RFR: 8236671: NullPointerException in JKS keystore
Sean Coffey
coffeys at openjdk.java.net
Tue Apr 20 20:09:05 UTC 2021
On Tue, 20 Apr 2021 17:00:40 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
> It looks like a public behavior change to me. Did you want to file a CSR and update the specification (KeyStore) as well? I think it would be nice if we could keep use the old exception, IllegalArgumentException, as described in the bug.
@XueleiFan - The spec in question has been broken for almost 3 years with the throwing of NPE.
One issue here is that Sun provider with JKS keystore will throw IllegalArgumentException in older JDK versions but the SunJCE provider and JCEKS keystore throws KeyStoreException when null password is encountered . There's a mismatch. To me, it looks like KeyStoreException is the correct exception in such scenarios (and according to API spec)
I can file a CSR to have the implementation adhere to spec if that's desired.
-------------
PR: https://git.openjdk.java.net/jdk/pull/3588
More information about the security-dev
mailing list