sun.security.x509.AlgorithmId.get("PBEWithSHA1AndDESede");
              } catch (NoSuchAlgorithmException e) {
                  e.printStackTrace();
              }
          }

      FREQUENCY : always


        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              webbuggrp Webbug Group
              Votes:
              1 Vote for this issue
              Watchers:
              9 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: