-
Bug
-
Resolution: Fixed
-
P3
-
7u281, 8u271
-
b01
-
b01
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8264307 | 8u301 | Sean Coffey | P3 | Resolved | Fixed | b01 |
ADDITIONAL SYSTEM INFORMATION :
Operating System: KDE neon 5.21(Ubuntu 20.04)
KDE Plasma Version: 5.21.2
KDE Frameworks Version: 5.80.0
Qt Version: 5.15.2
Kernel Version: 5.4.0-67-generic
OS Type: 64-bit
Graphics Platform: X11
failed on:
java version "1.8.0_281"
Java(TM) SE Runtime Environment (build 1.8.0_281-b09)
Java HotSpot(TM) 64-Bit Server VM (build 25.281-b09, mixed mode)
success on:
java version "1.8.0_192"
Java(TM) SE Runtime Environment (build 1.8.0_192-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.192-b12, mixed mode)
A DESCRIPTION OF THE PROBLEM :
Try add trust cert(GOST key, keyalg: 1.2.643.7.1.1.3.2) in cacerts, but got error. If add TLS cert all ok.
REGRESSION : Last worked in version 8
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
keytool -import -trustcacerts -alias gostcryptopro -keystore /etc/ssl/certs/java/cacerts -file gostcryptopro.crt
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
cert added to cacerts
ACTUAL -
keytool error: java.util.MissingResourceException: Can't find resource for bundle sun.security.tools.keytool.Resources, key unknown.size.1
---------- BEGIN SOURCE ----------
source gostcryptopro.crt:
-----BEGIN CERTIFICATE-----
MIIIqzCCCFigAwIBAgIQR0KOAIur3r1PmMlzl4Lf4jAKBggqhQMHAQEDAjCCASMx
HzAdBgkqhkiG9w0BCQEWEHFjYUBjcnlwdG9wcm8ucnUxGDAWBgUqhQNkARINMTAz
NzcwMDA4NTQ0NDEaMBgGCCqFAwOBAwEBEgwwMDc3MTcxMDc5OTExCzAJBgNVBAYT
AlJVMRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNVBAcMENCzLiDQnNC+
0YHQutCy0LAxOjA4BgNVBAkMMdGD0LsuINCY0LHRgNCw0LPQuNC80L7QstCwLCDQ
tC4gMzEsINC+0YTQuNGBIDMw0JExJTAjBgNVBAoMHNCe0J7QniAi0JrQoNCY0J/Q
otCeLdCf0KDQniIxJTAjBgNVBAMMHNCe0J7QniAi0JrQoNCY0J/QotCeLdCf0KDQ
niIwHhcNMjAwMzI3MDgyNzU3WhcNMjEwMzI3MDgzNzU3WjCCARcxGDAWBgUqhQNk
ARINMTAzNzcwMDA4NTQ0NDEaMBgGCCqFAwOBAwEBEgwwMDc3MTcxMDc5OTExKjAo
BgNVBAkMIdCh0YPRidC10LLRgdC60LjQuSDQktCw0LssINC0LiAxODEjMCEGCSqG
SIb3DQEJARYUc3VwcG9ydEBjcnlwdG9wcm8ucnUxCzAJBgNVBAYTAlJVMRwwGgYD
VQQIDBM3NyDQsy4g0JzQvtGB0LrQstCwMRUwEwYDVQQHDAzQnNC+0YHQutCy0LAx
JTAjBgNVBAoMHNCe0J7QniAi0JrQoNCY0J/QotCeLdCf0KDQniIxJTAjBgNVBAMM
HNCe0J7QniAi0JrQoNCY0J/QotCeLdCf0KDQniIwZjAfBggqhQMHAQEBATATBgcq
hQMCAiQABggqhQMHAQECAgNDAARAPARWCPkJACV6ElbZaDF/W87c0fvkA0JZLnng
9QUToOz0Ei8YaaQKEx+wEpXV5CnxZkMewaC8K666p9VENWUwO6OCBWcwggVjMA4G
A1UdDwEB/wQEAwID+DAdBgNVHQ4EFgQUb3CqwSZcU/hn22Y22ae616hyCC8wNQYJ
KwYBBAGCNxUHBCgwJgYeKoUDAgIyAQmC45hdguivR4XNiRuG3dhDgccFgs04AgEB
AgEAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBsGCSsGAQQBgjcVCgQOMAwwCgYIKwYB
BQUHAwEwgfQGCCsGAQUFBwEBBIHnMIHkMDMGCCsGAQUFBzABhidodHRwOi8vcXMu
Y3J5cHRvcHJvLnJ1L29jc3BrYzMvb2NzcC5zcmYwVwYIKwYBBQUHMAKGS2h0dHA6
Ly9jZHAuY3J5cHRvcHJvLnJ1L3JhL2FpYS9hMzBiOWFhMDJiZDYwZTUwYTJiM2E4
MDZjOGQxNWNlMTk1MDM0ZGIzLmNydDBUBggrBgEFBQcwAoZIaHR0cDovL3EyMC5j
cnlwdG9wcm8ucnUvYWlhL2EzMGI5YWEwMmJkNjBlNTBhMmIzYTgwNmM4ZDE1Y2Ux
OTUwMzRkYjMuY3J0MB0GA1UdIAQWMBQwCAYGKoUDZHEBMAgGBiqFA2RxAjAnBgNV
HREEIDAegg4qLmNyeXB0b3Byby5ydYIMY3J5cHRvcHJvLnJ1MCsGA1UdEAQkMCKA
DzIwMjAwMzI3MDgyNzU3WoEPMjAyMTAzMjcwODI3NTdaMIIBGAYFKoUDZHAEggEN
MIIBCQwy0J/QkNCa0JwgItCa0YDQuNC/0YLQvtCf0YDQviBIU00iINCy0LXRgNGB
0LjRjyAyLjAMMdCf0JDQmiAi0JrRgNC40L/RgtC+0J/RgNC+INCj0KYiINCy0LXR
gNGB0LjQuCAyLjAMT9Ch0LXRgNGC0LjRhNC40LrQsNGCINGB0L7QvtGC0LLQtdGC
0YHRgtCy0LjRjyDihJYg0KHQpC8xMjQtMzQ3NSDQvtGCIDEwLjA4LjIwMTgMT9Ch
0LXRgNGC0LjRhNC40LrQsNGCINGB0L7QvtGC0LLQtdGC0YHRgtCy0LjRjyDihJYg
0KHQpC8xMjgtMzU5MyDQvtGCIDE3LjEwLjIwMTgwLAYFKoUDZG8EIwwh0KHQmtCX
0JggItCa0YDQuNC/0YLQvtCf0YDQviBDU1AiMIGuBgNVHR8EgaYwgaMwUaBPoE2G
S2h0dHA6Ly9jZHAuY3J5cHRvcHJvLnJ1L3JhL2NkcC9hMzBiOWFhMDJiZDYwZTUw
YTJiM2E4MDZjOGQxNWNlMTk1MDM0ZGIzLmNybDBOoEygSoZIaHR0cDovL3EyMC5j
cnlwdG9wcm8ucnUvY2RwL2EzMGI5YWEwMmJkNjBlNTBhMmIzYTgwNmM4ZDE1Y2Ux
OTUwMzRkYjMuY3JsMIIBYAYDVR0jBIIBVzCCAVOAFKMLmqAr1g5QorOoBsjRXOGV
A02zoYIBLKSCASgwggEkMR4wHAYJKoZIhvcNAQkBFg9kaXRAbWluc3Z5YXoucnUx
CzAJBgNVBAYTAlJVMRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNVBAcM
ENCzLiDQnNC+0YHQutCy0LAxLjAsBgNVBAkMJdGD0LvQuNGG0LAg0KLQstC10YDR
gdC60LDRjywg0LTQvtC8IDcxLDAqBgNVBAoMI9Cc0LjQvdC60L7QvNGB0LLRj9C3
0Ywg0KDQvtGB0YHQuNC4MRgwFgYFKoUDZAESDTEwNDc3MDIwMjY3MDExGjAYBggq
hQMDgQMBARIMMDA3NzEwNDc0Mzc1MSwwKgYDVQQDDCPQnNC40L3QutC+0LzRgdCy
0Y/Qt9GMINCg0L7RgdGB0LjQuIILAOl5/vUAAAAAAdcwCgYIKoUDBwEBAwIDQQCm
NQzbXzWSf/UJ545v0KJjU+SqpQco6yaDjZemcLB0kDIIi5+spmX8wlntu0+6pajR
7eXTMQI0MOR3u5Ob4mpb
-----END CERTIFICATE-----
---------- END SOURCE ----------
FREQUENCY : always
Operating System: KDE neon 5.21(Ubuntu 20.04)
KDE Plasma Version: 5.21.2
KDE Frameworks Version: 5.80.0
Qt Version: 5.15.2
Kernel Version: 5.4.0-67-generic
OS Type: 64-bit
Graphics Platform: X11
failed on:
java version "1.8.0_281"
Java(TM) SE Runtime Environment (build 1.8.0_281-b09)
Java HotSpot(TM) 64-Bit Server VM (build 25.281-b09, mixed mode)
success on:
java version "1.8.0_192"
Java(TM) SE Runtime Environment (build 1.8.0_192-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.192-b12, mixed mode)
A DESCRIPTION OF THE PROBLEM :
Try add trust cert(GOST key, keyalg: 1.2.643.7.1.1.3.2) in cacerts, but got error. If add TLS cert all ok.
REGRESSION : Last worked in version 8
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
keytool -import -trustcacerts -alias gostcryptopro -keystore /etc/ssl/certs/java/cacerts -file gostcryptopro.crt
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
cert added to cacerts
ACTUAL -
keytool error: java.util.MissingResourceException: Can't find resource for bundle sun.security.tools.keytool.Resources, key unknown.size.1
---------- BEGIN SOURCE ----------
source gostcryptopro.crt:
-----BEGIN CERTIFICATE-----
MIIIqzCCCFigAwIBAgIQR0KOAIur3r1PmMlzl4Lf4jAKBggqhQMHAQEDAjCCASMx
HzAdBgkqhkiG9w0BCQEWEHFjYUBjcnlwdG9wcm8ucnUxGDAWBgUqhQNkARINMTAz
NzcwMDA4NTQ0NDEaMBgGCCqFAwOBAwEBEgwwMDc3MTcxMDc5OTExCzAJBgNVBAYT
AlJVMRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNVBAcMENCzLiDQnNC+
0YHQutCy0LAxOjA4BgNVBAkMMdGD0LsuINCY0LHRgNCw0LPQuNC80L7QstCwLCDQ
tC4gMzEsINC+0YTQuNGBIDMw0JExJTAjBgNVBAoMHNCe0J7QniAi0JrQoNCY0J/Q
otCeLdCf0KDQniIxJTAjBgNVBAMMHNCe0J7QniAi0JrQoNCY0J/QotCeLdCf0KDQ
niIwHhcNMjAwMzI3MDgyNzU3WhcNMjEwMzI3MDgzNzU3WjCCARcxGDAWBgUqhQNk
ARINMTAzNzcwMDA4NTQ0NDEaMBgGCCqFAwOBAwEBEgwwMDc3MTcxMDc5OTExKjAo
BgNVBAkMIdCh0YPRidC10LLRgdC60LjQuSDQktCw0LssINC0LiAxODEjMCEGCSqG
SIb3DQEJARYUc3VwcG9ydEBjcnlwdG9wcm8ucnUxCzAJBgNVBAYTAlJVMRwwGgYD
VQQIDBM3NyDQsy4g0JzQvtGB0LrQstCwMRUwEwYDVQQHDAzQnNC+0YHQutCy0LAx
JTAjBgNVBAoMHNCe0J7QniAi0JrQoNCY0J/QotCeLdCf0KDQniIxJTAjBgNVBAMM
HNCe0J7QniAi0JrQoNCY0J/QotCeLdCf0KDQniIwZjAfBggqhQMHAQEBATATBgcq
hQMCAiQABggqhQMHAQECAgNDAARAPARWCPkJACV6ElbZaDF/W87c0fvkA0JZLnng
9QUToOz0Ei8YaaQKEx+wEpXV5CnxZkMewaC8K666p9VENWUwO6OCBWcwggVjMA4G
A1UdDwEB/wQEAwID+DAdBgNVHQ4EFgQUb3CqwSZcU/hn22Y22ae616hyCC8wNQYJ
KwYBBAGCNxUHBCgwJgYeKoUDAgIyAQmC45hdguivR4XNiRuG3dhDgccFgs04AgEB
AgEAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBsGCSsGAQQBgjcVCgQOMAwwCgYIKwYB
BQUHAwEwgfQGCCsGAQUFBwEBBIHnMIHkMDMGCCsGAQUFBzABhidodHRwOi8vcXMu
Y3J5cHRvcHJvLnJ1L29jc3BrYzMvb2NzcC5zcmYwVwYIKwYBBQUHMAKGS2h0dHA6
Ly9jZHAuY3J5cHRvcHJvLnJ1L3JhL2FpYS9hMzBiOWFhMDJiZDYwZTUwYTJiM2E4
MDZjOGQxNWNlMTk1MDM0ZGIzLmNydDBUBggrBgEFBQcwAoZIaHR0cDovL3EyMC5j
cnlwdG9wcm8ucnUvYWlhL2EzMGI5YWEwMmJkNjBlNTBhMmIzYTgwNmM4ZDE1Y2Ux
OTUwMzRkYjMuY3J0MB0GA1UdIAQWMBQwCAYGKoUDZHEBMAgGBiqFA2RxAjAnBgNV
HREEIDAegg4qLmNyeXB0b3Byby5ydYIMY3J5cHRvcHJvLnJ1MCsGA1UdEAQkMCKA
DzIwMjAwMzI3MDgyNzU3WoEPMjAyMTAzMjcwODI3NTdaMIIBGAYFKoUDZHAEggEN
MIIBCQwy0J/QkNCa0JwgItCa0YDQuNC/0YLQvtCf0YDQviBIU00iINCy0LXRgNGB
0LjRjyAyLjAMMdCf0JDQmiAi0JrRgNC40L/RgtC+0J/RgNC+INCj0KYiINCy0LXR
gNGB0LjQuCAyLjAMT9Ch0LXRgNGC0LjRhNC40LrQsNGCINGB0L7QvtGC0LLQtdGC
0YHRgtCy0LjRjyDihJYg0KHQpC8xMjQtMzQ3NSDQvtGCIDEwLjA4LjIwMTgMT9Ch
0LXRgNGC0LjRhNC40LrQsNGCINGB0L7QvtGC0LLQtdGC0YHRgtCy0LjRjyDihJYg
0KHQpC8xMjgtMzU5MyDQvtGCIDE3LjEwLjIwMTgwLAYFKoUDZG8EIwwh0KHQmtCX
0JggItCa0YDQuNC/0YLQvtCf0YDQviBDU1AiMIGuBgNVHR8EgaYwgaMwUaBPoE2G
S2h0dHA6Ly9jZHAuY3J5cHRvcHJvLnJ1L3JhL2NkcC9hMzBiOWFhMDJiZDYwZTUw
YTJiM2E4MDZjOGQxNWNlMTk1MDM0ZGIzLmNybDBOoEygSoZIaHR0cDovL3EyMC5j
cnlwdG9wcm8ucnUvY2RwL2EzMGI5YWEwMmJkNjBlNTBhMmIzYTgwNmM4ZDE1Y2Ux
OTUwMzRkYjMuY3JsMIIBYAYDVR0jBIIBVzCCAVOAFKMLmqAr1g5QorOoBsjRXOGV
A02zoYIBLKSCASgwggEkMR4wHAYJKoZIhvcNAQkBFg9kaXRAbWluc3Z5YXoucnUx
CzAJBgNVBAYTAlJVMRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNVBAcM
ENCzLiDQnNC+0YHQutCy0LAxLjAsBgNVBAkMJdGD0LvQuNGG0LAg0KLQstC10YDR
gdC60LDRjywg0LTQvtC8IDcxLDAqBgNVBAoMI9Cc0LjQvdC60L7QvNGB0LLRj9C3
0Ywg0KDQvtGB0YHQuNC4MRgwFgYFKoUDZAESDTEwNDc3MDIwMjY3MDExGjAYBggq
hQMDgQMBARIMMDA3NzEwNDc0Mzc1MSwwKgYDVQQDDCPQnNC40L3QutC+0LzRgdCy
0Y/Qt9GMINCg0L7RgdGB0LjQuIILAOl5/vUAAAAAAdcwCgYIKoUDBwEBAwIDQQCm
NQzbXzWSf/UJ545v0KJjU+SqpQco6yaDjZemcLB0kDIIi5+spmX8wlntu0+6pajR
7eXTMQI0MOR3u5Ob4mpb
-----END CERTIFICATE-----
---------- END SOURCE ----------
FREQUENCY : always
- backported by
-
JDK-8264307 java.util.MissingResourceException if add cert with GOST key in cacerts
- Resolved
- relates to
-
JDK-8172404 Tools should warn if weak algorithms are used before restricting them
- Resolved