RFR: 8236671: NullPointerException in JKS keystore [v2]

Will Sargent will.sargent at gmail.com
Mon May 24 17:53:23 UTC 2021 

I have tried to sign up to the bug tracking system (through reset password
I think?) but I'm not getting an email out, so I can't add to the bug.

I have created a test case in Github:

https://github.com/wsargent/jca-key-failure/

The stack trace shows the invalid key store entry after saving and loading
it again.

https://github.com/wsargent/jca-key-failure/blob/main/src/main/java/com/tersesystems/jcakeyfailure/JcaKeyFailure.java#L68

On Fri, Apr 30, 2021 at 12:40 PM Seán Coffey <sean.coffey at oracle.com> wrote:

> Thanks for the feedback Will. It would be useful if you can provide a
> testcase and/or add comments to JDK-8266351
> <https://bugs.openjdk.java.net/browse/JDK-8266351> on your experience.
>
> regards,
> Sean.
> On 30/04/2021 17:54, Will Sargent wrote:
>
> > KeyStore specification will be tightened up via another bug record
>
> This would be super helpful, as one thing that confuses me is what the
> relationship is between a key entry and a key alias -- in particular, the
> existence alias doesn't seem to guarantee a valid entry that can be
> retrieved.
>
> In JDK 11 it's possible to create a private key with a keystore using
> pkcs12.setKeyEntry() (see link below):
>
>
> https://github.com/tersesystems/securitybuilder/blob/master/lib/src/test/java/com/tersesystems/securitybuilder/PrivateKeyStoreTest.java#L135
>
> and then have a null pointer exception when retrieving the entry from the
> alias because the certificate chain is null (see commented out "testSystem"
> use case):
>
>
> https://github.com/tersesystems/securitybuilder/blob/master/lib/src/test/java/com/tersesystems/securitybuilder/PrivateKeyStoreTest.java#L27
>
> I can write this up into a formal bug if that helps.
>
> On Fri, Apr 30, 2021 at 2:30 AM Sean Coffey <coffeys at openjdk.java.net>
> wrote:
>
>> On Wed, 28 Apr 2021 12:39:42 GMT, Sean Coffey <coffeys at openjdk.org>
>> wrote:
>>
>> >> Trivial enough change. Improved the exception thrown from JceKeyStore
>> also.
>> >
>> > Sean Coffey has updated the pull request with a new target base due to
>> a merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains four additional
>> commits since the last revision:
>> >
>> >  - Check for null before try block
>> >  - Merge branch 'master' of https://github.com/openjdk/jdk into
>> JDK-8236671-NPE
>> >  - Fix white space
>> >  - 8236671: NullPointerException in JKS keystore
>>
>> KeyStore specification will be tightened up via another bug record:
>> https://bugs.openjdk.java.net/browse/JDK-8266351
>>
>> -------------
>>
>> PR: https://git.openjdk.java.net/jdk/pull/3588
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20210524/48f95de0/attachment.htm>

More information about the security-dev mailing list