Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-7187962

sun.security.pkcs11.P11DSAKeyFactory.implTranslatePublicKey doesn't check if params is null

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: P4 P4
    • 8
    • 8
    • security-libs
    • 8
    • b55
    • x86
    • linux
    • Verified

      There is a sqe test named CertPath/CertPathValidatorTest/KeyParamsInheritanceTest failed recently with:
      Test CertPath/CertPathValidatorTest/KeyParamsInheritanceTest fails for NullPointerException:

      java.lang.NullPointerException
              at sun.security.pkcs11.P11DSAKeyFactory.implTranslatePublicKey(P11DSAKey
      Factory.java:57)
              at sun.security.pkcs11.P11KeyFactory.engineTranslateKey(P11KeyFactory.ja
      va:127)
              at sun.security.pkcs11.P11KeyFactory.convertKey(P11KeyFactory.java:64)
              at sun.security.pkcs11.P11Signature.engineInitVerify(P11Signature.java:3
      78)
              at java.security.Signature$Delegate.init(Signature.java:1103)
              at java.security.Signature$Delegate.chooseProvider(Signature.java:1066)
              at java.security.Signature$Delegate.engineInitVerify(Signature.java:1121
      )
              at java.security.Signature.initVerify(Signature.java:451)
              at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:440)
              at sun.security.provider.certpath.BasicChecker.verifySignature(BasicChec
      ker.java:160)
              at sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:1
      41)
              at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(P
      KIXMasterCertPathValidator.java:119)
              at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCer
      tPathValidator.java:210)
              at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCer
      tPathValidator.java:143)
              at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(P
      KIXCertPathValidator.java:79)
              at java.security.cert.CertPathValidator.validate(CertPathValidator.java:
      292)
              at ValidateCertPath.doValidate(ValidateCertPath.java:175)

      This happened at:
      Testing : failure validator test: initial trusted key has no params
      validatorTestFailure(args, 1); -->ValidateCertPath.doValidate(certs, params, verbose); -->CertPathValidator.validate

      Expect:
      CertPathValidatorException

      Actual:
      java.lang.NullPointerException

      In the P11DSAKeyFactory.implTranslatePublicKey method, it doesn't check if the returned "params" is null or not before doing "params.getP()" and etc. So in the case the key has no params, this method will throw un-catched NullPointerException.

            mullan Sean Mullan
            yulixu Vivian Xu (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: