-
Bug
-
Resolution: Duplicate
-
P4
-
None
-
6
-
x86
-
windows_2000
FULL PRODUCT VERSION :
java version "1.6.0"
Java(TM) SE Runtime Environment (build 1.6.0-b105)
Java HotSpot(TM) Client VM (build 1.6.0-b105, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows 2000 [Version 5.00.2195]
EXTRA RELEVANT SYSTEM CONFIGURATION :
Tested with jdk1.5.0_08 and jdk1.6.0. Same error occurs with both versions.
A DESCRIPTION OF THE PROBLEM :
Problem occurs when loading any PKCS12 certificate with a zero-length password into a KeyStore. This has been tested using .pfx and .p12 certificate files.
Here is the error:
Exception in thread "main" java.io.IOException: failed to decrypt safe contents entry: java.lang.ArithmeticException: / by zero
at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1275)
at java.security.KeyStore.load(KeyStore.java:1150)
at CertTest.main(CertTest.java:12)
Caused by: java.lang.ArithmeticException: / by zero
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40.engineInit(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1271)
... 2 more
See this link for more information on a similar divide by zero error:
http://forum.java.sun.com/thread.jspa?threadID=741710&tstart=165
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Create a PKCS12 certificate with a zero-length (i.e. the empty string, "") password.
2. Try to load it into a KeyStore. (Code is provided in the test case.)
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The certificate should be loaded into the KeyStore wihout any exception.
ACTUAL -
The actual result is an IOException indicating a divide by zero error.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
Exception in thread "main" java.io.IOException: failed to decrypt safe contents entry: java.lang.ArithmeticException: / by zero
at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1275)
at java.security.KeyStore.load(KeyStore.java:1150)
at CertTest.main(CertTest.java:12)
Caused by: java.lang.ArithmeticException: / by zero
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40.engineInit(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1271)
... 2 more
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
import java.io.*;
import java.security.KeyStore;
public class CertTest {
public static void main(String[] args) throws Exception {
KeyStore keyStore = KeyStore.getInstance("PKCS12");
FileInputStream fis = new FileInputStream("test.pfx");
char[] pwArray = "".toCharArray();
keyStore.load(fis, pwArray);
fis.close();
}
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
The only possible workaround is to use different certificate that has a password with at least one character. This is not always a viable solution.
java version "1.6.0"
Java(TM) SE Runtime Environment (build 1.6.0-b105)
Java HotSpot(TM) Client VM (build 1.6.0-b105, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows 2000 [Version 5.00.2195]
EXTRA RELEVANT SYSTEM CONFIGURATION :
Tested with jdk1.5.0_08 and jdk1.6.0. Same error occurs with both versions.
A DESCRIPTION OF THE PROBLEM :
Problem occurs when loading any PKCS12 certificate with a zero-length password into a KeyStore. This has been tested using .pfx and .p12 certificate files.
Here is the error:
Exception in thread "main" java.io.IOException: failed to decrypt safe contents entry: java.lang.ArithmeticException: / by zero
at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1275)
at java.security.KeyStore.load(KeyStore.java:1150)
at CertTest.main(CertTest.java:12)
Caused by: java.lang.ArithmeticException: / by zero
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40.engineInit(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1271)
... 2 more
See this link for more information on a similar divide by zero error:
http://forum.java.sun.com/thread.jspa?threadID=741710&tstart=165
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Create a PKCS12 certificate with a zero-length (i.e. the empty string, "") password.
2. Try to load it into a KeyStore. (Code is provided in the test case.)
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The certificate should be loaded into the KeyStore wihout any exception.
ACTUAL -
The actual result is an IOException indicating a divide by zero error.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
Exception in thread "main" java.io.IOException: failed to decrypt safe contents entry: java.lang.ArithmeticException: / by zero
at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1275)
at java.security.KeyStore.load(KeyStore.java:1150)
at CertTest.main(CertTest.java:12)
Caused by: java.lang.ArithmeticException: / by zero
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
at com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40.engineInit(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1271)
... 2 more
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
import java.io.*;
import java.security.KeyStore;
public class CertTest {
public static void main(String[] args) throws Exception {
KeyStore keyStore = KeyStore.getInstance("PKCS12");
FileInputStream fis = new FileInputStream("test.pfx");
char[] pwArray = "".toCharArray();
keyStore.load(fis, pwArray);
fis.close();
}
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
The only possible workaround is to use different certificate that has a password with at least one character. This is not always a viable solution.
- duplicates
-
-
- Closed
-