-
Bug
-
Resolution: Duplicate
-
P3
-
None
-
8u121
-
generic
-
generic
FULL PRODUCT VERSION :
java version "1.8.0_121"
Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
macOS Sierra Version 10.12.4 (16E195)
A DESCRIPTION OF THE PROBLEM :
CANNOT LOAD PKCS12 KEYSTORE FILE . KeyStore.load() fails to load RSA 1024 key length certificate.
REGRESSION. Last worked in version 8u112
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Run the attached source code to reproduce this error.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
it should load the certificate.
ACTUAL -
CertificateException thrown by KeyStroe.load() API call .
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.security.cert.CertificateException: Unable to initialize, java.io.IOException: DerInputStream.getLength(): Redundant length bytes found
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:198)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:102)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:339)
at sun.security.pkcs12.PKCS12KeyStore.loadSafeContents(PKCS12KeyStore.java:2189)
at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2025)
at java.security.KeyStore.load(KeyStore.java:1445)
at KeyStoreTest.main(KeyStoreTest.java:35)
Caused by: java.io.IOException: DerInputStream.getLength(): Redundant length bytes found
at sun.security.util.DerInputStream.getLength(DerInputStream.java:606)
at sun.security.util.DerValue.<init>(DerValue.java:252)
at sun.security.util.DerInputStream.getDerValue(DerInputStream.java:451)
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1784)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:195)
... 6 more
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
public class KeyStoreTest {
/**
* @param args
* @throws java.security.cert.CertificateException
* @throws NoSuchAlgorithmException
* @throws IOException
*/
public static void main(String[] args)throws KeyStoreException, NoSuchAlgorithmException, java.security.cert.CertificateException, IOException {
// TODO Auto-generated method stub
KeyStore keystore = null;
FileInputStream fip = null;
try{
keystore = KeyStore.getInstance("pkcs12");
}catch(KeyStoreException ex){
ex.printStackTrace();
}
try{
fip = new FileInputStream("/home/Downloads/cert_1024.p12");
}catch(FileNotFoundException ex){
ex.printStackTrace();
}
try{
keystore.load(fip, "1024".toCharArray());
}catch(CertificateException e){
e.printStackTrace();
}
}
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
this issue was not reproducible in Java8u112 so the only workaround is to change JRE to java8u112
java version "1.8.0_121"
Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
macOS Sierra Version 10.12.4 (16E195)
A DESCRIPTION OF THE PROBLEM :
CANNOT LOAD PKCS12 KEYSTORE FILE . KeyStore.load() fails to load RSA 1024 key length certificate.
REGRESSION. Last worked in version 8u112
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Run the attached source code to reproduce this error.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
it should load the certificate.
ACTUAL -
CertificateException thrown by KeyStroe.load() API call .
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.security.cert.CertificateException: Unable to initialize, java.io.IOException: DerInputStream.getLength(): Redundant length bytes found
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:198)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:102)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:339)
at sun.security.pkcs12.PKCS12KeyStore.loadSafeContents(PKCS12KeyStore.java:2189)
at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2025)
at java.security.KeyStore.load(KeyStore.java:1445)
at KeyStoreTest.main(KeyStoreTest.java:35)
Caused by: java.io.IOException: DerInputStream.getLength(): Redundant length bytes found
at sun.security.util.DerInputStream.getLength(DerInputStream.java:606)
at sun.security.util.DerValue.<init>(DerValue.java:252)
at sun.security.util.DerInputStream.getDerValue(DerInputStream.java:451)
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1784)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:195)
... 6 more
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
public class KeyStoreTest {
/**
* @param args
* @throws java.security.cert.CertificateException
* @throws NoSuchAlgorithmException
* @throws IOException
*/
public static void main(String[] args)throws KeyStoreException, NoSuchAlgorithmException, java.security.cert.CertificateException, IOException {
// TODO Auto-generated method stub
KeyStore keystore = null;
FileInputStream fip = null;
try{
keystore = KeyStore.getInstance("pkcs12");
}catch(KeyStoreException ex){
ex.printStackTrace();
}
try{
fip = new FileInputStream("/home/Downloads/cert_1024.p12");
}catch(FileNotFoundException ex){
ex.printStackTrace();
}
try{
keystore.load(fip, "1024".toCharArray());
}catch(CertificateException e){
e.printStackTrace();
}
}
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
this issue was not reproducible in Java8u112 so the only workaround is to change JRE to java8u112
- duplicates
-
-
- Closed
-