Name: iiR10263 Date: 11/13/2003



The specification describes the following exceptions that are thrown
by javax.crypto.Cipher.init(int, Key):

Throws:
InvalidKeyException - if the given key is inappropriate for
initializing this cipher, or if this cipher is being initialized for
decryption and requires algorithm parameters that cannot be determined
from the given key, or if the given key has a keysize that exceeds the
maximum allowable keysize (as determined from the configured
jurisdiction policy files).

The above means that if null Key argument is inappropriate for
initialization InvalidKeyException instead of NullPointerException
should be thrown.

Unfortunately NullPointerException is thrown when
init(Cipher.ENCRYPT_MODE, (Key)null)
is called for Cipher objects of the following algorithms:
- PBEWITHSHA1ANDDESEDE
- PBEWITHMD5ANDTRIPLEDES
- PBEWITHMD5ANDDES
- PBEWITHSHA1ANDRC2_40

Please find the code example that shows the problem below.

import java.io.PrintWriter;
import java.security.InvalidKeyException;
import java.security.Key;
import javax.crypto.Cipher;

public class e1 {
 
    public static void main(String argv[]) {
        Cipher c;
        String alg = "PBEWITHMD5ANDDES";
        
        try {
        
            c = Cipher.getInstance(alg);
            
            try {
                c.init(Cipher.ENCRYPT_MODE, (Key)null);
            } catch (InvalidKeyException e) {
            }
        } catch (Exception e) {
            e.printStackTrace(System.out);
        }
    }
}

Test output is
java.lang.NullPointerException
        at javax.crypto.Cipher.a(DashoA6275)
        at javax.crypto.Cipher.a(DashoA6275)
        at javax.crypto.Cipher.a(DashoA6275)
        at javax.crypto.Cipher.init(DashoA6275)
        at javax.crypto.Cipher.init(DashoA6275)
        at e1.main(e1.java:17)

java full version "1.5.0-beta-b26"

======================================================================