APAR status
Closed as program error.
Error description
Error Message: Two errors were identified within the PKCS11KeyStore.1) While replacing a hardware key with another keyhaving a few modified attributes, the PKCS11KeyStore.convertPrivKeyObj( ) method was failing to clean up the hardware key being replaced ifthe system property "ibm.pkcs11.memorymanagement"is set to "false". Ordinarily hardware keys are cleaned up automatically by the finalizer method of the key. However, when "ibm.pkcs11.memorymanagement" is set to "false", it is the responsibility of the application to clean up the key. In this case, the PKCS11KeyStore class was the responsibie application.2) A debug trace statement within the PKCS11KeyStore.deleteCert() method was throwing an unexpected NullPointerException when debug tracing was enabled. . Stack Trace: N/A .
Local fix
Problem summary
Two errors were identified within the PKCS11KeyStore.1) While replacing a hardware key with another keyhaving a few modified attributes, the PKCS11KeyStore class was failing to clean up the old hardware key ifthe system property "ibm.pkcs11.memorymanagement"is set to "false". Ordinarily hardware keys are cleaned up automatically by the finalizer method of the key. However, when "ibm.pkcs11.memorymanagement" is set to "false", it is the responsibility of the application to clean up the key. In this case, the PKCS11KeyStore class was the responsibie application.2) A debug trace statement within the PKCS11KeyStore.deleteCert() method was throwing an unexpected NullPointerException when debug tracing was enabled.
Problem conclusion
For 1), logic was added to clean up the hardware key that was being replaced.For 2), the debug trace statement was updated so that it will no longer attempt to print an object which is potentially null. . This APAR will be fixed in the following Java Releases: 6 SR16 FP4 (6.0.16.4) 7 SR9 (7.0.9.0) 6 R1 SR8 FP4 (6.1.8.4) 7 R1 SR3 (7.1.3.0) . Contact your IBM Product's Service Team for these Service Refreshes and Fix Packs. For those running stand-alone, information about the Service Refreshes and Fix Packs can be found at: https://www.ibm.com/developerworks/java/jdk/
Temporary fix
Comments
APAR Information
APAR number
IV68282
Reported component name
SECURITY
Reported component ID
620700125
Reported release
600
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2015-01-05
Closed date
2015-01-09
Last modified date
2015-01-09
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SECURITY
Fixed component ID
620700125
Applicable component levels
R600 PSY
UP
R260 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.0","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
Document Information
Modified date:
07 December 2020