-
Bug
-
Resolution: Duplicate
-
P3
-
None
-
5.0
-
generic
-
generic
JDK Build
Failed with JDK1.4.2 and Tiger (1.5) b13
Passed with JDK1.4.1
Description
We can not retrieve the private key entry from the SunJCE keystore which was created by keytool
How to reproduce
1. create a JCE Keystore using keytool
$JAVA_HOME/bin/keytool -genkey -storetype JCEKS -keyalg DSA -keysize 768 -sigalg DSA -dname cn=YunKe -keypass keypasswd -keystore KeyStoreFromKeyTool -storepass storepasswd
2. verify your keystore using the following command
$JAVA_HOME/bin/keytool -list -keystore KeyStoreFromKeyTool -storepass storepasswd -storetype JCEKS
3. get test.java from the following and compile it
=========================================================
import java.io.PrintStream;
import java.io.IOException;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.Security;
import javax.crypto.*;
public class test {
char [] passwdStore = new String("storepasswd").toCharArray();
char [] passwdKey = new String("keypasswd").toCharArray();
String provider="SunJCE";
FileInputStream inStream = null;
String keyStoreName="KeyStoreFromKeyTool";
String alias="mykey";
public void run(String args[], PrintStream log, PrintStream out) {
try {
KeyStore ks = KeyStore.getInstance("jceks");
inStream = new FileInputStream(keyStoreName);
// load a keystore which was generated from keytool
ks.load(inStream, passwdStore);
if (ks.size() == 0) {
out.println("Empty KeyStore");
}
else {
out.println("There are "+ ks.size() + "Entry in KeyStore");
}
if (ks.isCertificateEntry(alias))
out.println(alias + " is a CertificateEntry");
else if (ks.isKeyEntry(alias))
out.println(alias + " is a KeyEntry");
Key pk = ks.getKey(alias, passwdKey);
out.println("AlgorithName is " + pk.getAlgorithm());
}
catch (Exception ex) {
out.println("ERROR: unexpected exception - ");
ex.printStackTrace();
out.println("STATUS:Failed.");
}
}
public static void main(String args[]) {
test jstest = new test();
jstest.run(args, System.err, System.out);
}
=========================================================
4. $JAVA_HOME/bin/java test
5. you will see the following failure If you use JDK1.4.2 or JDK1.5 b13
========================================================
There are 1Entry in KeyStore
mykey is a KeyEntry
ERROR: unexpected exception -
java.lang.NullPointerException
at com.sun.crypto.provider.SunJCE_z.a(DashoA6275)
at com.sun.crypto.provider.JceKeyStore.engineGetKey(DashoA6275)
at java.security.KeyStore.getKey(KeyStore.java:289)
at test.run(test.java:64)
at test.main(test.java:78)
STATUS:Failed.
=========================================================
Expected Result (as we get using JDK1.4.1)
=========================================================
java version "1.4.1"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.1-b21)
Java HotSpot(TM) Client VM (build 1.4.1-b21, mixed mode)
Keystore type: JCEKS
Keystore provider: SunJCE
Your keystore contains 1 entry
mykey, Aug 1, 2003, keyEntry,
Certificate fingerprint (MD5): CE:3A:B7:C3:D1:E7:85:1D:D2:17:D0:BD:15:AB:CA:A0
There are 1Entry in KeyStore
mykey is a KeyEntry
AlgorithName is DSA
=========================================================
Failed with JDK1.4.2 and Tiger (1.5) b13
Passed with JDK1.4.1
Description
We can not retrieve the private key entry from the SunJCE keystore which was created by keytool
How to reproduce
1. create a JCE Keystore using keytool
$JAVA_HOME/bin/keytool -genkey -storetype JCEKS -keyalg DSA -keysize 768 -sigalg DSA -dname cn=YunKe -keypass keypasswd -keystore KeyStoreFromKeyTool -storepass storepasswd
2. verify your keystore using the following command
$JAVA_HOME/bin/keytool -list -keystore KeyStoreFromKeyTool -storepass storepasswd -storetype JCEKS
3. get test.java from the following and compile it
=========================================================
import java.io.PrintStream;
import java.io.IOException;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.Security;
import javax.crypto.*;
public class test {
char [] passwdStore = new String("storepasswd").toCharArray();
char [] passwdKey = new String("keypasswd").toCharArray();
String provider="SunJCE";
FileInputStream inStream = null;
String keyStoreName="KeyStoreFromKeyTool";
String alias="mykey";
public void run(String args[], PrintStream log, PrintStream out) {
try {
KeyStore ks = KeyStore.getInstance("jceks");
inStream = new FileInputStream(keyStoreName);
// load a keystore which was generated from keytool
ks.load(inStream, passwdStore);
if (ks.size() == 0) {
out.println("Empty KeyStore");
}
else {
out.println("There are "+ ks.size() + "Entry in KeyStore");
}
if (ks.isCertificateEntry(alias))
out.println(alias + " is a CertificateEntry");
else if (ks.isKeyEntry(alias))
out.println(alias + " is a KeyEntry");
Key pk = ks.getKey(alias, passwdKey);
out.println("AlgorithName is " + pk.getAlgorithm());
}
catch (Exception ex) {
out.println("ERROR: unexpected exception - ");
ex.printStackTrace();
out.println("STATUS:Failed.");
}
}
public static void main(String args[]) {
test jstest = new test();
jstest.run(args, System.err, System.out);
}
=========================================================
4. $JAVA_HOME/bin/java test
5. you will see the following failure If you use JDK1.4.2 or JDK1.5 b13
========================================================
There are 1Entry in KeyStore
mykey is a KeyEntry
ERROR: unexpected exception -
java.lang.NullPointerException
at com.sun.crypto.provider.SunJCE_z.a(DashoA6275)
at com.sun.crypto.provider.JceKeyStore.engineGetKey(DashoA6275)
at java.security.KeyStore.getKey(KeyStore.java:289)
at test.run(test.java:64)
at test.main(test.java:78)
STATUS:Failed.
=========================================================
Expected Result (as we get using JDK1.4.1)
=========================================================
java version "1.4.1"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.1-b21)
Java HotSpot(TM) Client VM (build 1.4.1-b21, mixed mode)
Keystore type: JCEKS
Keystore provider: SunJCE
Your keystore contains 1 entry
mykey, Aug 1, 2003, keyEntry,
Certificate fingerprint (MD5): CE:3A:B7:C3:D1:E7:85:1D:D2:17:D0:BD:15:AB:CA:A0
There are 1Entry in KeyStore
mykey is a KeyEntry
AlgorithName is DSA
=========================================================
- duplicates
-
-
- Resolved
-