APAR status
Closed as program error.
Error description
Error Message: N/A . Stack Trace: java.lang.NullPointerException at com.ibm.crypto.pkcs11impl.provider.PKCS11KeyStore.engineSetKeyEn try(PKCS11KeyStore.java:617) at java.security.KeyStore.setKeyEntry(KeyStore.java:1151) at tests.com.ibm.jtc.zosSec.testKeystore.main(testKeystore.java:201 ) . The customer experienced a NullPointerException with debug tracing enabled for the IBMPKCS11Impl crypto provider. The customer's code was calling KeyStore.setKeyEntry( ) with a null certificate chain. The KeyStore being used was "PKCS11IMPLKS".
Local fix
Do not enable debug tracing for the IBMPKCS11Impl provider. Debug tracing is "enabled" by adding the following java argument: -Djava.secrity.debug=pkcs11impl"
Problem summary
The debug tracing logic within the IBMPKCS11Impl provider's PKCS11KeyStore class was unprepared to handle a null certificate chain received on a setKeyEntry() call.
Problem conclusion
The debug tracing logic within the IBMPKCS11Impl provider's PKCS11KeyStore class has been modified to anticipate that a null certificate chain may be received on a setKeyEntry( ) call. . This APAR will be fixed in the following Java Releases: 8 SR5 FP11 (8.0.5.11) 6 SR16 FP65 (6.0.16.65) 7 SR10 FP25 (7.0.10.25) 7 R1 SR4 FP25 (7.1.4.25) 6 R1 SR8 FP65 (6.1.8.65) . Contact your IBM Product's Service Team for these Service Refreshes and Fix Packs. For those running stand-alone, information about the available Service Refreshes and Fix Packs can be found at: https://www.ibm.com/developerworks/java/jdk/
Temporary fix
Comments
APAR Information
APAR number
IJ03969
Reported component name
SECURITY
Reported component ID
620700125
Reported release
270
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2018-02-06
Closed date
2018-02-28
Last modified date
2018-02-28
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SECURITY
Fixed component ID
620700125
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
Document Information
Modified date:
07 December 2020