VOOZH about

URL: https://www.ibm.com/support/pages/apar/IJ52909

⇱ IJ52909: SECURERANDOM.GENERATESEED CRASHES WHEN IT IS CALLED WITH AN ARGUMENT OF 0

IJ52909: SECURERANDOM.GENERATESEED CRASHES WHEN IT IS CALLED WITH AN ARGUMENT OF 0

APAR status

  • Closed as program error.

Error description

  • Error Message: N/A
.
Stack Trace: <32e1200> !j9method 0x0000000001A945D0
com/ibm/security/capi/PRNG.generateSeed(I<OSB>B)<OSB>B //
native, passed 0, null
<32e1200> !j9method 0x0000000001A94650
com/ibm/security/capi/PRNG.engineGenerateSeed(I)<OSB>B // passed
0
<32e1200> !j9method 0x00000000014D7FD8
java/security/SecureRandom.generateSeed(I)<OSB>B // passed 0
<32e1200> !j9method 0x0000000001A89738
com/ibm/crypto/provider/aw.a(<OSB>B)V // passed a zero length
array
<32e1200> !j9method 0x0000000001A88FB0
com/ibm/crypto/provider/av.generateSeed(<OSB>B)V // passed a
zero length array
<32e1200> !j9method 0x0000000004DC93D0
com/ibm/crypto/provider/SHA1PRNGV2.engineGenerateSeed(I)<OSB>B
// passed 0
<32e1200> !j9method 0x00000000014D7FD8
java/security/SecureRandom.generateSeed(I)<OSB>B // passed 0
.
N/A

Local fix



Problem summary


    

  • The SecureRandom instance using the SHA1PRNG algorithm crashes
on the Windows platform when generateSeed is called with an
argument of 0.



Problem conclusion


    

  • IBMCAC has been updated to handle the 0 value when it is passed
as an argument to SecureRandom.generateSeed.
Binary affected ? ibmcac.jar
GIT Issues ? IBMCAC #49
RTC Problem Report ? 151855
Build version: Java 8 ? build_20241022?57
JVM to be delivered in ? JDK 8 SR8 FP40
.
This APAR will be fixed in the following Releases:
.
IBM Semeru Runtimes
IBM SDK, Java Technology Edition
 8 SR8 FP40 (8.0.8.40)
.
Downloads and supplementary documentation can be found at the
following locations:
- For non z/OS operating systems:
 - IBM Semeru Runtimes, Version 11 and later
 https://www.ibm.com/semeru-runtimes/downloads/
 - IBM SDK, Java Technology Edition, Version 8
 https://www.ibm.com/support/pages/java-sdk-downloads/
- For the z/OS operating system:
 - Java SDK Products on z/OS
 https://www.ibm.com/support/pages/java-sdk-products-zos



Temporary fix


    



Comments


    



APAR Information




    

  • APAR number
    IJ52909
    • 

  • Reported component name
    SECURITY
    • 

  • Reported component ID
    620700125
    • 

  • Reported release
    270
    • 

  • Status
    CLOSED PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2024-10-24
    • 

  • Closed date
    2024-10-26
    • 

  • Last modified date
    2024-10-26
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    SECURITY
    • 

  • Fixed component ID
    620700125
    • 



Applicable component levels







 
 
 
 

 [{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
 

 

 
 
 

 

 

 

 

 

 
Document Information


 

 

 Modified date:
 

 26 October 2024