VOOZH about

URL: https://www.ibm.com/support/pages/apar/IJ25917

⇱ IJ25917: IN CERTAIN INSTANCES, IBMJCEPLUS PROVIDER THROWS EXCEPTION FROM KEYFACTORY CLASS

IJ25917: IN CERTAIN INSTANCES, IBMJCEPLUS PROVIDER THROWS EXCEPTION FROM KEYFACTORY CLASS

APAR status

  • Closed as program error.

Error description

  • Error Message: During RSAPrivateKey generation, without
RSAPrivateKey CRT parameters, the IBMJCEPlus provider, throws
java.security.spec.InvalidKeySpecException: Inappropriate key
specification.
 KeyPairGenerator.getInstance("DiffieHellman","IBMJCEPlus").getA
lgorithm() API does not return "DiffieHellman".
.
Stack Trace: Exception from RSA Key Factory:
java.security.spec.InvalidKeySpecException: Inappropriate key
specification
 at
com.ibm.crypto.plus.provider.RSAKeyFactory.engineGeneratePrivate
(RSAKeyFactory.java:16)
 at
java.security.KeyFactory.generatePrivate(KeyFactory.java:377)
Exception from DHKey Factory:
java.security.ProviderException: Failure in DHPublicKey
 at
com.ibm.crypto.plus.provider.IBMJCEPlus.a(IBMJCEPlus.java:79)
 at
com.ibm.crypto.plus.provider.DHPublicKey.<init>(DHPublicKey.java
:90)
 at
com.ibm.crypto.plus.provider.DHKeyFactory.engineGeneratePublic(D
HKeyFactory.java:15)
 at
java.security.KeyFactory.generatePublic(KeyFactory.java:339)
.
None

Local fix



Problem summary


    

  • In certain instances, IBMJCEPlus provider throws exception from
KeyFactory class



Problem conclusion


    

  • The JVM has been updated so that the failures do not occur.
RSAPrivateKey can be generated without CRT parameters.
KeyPairGenerator.getInstance("DiffieHellman","IBMJCEPlus").getAl
gorithm() returns "DiffieHellman".
The associated Hursley RTC Problem Report is 143652
The associated Austin GitHub tasks: 308, 309
JVMs affected is Java 8.0
The fix was delivered for Java 8.0 SR6 FP15.
Affected file: ibmjceplus.jar (Build-Date: 20200618)
Co-requisites:
gskit.dll on Windows - 20200620
libjgskit.so on non Windows 20200619, 20200620
ibmjceprovider.jar (Austin Build-Level: 20200609-326)
ibmjcefw.jar (Build-Level: 200602-85)
.
This APAR will be fixed in the following Java Releases:
 8 SR6 FP15 (8.0.6.15)
.
Contact your IBM Product's Service Team for these Service
Refreshes and Fix Packs.
For those running stand-alone, information about the available
Service Refreshes and Fix Packs can be found at:
 https://www.ibm.com/developerworks/java/jdk/



Temporary fix


    



Comments


    



APAR Information




    

  • APAR number
    IJ25917
    • 

  • Reported component name
    SECURITY
    • 

  • Reported component ID
    620700125
    • 

  • Reported release
    270
    • 

  • Status
    CLOSED PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2020-06-26
    • 

  • Closed date
    2020-07-30
    • 

  • Last modified date
    2020-07-30
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    SECURITY
    • 

  • Fixed component ID
    620700125
    • 



Applicable component levels







 
 
 
 

 [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
 

 

 
 
 

 

 

 

 

 

 
Document Information


 

 

 Modified date:
 

 31 July 2020