When initializing P11Cipher or P11AEADCipher instances, the key size may be checked against an expected one -if there is, as for AES-. To do so, the code retrieves the plain key and checks the array length [1].

However, if the key is a P11Key with attributes CKA_SENSITIVE and CKA_EXTRACTABLE -as it's the case for NSS software token keys initialized in 'FIPS' mode-, the key cannot be extracted in plain. Thus, the 'key.getEncoded()' call returns null and a NullPointerException happens thereafter when accessing the 'length' attribute. For P11Keys, the size (if available) is provided at construction time. P11Key::length is the method to get the key length (in bits) [2].

--
[1] - http://hg.openjdk.java.net/jdk/jdk/file/2f20eadd7031/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java#l348
[2] - http://hg.openjdk.java.net/jdk/jdk/file/2f20eadd7031/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java#l248