# HG changeset patch # User vinnie # Date 1511251796 0 # Node ID a14bda2aebcf73a972ca18787a739f51f8de5558 # Parent ce5ccb4e793848a233a3ec111040f5239d03bcd0 8079129: NullPointerException in PKCS#12 Keystore in PKCS12KeyStore.java Reviewed-by: weijun diff -r ce5ccb4e7938 -r a14bda2aebcf src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java --- a/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Tue Nov 21 07:53:28 2017 +0000 +++ b/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Tue Nov 21 08:09:56 2017 +0000 @@ -1517,23 +1517,22 @@ Entry entry = entries.get(alias); // certificate chain - int chainLen = 1; - Certificate[] certs = null; + Certificate[] certs; if (entry instanceof PrivateKeyEntry) { PrivateKeyEntry keyEntry = (PrivateKeyEntry) entry; - if (keyEntry.chain == null) { - chainLen = 0; - } else { - chainLen = keyEntry.chain.length; - } - certs = keyEntry.chain; - + if (keyEntry.chain != null) { + certs = keyEntry.chain; + } else { + certs = new Certificate[0]; + } } else if (entry instanceof CertEntry) { - certs = new Certificate[]{((CertEntry) entry).cert}; + certs = new Certificate[]{((CertEntry) entry).cert}; + } else { + certs = new Certificate[0]; } - for (int i = 0; i < chainLen; i++) { + for (int i = 0; i < certs.length; i++) { // create SafeBag of Type CertBag DerOutputStream safeBag = new DerOutputStream(); safeBag.putOID(CertBag_OID); diff -r ce5ccb4e7938 -r a14bda2aebcf test/sun/security/pkcs12/StoreSecretKeyTest.java --- a/test/sun/security/pkcs12/StoreSecretKeyTest.java Tue Nov 21 07:53:28 2017 +0000 +++ b/test/sun/security/pkcs12/StoreSecretKeyTest.java Tue Nov 21 08:09:56 2017 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2015 Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,12 +23,14 @@ /* * @test - * @bug 8005408 + * @bug 8005408 8079129 * @summary KeyStore API enhancements */ import java.io.*; import java.security.*; +import java.security.cert.*; +import java.security.cert.Certificate; import java.util.*; import javax.crypto.*; import javax.crypto.spec.*; @@ -39,7 +41,9 @@ private final static String DIR = System.getProperty("test.src", "."); private static final char[] PASSWORD = "passphrase".toCharArray(); private static final String KEYSTORE = "keystore.p12"; - private static final String ALIAS = "my secret key"; + private static final String CERT = DIR + "/trusted.pem"; + private static final String ALIAS = "my trusted cert"; + private static final String ALIAS2 = "my secret key"; public static void main(String[] args) throws Exception { @@ -48,8 +52,13 @@ KeyStore keystore = KeyStore.getInstance("PKCS12"); keystore.load(null, null); - // Set entry + // Set trusted certificate entry + Certificate cert = loadCertificate(CERT); keystore.setEntry(ALIAS, + new KeyStore.TrustedCertificateEntry(cert), null); + + // Set secret key entry + keystore.setEntry(ALIAS2, new KeyStore.SecretKeyEntry(generateSecretKey("AES", 128)), new KeyStore.PasswordProtection(PASSWORD)); @@ -65,7 +74,7 @@ " entries"); } - KeyStore.Entry entry = keystore.getEntry(ALIAS, + KeyStore.Entry entry = keystore.getEntry(ALIAS2, new KeyStore.PasswordProtection(PASSWORD)); System.out.println("Retrieved entry: " + entry); @@ -82,4 +91,14 @@ generator.init(size); return generator.generateKey(); } + + private static Certificate loadCertificate(String certFile) + throws Exception { + X509Certificate cert = null; + try (FileInputStream certStream = new FileInputStream(certFile)) { + CertificateFactory factory = + CertificateFactory.getInstance("X.509"); + return factory.generateCertificate(certStream); + } + } }