United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-7047200 keytool safe store (was Misleading error message)
JDK-7047200 : keytool safe store (was Misleading error message)

Details
Type:
Bug
Submit Date:
2011-05-22
Status:
Closed
Updated Date:
2012-09-04
Project Name:
JDK
Resolved Date:
2012-09-04
Component:
security-libs
OS:
windows_xp
Sub-Component:
java.security
CPU:
x86
Priority:
P4
Resolution:
Fixed
Affected Versions:
6u25
Fixed Versions:

Related Reports
Backport:

Sub Tasks

Description
FULL PRODUCT VERSION :
java version "1.6.0_25"
Java(TM) SE Runtime Environment (build 1.6.0_25-b06)
Java HotSpot(TM) Client VM (build 20.0-b11, mixed mode, sharing)



ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.



A DESCRIPTION OF THE PROBLEM :
Why is an error being generated after I key in the password twice?
 


REGRESSION.  Last worked in version 6u25

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Command Line
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Jon>keytool -genkeypair -v -protected -alias jon -file
certif.file
What is your first and last name?
[Unknown]: Jon C.
What is the name of your organizational unit?
[Unknown]: @Jon's
What is the name of your organization?
[Unknown]: @Jon's
What is the name of your City or Locality?
[Unknown]: Birkirkara
What is the name of your State or Province?
[Unknown]: Malta(EU)
What is the two-letter country code for this unit?
[Unknown]: MT
Is CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT correct?
[no]: yes

Generating 1,024 bit DSA key pair and self-signed certificate (SHA1withDSA) with
a validity of 90 days
for: CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT
Enter key password for <jon>
(RETURN if same as keystore password):
Re-enter new password:
[Storing C:\Documents and Settings\Jon\.keystore]


EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
PKI should be generated
ACTUAL -
Error message is displayed.

ERROR MESSAGES/STACK TRACES THAT OCCUR :
keytool error: java.lang.IllegalArgumentException: password can't be null
java.lang.IllegalArgumentException: password can't be null
at sun.security.provider.JavaKeyStore.engineStore(JavaKeyStore.java:508)

at sun.security.provider.JavaKeyStore$JKS.engineStore(JavaKeyStore.java:
38)
at java.security.KeyStore.store(KeyStore.java:1117)
at sun.security.tools.KeyTool.doCommands(KeyTool.java:901)
at sun.security.tools.KeyTool.run(KeyTool.java:171)
at sun.security.tools.KeyTool.main(KeyTool.java:165)

REPRODUCIBILITY :
This bug can be reproduced always.

                                    

Comments
EVALUATION

This is mainly a user error:

> keytool -genkeypair -v -protected -alias jon -file certif.file

1. Does the user intent to create a new keystore certif.file? If so, please use "-keystore certif.file".

2. The default keystore type at the moment, JKS, is file-based. So, do not specify "-protected". This option is for token-based keystores which has their own special protection mechanism.

Having said that, we can enhance keytool to deal with this user input error more friendly.
                                     
2011-06-29
EVALUATION

http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0e6076fed003
                                     
2011-09-09



Hardware and Software, Engineered to Work Together