RFR: 8236671: NullPointerException in JKS keystore [v2]

Seán Coffey sean.coffey at oracle.com
Fri Apr 30 19:39:48 UTC 2021 

Thanks for the feedback Will. It would be useful if you can provide a 
testcase and/or add comments to JDK-8266351 
<https://bugs.openjdk.java.net/browse/JDK-8266351> on your experience.

regards,
Sean.

On 30/04/2021 17:54, Will Sargent wrote:
> > KeyStore specification will be tightened up via another bug record
>
> This would be super helpful, as one thing that confuses me is what the 
> relationship is between a key entry and a key alias -- in particular, 
> the existence alias doesn't seem to guarantee a valid entry that can 
> be retrieved.
>
> In JDK 11 it's possible to create a private key with a keystore using 
> pkcs12.setKeyEntry() (see link below):
>
> https://github.com/tersesystems/securitybuilder/blob/master/lib/src/test/java/com/tersesystems/securitybuilder/PrivateKeyStoreTest.java#L135 
> <https://github.com/tersesystems/securitybuilder/blob/master/lib/src/test/java/com/tersesystems/securitybuilder/PrivateKeyStoreTest.java#L135>
>
> and then have a null pointer exception when retrieving the entry from 
> the alias because the certificate chain is null (see commented out 
> "testSystem" use case):
>
> https://github.com/tersesystems/securitybuilder/blob/master/lib/src/test/java/com/tersesystems/securitybuilder/PrivateKeyStoreTest.java#L27 
> <https://github.com/tersesystems/securitybuilder/blob/master/lib/src/test/java/com/tersesystems/securitybuilder/PrivateKeyStoreTest.java#L27>
>
> I can write this up into a formal bug if that helps.
>
> On Fri, Apr 30, 2021 at 2:30 AM Sean Coffey <coffeys at openjdk.java.net 
> <mailto:coffeys at openjdk.java.net>> wrote:
>
>     On Wed, 28 Apr 2021 12:39:42 GMT, Sean Coffey <coffeys at openjdk.org
>     <mailto:coffeys at openjdk.org>> wrote:
>
>     >> Trivial enough change. Improved the exception thrown from
>     JceKeyStore also.
>     >
>     > Sean Coffey has updated the pull request with a new target base
>     due to a merge or a rebase. The incremental webrev excludes the
>     unrelated changes brought in by the merge/rebase. The pull request
>     contains four additional commits since the last revision:
>     >
>     >  - Check for null before try block
>     >  - Merge branch 'master' of https://github.com/openjdk/jdk
>     <https://github.com/openjdk/jdk> into JDK-8236671-NPE
>     >  - Fix white space
>     >  - 8236671: NullPointerException in JKS keystore
>
>     KeyStore specification will be tightened up via another bug
>     record: https://bugs.openjdk.java.net/browse/JDK-8266351
>     <https://bugs.openjdk.java.net/browse/JDK-8266351>
>
>     -------------
>
>     PR: https://git.openjdk.java.net/jdk/pull/3588
>     <https://git.openjdk.java.net/jdk/pull/3588>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20210430/6acb3641/attachment.htm>

More information about the security-dev mailing list