code review request: 7047200: keytool safe store (was Misleading error message)

Xuelei Fan xuelei.fan at oracle.com
Fri Sep 9 00:52:23 UTC 2011 

KeyStore.store() will damage the key store/output stream because of
java.lang.IllegalArgumentException: password can't be null, is it right?

It seems that before the exception, there is nothing write to the output
stream. I'm not sure why the key store will be damaged. What's you
evaluation?

Thanks,
Xuelei

On 9/8/2011 5:13 PM, Weijun Wang wrote:
> 
> Bug weblink: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7047200
> Webrev: http://cr.openjdk.java.net/~weijun/7047200/webrev.00/
> 
> The original bug report is a false report. However, because of a simple
> input error, the keystore file is damaged permanently. This is
> definitely not a nice user experience.
> 
> The fix stores the keystore content to a byte array first before writing
> it to a file. An alternative way would be store the content to a new
> file name and then do a remove-and-rename, but since keystore files are
> normally small, it's not worth trying.
> 
> Thanks
> Max
> 
> On 06/29/2011 08:50 AM, weijun.wang at oracle.com wrote:
>> 7047200: keytool safe store (was Misleading error message)
>>
>>
>> === *Description*
>> ============================================================
>> FULL PRODUCT VERSION :
>> java version "1.6.0_25"
>> Java(TM) SE Runtime Environment (build 1.6.0_25-b06)
>> Java HotSpot(TM) Client VM (build 20.0-b11, mixed mode, sharing)
>>
>> ADDITIONAL OS VERSION INFORMATION :
>> Microsoft Windows XP [Version 5.1.2600]
>> (C) Copyright 1985-2001 Microsoft Corp.
>>
>> A DESCRIPTION OF THE PROBLEM :
>> Why is an error being generated after I key in the password twice?
>>
>> REGRESSION.  Last worked in version 6u25
>>
>> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
>> Command Line
>> Microsoft Windows XP [Version 5.1.2600]
>> (C) Copyright 1985-2001 Microsoft Corp.
>>
>> C:\Documents and Settings\Jon>keytool -genkeypair -v -protected -alias
>> jon -file
>> certif.file
>> What is your first and last name?
>> [Unknown]: Jon C.
>> What is the name of your organizational unit?
>> [Unknown]: @Jon's
>> What is the name of your organization?
>> [Unknown]: @Jon's
>> What is the name of your City or Locality?
>> [Unknown]: Birkirkara
>> What is the name of your State or Province?
>> [Unknown]: Malta(EU)
>> What is the two-letter country code for this unit?
>> [Unknown]: MT
>> Is CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT
>> correct?
>> [no]: yes
>>
>> Generating 1,024 bit DSA key pair and self-signed certificate
>> (SHA1withDSA) with
>> a validity of 90 days
>> for: CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT
>> Enter key password for<jon>
>> (RETURN if same as keystore password):
>> Re-enter new password:
>> [Storing C:\Documents and Settings\Jon\.keystore]
>>
>>
>> EXPECTED VERSUS ACTUAL BEHAVIOR :
>> EXPECTED -
>> PKI should be generated
>> ACTUAL -
>> Error message is displayed.
>>
>> ERROR MESSAGES/STACK TRACES THAT OCCUR :
>> keytool error: java.lang.IllegalArgumentException: password can't be null
>> java.lang.IllegalArgumentException: password can't be null
>> at sun.security.provider.JavaKeyStore.engineStore(JavaKeyStore.java:508)
>>
>> at sun.security.provider.JavaKeyStore$JKS.engineStore(JavaKeyStore.java:
>> 38)
>> at java.security.KeyStore.store(KeyStore.java:1117)
>> at sun.security.tools.KeyTool.doCommands(KeyTool.java:901)
>> at sun.security.tools.KeyTool.run(KeyTool.java:171)
>> at sun.security.tools.KeyTool.main(KeyTool.java:165)
>>
>> REPRODUCIBILITY :
>> This bug can be reproduced always.
>>
>> === *Evaluation*
>> =============================================================
>> This is mainly a user error:
>>
>>> keytool -genkeypair -v -protected -alias jon -file certif.file
>>
>> 1. Does the user intent to create a new keystore certif.file? If so,
>> please use "-keystore certif.file".
>>
>> 2. The default keystore type at the moment, JKS, is file-based. So, do
>> not specify "-protected". This option is for token-based keystores
>> which has their own special protection mechanism.
>>
>> Having said that, we can enhance keytool to deal with this user input
>> error more friendly.

More information about the security-dev mailing list