(JDK-8266351) Re: [External] : Re: RFR: 8236671: NullPointerException in JKS keystore [v2]

Seán Coffey sean.coffey at oracle.com
Fri May 28 15:32:05 UTC 2021 

Thanks for the pointers Will.

I've added your details to the JDK-8266351 bug report.
https://bugs.openjdk.java.net/browse/JDK-8266351

regards,
Sean.

On 24/05/2021 18:53, Will Sargent wrote:
> I have tried to sign up to the bug tracking system (through reset 
> password I think?) but I'm not getting an email out, so I can't add to 
> the bug.
>
> I have created a test case in Github:
>
> https://github.com/wsargent/jca-key-failure/ 
> <https://urldefense.com/v3/__https://github.com/wsargent/jca-key-failure/__;!!GqivPVa7Brio!KZTaOe6TkXX8t-ZTaptDzm3RETFWZV4O6xj-7_iS2CF-NV4g7FxSSzYEweeXM5lj3g$>
>
> The stack trace shows the invalid key store entry after saving and 
> loading it again.
>
> https://github.com/wsargent/jca-key-failure/blob/main/src/main/java/com/tersesystems/jcakeyfailure/JcaKeyFailure.java#L68 
> <https://urldefense.com/v3/__https://github.com/wsargent/jca-key-failure/blob/main/src/main/java/com/tersesystems/jcakeyfailure/JcaKeyFailure.java*L68__;Iw!!GqivPVa7Brio!KZTaOe6TkXX8t-ZTaptDzm3RETFWZV4O6xj-7_iS2CF-NV4g7FxSSzYEweeC27YT_w$>
>
> On Fri, Apr 30, 2021 at 12:40 PM Seán Coffey <sean.coffey at oracle.com 
> <mailto:sean.coffey at oracle.com>> wrote:
>
>     Thanks for the feedback Will. It would be useful if you can
>     provide a testcase and/or add comments to JDK-8266351
>     <https://bugs.openjdk.java.net/browse/JDK-8266351> on your experience.
>
>     regards,
>     Sean.
>
>     On 30/04/2021 17:54, Will Sargent wrote:
>>     > KeyStore specification will be tightened up via another bug record
>>
>>     This would be super helpful, as one thing that confuses me is
>>     what the relationship is between a key entry and a key alias --
>>     in particular, the existence alias doesn't seem to guarantee a
>>     valid entry that can be retrieved.
>>
>>     In JDK 11 it's possible to create a private key with a keystore
>>     using pkcs12.setKeyEntry() (see link below):
>>
>>     https://github.com/tersesystems/securitybuilder/blob/master/lib/src/test/java/com/tersesystems/securitybuilder/PrivateKeyStoreTest.java#L135
>>     <https://urldefense.com/v3/__https://github.com/tersesystems/securitybuilder/blob/master/lib/src/test/java/com/tersesystems/securitybuilder/PrivateKeyStoreTest.java*L135__;Iw!!GqivPVa7Brio!KZTaOe6TkXX8t-ZTaptDzm3RETFWZV4O6xj-7_iS2CF-NV4g7FxSSzYEweeUj8qrfw$>
>>
>>     and then have a null pointer exception when retrieving the entry
>>     from the alias because the certificate chain is null (see
>>     commented out "testSystem" use case):
>>
>>     https://github.com/tersesystems/securitybuilder/blob/master/lib/src/test/java/com/tersesystems/securitybuilder/PrivateKeyStoreTest.java#L27
>>     <https://urldefense.com/v3/__https://github.com/tersesystems/securitybuilder/blob/master/lib/src/test/java/com/tersesystems/securitybuilder/PrivateKeyStoreTest.java*L27__;Iw!!GqivPVa7Brio!KZTaOe6TkXX8t-ZTaptDzm3RETFWZV4O6xj-7_iS2CF-NV4g7FxSSzYEwedESajqLA$>
>>
>>     I can write this up into a formal bug if that helps.
>>
>>     On Fri, Apr 30, 2021 at 2:30 AM Sean Coffey
>>     <coffeys at openjdk.java.net <mailto:coffeys at openjdk.java.net>> wrote:
>>
>>         On Wed, 28 Apr 2021 12:39:42 GMT, Sean Coffey
>>         <coffeys at openjdk.org <mailto:coffeys at openjdk.org>> wrote:
>>
>>         >> Trivial enough change. Improved the exception thrown from
>>         JceKeyStore also.
>>         >
>>         > Sean Coffey has updated the pull request with a new target
>>         base due to a merge or a rebase. The incremental webrev
>>         excludes the unrelated changes brought in by the
>>         merge/rebase. The pull request contains four additional
>>         commits since the last revision:
>>         >
>>         >  - Check for null before try block
>>         >  - Merge branch 'master' of https://github.com/openjdk/jdk
>>         <https://urldefense.com/v3/__https://github.com/openjdk/jdk__;!!GqivPVa7Brio!KZTaOe6TkXX8t-ZTaptDzm3RETFWZV4O6xj-7_iS2CF-NV4g7FxSSzYEweeOltfJww$>
>>         into JDK-8236671-NPE
>>         >  - Fix white space
>>         >  - 8236671: NullPointerException in JKS keystore
>>
>>         KeyStore specification will be tightened up via another bug
>>         record: https://bugs.openjdk.java.net/browse/JDK-8266351
>>         <https://bugs.openjdk.java.net/browse/JDK-8266351>
>>
>>         -------------
>>
>>         PR: https://git.openjdk.java.net/jdk/pull/3588
>>         <https://git.openjdk.java.net/jdk/pull/3588>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20210528/2b18fc4c/attachment.htm>

More information about the security-dev mailing list