JDK-8164307 : sun/security/krb5/auto/EmptyPassword.java failed with IllegalArgumentException: EncryptionKey: Key bytes cannot be null
  • Type: Bug
  • Component: security-libs
  • Affected Version: 9
  • Priority: P3
  • Status: Resolved
  • Resolution: Duplicate
  • OS: solaris
  • CPU: x86_64,sparc_64
  • Submitted: 2016-08-18
  • Updated: 2016-08-19
  • Resolved: 2016-08-19
Related Reports
Duplicate :  
JDK-8164494 - SunPKCS11 requires a non-empty PBE password
Relates :  
JDK-8164398 - Add test sun/security/krb5/auto/EmptyPassword.java to ProblemList
Relates :  
JDK-6977937 - The SunJCE PBKDF2KeyImpl is requiring the MAC instance also be from SunJCE.
Description
This has been failing since fix of JDK-6977937. Please refer to the test output below:

----------System.out:(10/556)----------
Start KDC on 12541
-----------------------------------------------
>>>>> UDP packet received
RABBIT.HOLE> empty@RABBIT.HOLE sends AS-REQ for krbtgt/RABBIT.HOLE@RABBIT.HOLE, KDCOptions: FORWARDABLE,
-----------------------------------------------
>>>>> UDP packet received
RABBIT.HOLE> empty@RABBIT.HOLE sends AS-REQ for krbtgt/RABBIT.HOLE@RABBIT.HOLE, KDCOptions: FORWARDABLE,
-----------------------------------------------
>>>>> UDP packet received
RABBIT.HOLE> empty@RABBIT.HOLE sends AS-REQ for krbtgt/RABBIT.HOLE@RABBIT.HOLE, KDCOptions: FORWARDABLE,
----------System.err:(60/3879)----------
java.lang.RuntimeException: java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot be null!
	at KDC.keyForUser(KDC.java:634)
	at KDC.processAsReq(KDC.java:917)
	at KDC.processMessage(KDC.java:646)
	at KDC$1.run(KDC.java:1265)
Caused by: java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot be null!
	at sun.security.krb5.EncryptionKey.<init>(java.security.jgss@9-ea/EncryptionKey.java:208)
	at KDC.keyForUser(KDC.java:628)
	... 3 more
java.lang.RuntimeException: java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot be null!
	at KDC.keyForUser(KDC.java:634)
	at KDC.processAsReq(KDC.java:917)
	at KDC.processMessage(KDC.java:646)
	at KDC$1.run(KDC.java:1265)
Caused by: java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot be null!
	at sun.security.krb5.EncryptionKey.<init>(java.security.jgss@9-ea/EncryptionKey.java:208)
	at KDC.keyForUser(KDC.java:628)
	... 3 more
java.lang.RuntimeException: java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot be null!
	at KDC.keyForUser(KDC.java:634)
	at KDC.processAsReq(KDC.java:917)
	at KDC.processMessage(KDC.java:646)
	at KDC$1.run(KDC.java:1265)
Caused by: java.lang.IllegalArgumentException: EncryptionKey: Key bytes cannot be null!
	at sun.security.krb5.EncryptionKey.<init>(java.security.jgss@9-ea/EncryptionKey.java:208)
	at KDC.keyForUser(KDC.java:628)
	... 3 more
javax.security.auth.login.LoginException: Receive timed out
	at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(jdk.security.auth@9-ea/Krb5LoginModule.java:795)
	at com.sun.security.auth.module.Krb5LoginModule.login(jdk.security.auth@9-ea/Krb5LoginModule.java:581)
	at Context.fromUserPass(Context.java:168)
	at Context.fromUserPass(Context.java:136)
	at EmptyPassword.main(EmptyPassword.java:40)
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(java.base@9-ea/Native Method)
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(java.base@9-ea/NativeMethodAccessorImpl.java:62)
	at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(java.base@9-ea/DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(java.base@9-ea/Method.java:535)
	at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:110)
	at java.lang.Thread.run(java.base@9-ea/Thread.java:843)
Caused by: java.net.SocketTimeoutException: Receive timed out
	at java.net.PlainDatagramSocketImpl.receive0(java.base@9-ea/Native Method)
	at java.net.AbstractPlainDatagramSocketImpl.receive(java.base@9-ea/AbstractPlainDatagramSocketImpl.java:180)
	at java.net.DatagramSocket.receive(java.base@9-ea/DatagramSocket.java:814)
	at sun.security.krb5.internal.UDPClient.receive(java.security.jgss@9-ea/NetClient.java:205)
	at sun.security.krb5.KdcComm$KdcCommunication.run(java.security.jgss@9-ea/KdcComm.java:411)
	at sun.security.krb5.KdcComm$KdcCommunication.run(java.security.jgss@9-ea/KdcComm.java:364)
	at java.security.AccessController.doPrivileged(java.base@9-ea/Native Method)
	at sun.security.krb5.KdcComm.send(java.security.jgss@9-ea/KdcComm.java:348)
	at sun.security.krb5.KdcComm.sendIfPossible(java.security.jgss@9-ea/KdcComm.java:253)
	at sun.security.krb5.KdcComm.send(java.security.jgss@9-ea/KdcComm.java:229)
	at sun.security.krb5.KdcComm.send(java.security.jgss@9-ea/KdcComm.java:200)
	at sun.security.krb5.KrbAsReqBuilder.send(java.security.jgss@9-ea/KrbAsReqBuilder.java:326)
	at sun.security.krb5.KrbAsReqBuilder.action(java.security.jgss@9-ea/KrbAsReqBuilder.java:371)
	at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(jdk.security.auth@9-ea/Krb5LoginModule.java:753)
	... 10 more
Comments
Duplicate of JDK-8164494
19-08-2016
Mac from pkcs11 does not accept empty keys (key.getEncoded() being empty). http://hg.openjdk.java.net/jdk9/dev/jdk/file/b02d855edd76/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java#l232
19-08-2016
This failure looks only reproducible on Solaris X64/Sparcv9
19-08-2016
Vincent, please check if it is a regression by JDK-6977937
18-08-2016