IBM Support

IJ52777: SECURERANDOM.GENERATESEED CRASHES WHEN IT IS CALLED WITH AN ARGUMENT OF 0.

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • Error Message, as reported by customer: None.

Stack Trace, if applicable: <32e1200> !j9method
0x0000000001A945D0
com/ibm/security/capi/PRNG.generateSeed(I[B)[B // native, passed
0, null
<32e1200> !j9method 0x0000000001A94650
com/ibm/security/capi/PRNG.engineGenerateSeed(I)[B // passed 0
<32e1200> !j9method 0x00000000014D7FD8
java/security/SecureRandom.generateSeed(I)[B // passed 0
<32e1200> !j9method 0x0000000001A89738
com/ibm/crypto/provider/aw.a([B)V // passed a zero length array
<32e1200> !j9method 0x0000000001A88FB0
com/ibm/crypto/provider/av.generateSeed([B)V // passed a zero
length array
<32e1200> !j9method 0x0000000004DC93D0
com/ibm/crypto/provider/SHA1PRNGV2.engineGenerateSeed(I)[B //
passed 0
<32e1200> !j9method 0x00000000014D7FD8
java/security/SecureRandom.generateSeed(I)[B // passed 0
Other Error Information, as reported by customer: None.

Local fix

  • Workaround: None.

Problem summary

  • The SecureRandom instance using the SHA1PRNG algorithm crashes
on the Windows platform when generateSeed is called with an
argument of 0.

PROBLEM DESCRIPTION:

When constructing a SecureRandom instance using the SHA1PRNG
algorithm, calling the generateSeed method with an argument of 0

causes a crash on the Windows platform.

Problem conclusion

  • IBMCAC has been updated to handle the 0 value when it is passed
as an argument to SecureRandom.generateSeed

Binary affected  ibmcac.jar

GIT Issues  IBMCAC #49

RTC Problem Report  151855

Build version: Java 8  build_2024102257

JVM to be delivered in  JDK 8 SR8 FP40

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IJ52777
    • 

  • Reported component name
    TIV JAVA CRYPTO
    • 

  • Reported component ID
    TIVSECJCE
    • 

  • Reported release
    600
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2024-10-08
    • 

  • Closed date
    2024-10-25
    • 

  • Last modified date
    2024-10-25
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    TIV JAVA CRYPTO
    • 

  • Fixed component ID
    TIVSECJCE
    • 



Applicable component levels


    








      
              
                            

              

              [{"Business Unit":{"code":"BU029","label":"Software"},"Product":{"code":"SSWKFH","label":"Tivoli Components - Java Security"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"600"}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            25 October 2024
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback