JDK-8169693 : Internal class doesn't work in environment with non-standard encoding
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Affected Version: 8
  • Priority: P3
  • Status: Closed
  • Resolution: Duplicate
  • OS: windows
  • CPU: x86_64
  • Submitted: 2016-11-13
  • Updated: 2017-10-12
  • Resolved: 2017-10-11
Related Reports
Duplicate :  
Description
FULL PRODUCT VERSION :
java version "1.8.0_102"
Java(TM) SE Runtime Environment (build 1.8.0_102-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.102-b14, mixed mode)

ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]

A DESCRIPTION OF THE PROBLEM :
Some internal classes doesn't work when OS uses ascii incompatible native encoding.

REGRESSION.  Last worked in version 7u80

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Run the code below with the following command

java -Dfile.encoding=UTF32-BE -cp . PemEncodingBugDemo




EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Empty output
ACTUAL -
Exception

ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.lang.ExceptionInInitializerError
	at javax.crypto.JceSecurity.loadPolicies(JceSecurity.java:317)
	at javax.crypto.JceSecurity.setupJurisdictionPolicies(JceSecurity.java:262)
	at javax.crypto.JceSecurity.access$000(JceSecurity.java:48)
	at javax.crypto.JceSecurity$1.run(JceSecurity.java:80)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:77)
	at javax.crypto.Cipher.getInstance(Cipher.java:515)
	at PemEncodingBugDemo.main(PemEncodingBugDemo.java:7)
Caused by: java.lang.SecurityException: Framework jar verification can not be initialized
	at javax.crypto.JarVerifier.<clinit>(JarVerifier.java:192)
	... 8 more
Caused by: java.security.PrivilegedActionException: java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: java.lang.IllegalArgumentException: Illegal base64 character 0
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.crypto.JarVerifier.<clinit>(JarVerifier.java:151)
	... 8 more
Caused by: java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: java.lang.IllegalArgumentException: Illegal base64 character 0
	at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:110)
	at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:339)
	at javax.crypto.JarVerifier.parseCertificate(JarVerifier.java:206)
	at javax.crypto.JarVerifier.access$100(JarVerifier.java:37)
	at javax.crypto.JarVerifier$1.run(JarVerifier.java:158)
	at javax.crypto.JarVerifier$1.run(JarVerifier.java:152)
	... 10 more
Caused by: java.io.IOException: java.lang.IllegalArgumentException: Illegal base64 character 0
	at sun.security.util.Pem.decode(Pem.java:49)
	at sun.security.provider.X509Factory.readOneBlock(X509Factory.java:638)
	at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:96)
	... 15 more
Caused by: java.lang.IllegalArgumentException: Illegal base64 character 0
	at java.util.Base64$Decoder.decode0(Base64.java:714)
	at java.util.Base64$Decoder.decode(Base64.java:526)
	at sun.security.util.Pem.decode(Pem.java:47)
	... 17 more


REPRODUCIBILITY :
This bug can be reproduced always.

---------- BEGIN SOURCE ----------
import javax.crypto.Cipher;

public class PemEncodingBugDemo {

    public static void main(String[] args) {
        try {
            if (!"UTF32-BE".equals(System.getProperty("file.encoding"))) {
                System.err.printf("This test must be run under command java -Dfile.encoding=UTF32-BE%n");
            }
            Cipher.getInstance("RC4");
        } catch (Throwable e) {
            e.printStackTrace();
        }
    }
}

---------- END SOURCE ----------

CUSTOMER SUBMITTED WORKAROUND :
Use ASCII-compatible native encoding to run java.


Comments
To reproduce the issue, run the attached test case with the argument "-Dfile.encoding=UTF32-BE". Following are the results on various JDK versions: JDK 7u80 - Pass JDK 8 - Fail JDK 8u112 - Fail JDK 8u122 ea - Fail JDK 9-ea + 141 - Pass Following is the output on JDK 8 and 8u versions: >java -showversion -Dfile.encoding=UTF32-BE JI9045358 java version "1.8.0_122-ea" Java(TM) SE Runtime Environment (build 1.8.0_122-ea-b01) Java HotSpot(TM) 64-Bit Server VM (build 25.122-b01, mixed mode) java.lang.ExceptionInInitializerError at javax.crypto.Cipher.getInstance(Cipher.java:515) at JI9045358.main(JI9045358.java:10) Caused by: java.lang.SecurityException: Can not initialize cryptographic mechanism at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:88) ... 2 more Caused by: java.lang.SecurityException: Cannot locate policy or framework files! at javax.crypto.JceSecurity.setupJurisdictionPolicies(JceSecurity.java:255) at javax.crypto.JceSecurity.access$000(JceSecurity.java:48) at javax.crypto.JceSecurity$1.run(JceSecurity.java:80) at java.security.AccessController.doPrivileged(Native Method) at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:77) ... 2 more For JDK 7u80 and JDK 9-ea+141 , no exception is thrown and the test case execution completes silently.
15-11-2016