JDK-8170876 : NPE in JCE engine classes with java.security.debug=provider
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Affected Version: 9
  • Priority: P4
  • Status: Closed
  • Resolution: Fixed
  • Submitted: 2016-12-07
  • Updated: 2022-07-19
  • Resolved: 2016-12-20
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 8 JDK 9
8u351Fixed 9 b150Fixed
Related Reports
Relates :  
JDK-8165751 - NPE hit with java.security.debug=provider
Relates :  
JDK-8056026 - Debug security logging should print Provider used for each crypto operation
Description
Constructing/initializing/using some engine classes when java.security.debug=provider will result in a NullPointerException. 

Affected classes:
java/security/KeyStore
java/security/MessageDigest
java/security/SecureRandom
javax/crypto/KeyAgreement
javax/crypto/KeyGenerator
javax/crypto/Mac
javax/crypto/Cipher
(This issues causes javax/crypto/NullCipher/TestNPE.java to fail when java.security.debug=provider).
Comments
URL: http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/71e198ef3839 User: lana Date: 2016-12-21 16:40:05 +0000
21-12-2016
URL: http://hg.openjdk.java.net/jdk9/dev/jdk/rev/71e198ef3839 User: mullan Date: 2016-12-20 22:14:04 +0000
20-12-2016
This originates from JDK-8056026 where provider debug info was added. NPE is thrown at http://hg.openjdk.java.net/jdk9/jdk9/jdk/file/9098b2b9d997/src/java.base/share/classes/javax/crypto/Cipher.java#l1757. NullCipher doesn't have any provider associated with it.
08-12-2016