IBM Support

IJ05678: COM.IBM.SECURITY.VALIDATOR.VALIDATOR.VALIDATE METHOD THROWS A NULLPOINTEXCEPTION ERROR

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • PROBLEM SUMMARY:
The com.ibm.security.validator.Validator.validate method
experiences the following exception:

java.lang.NullPointerException
at
com.ibm.security.cert.PKIXExtendedParameters.setRevocationEnable
d(PKIXExtendedParameters.java:139)
at
java.security.cert.PKIXParameters.initialize(PKIXParameters.java
:193)
at
java.security.cert.PKIXParameters.<init>(PKIXParameters.java:143
)
at
java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParam
eters.java:99)
at
com.ibm.security.cert.PKIXExtendedParameters.<init>(PKIXExtended
Parameters.java:55)
at
com.ibm.security.validator.PKIXValidator.engineValidate(PKIXVali
dator.java:214)
at
com.ibm.security.validator.Validator.validate(Validator.java:257
)
at
com.ibm.security.validator.Validator.validate(Validator.java:233
)


ERROR DESCRIPTION:
The PKIXParameters class is a super class of
PKIXExtendedParameters.
When PKIXValidator,engineValidate() invokes the
PKIXExtendedParameters constructor, that constructor
first calls the constructor of its superclass.

When the PKIXParameters constructor executes, it attempts to
set the a default "revocation enabled = true"
boolean within the PKIXExtendedParameters object.  However, the
PKIXBuilderParameters object within the
PKIXExtendedParameters object, which contains the "revocation
enabled" boolean to be set, has not yet been initialized.
Therefore a NullPointerException occurs.

Local fix

  • N/A

Problem summary

  • The CertPath PKIXParameters class causes a NullPointerException.
The NullPointerException was seen on a call to the
com.ibm.security.validator.Validator.validate method.
at
com.ibm.security.cert.PKIXExtendedParameters.setRevocationEnable
d(PKIXExtendedParameters.java:139)
at
java.security.cert.PKIXParameters.initialize(PKIXParameters.java
:193)
at
java.security.cert.PKIXParameters.<init>(PKIXParameters.java:143
)
at
java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParam
eters.java:99)
at
com.ibm.security.cert.PKIXExtendedParameters.<init>(PKIXExtended
Parameters.java:55)
at
com.ibm.security.validator.PKIXValidator.engineValidate(PKIXVali
dator.java:214)
at
com.ibm.security.validator.Validator.validate(Validator.java:257
)
at
com.ibm.security.validator.Validator.validate(Validator.java:233
)
ERROR DESCRIPTION:
The PKIXParameters class is a super class of
PKIXExtendedParameters.
When PKIXValidator,engineValidate() invokes the
PKIXExtendedParameters constructor, that constructor first
calls the constructor of its superclass.
When the PKIXParameters constructor executes, it attempts to
set a default "revocation enabled = true" boolean
within the PKIXExtendedParameters object.  However, the
PKIXBuilderParameters object within the
PKIXExtendedParameters object, which contains the "revocation
enabled" boolean to be set, has not yet been initialized.
Therefore, a NullPointerException occurs.

Problem conclusion

  • The most current copy of the PKIXParameters class no longer
attempts to set a default "revocation enabled = true" boolean
value.
The PKIXParameters class within ibmcertpathfw.jar has been
replaced with that most current copy.
The associated CMVC defects are 117842 and 117846.
The associated RTC PMRs are 137836 and 137841.
The associated APAR is IJ05678.
The affected jar is ibmcertpathfw.jar.
The build level of ibmcertpathfw.jar is  20180416.
JVMs affected:   Java 7.0,  Java 7.1,  and Java 8.0
This fix has been delivered for:
70sr10fp25, 727sr4fp25, and 80sr5fp15.

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IJ05678
    • 

  • Reported component name
    TIV JAVA CERT P
    • 

  • Reported component ID
    TIVSECJCP
    • 

  • Reported release
    100
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2018-04-12
    • 

  • Closed date
    2018-04-17
    • 

  • Last modified date
    2018-04-17
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Modules/Macros


    

  • 999

    



Fix information


    

  • Fixed component name
    TIV JAVA CERT P
    • 

  • Fixed component ID
    TIVSECJCP
    • 



Applicable component levels


    








      
              
                            

              

              [{"Business Unit":{"code":"BU008","label":"Security"},"Product":{"code":"SSWKFH","label":"Tivoli Components - Java Security"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"100","Edition":"","Line of Business":{"code":"","label":""}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            17 April 2018
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback