VOOZH about

URL: https://www.ibm.com/support/pages/apar/IJ52919

⇱ IJ52919: REUSING A PBE CIPHER INSTANCE WITHOUT PROVIDING ALGORITHMPARAMETERS THROWS INVALIDALGORITHMPARAMETEREXCEPTION

IJ52919: REUSING A PBE CIPHER INSTANCE WITHOUT PROVIDING ALGORITHMPARAMETERS THROWS INVALIDALGORITHMPARAMETEREXCEPTION

APAR status

  • Closed as program error.

Error description

  • Error Message: Unexpected error:
java.security.InvalidKeyException:

java.security.InvalidAlgorithmParameterException: Parameters
 missing
.
Stack Trace: Caused by:
java.security.InvalidAlgorithmParameterException:
 Parameters missing at

com.ibm.crypto.plus.provider.PBE2Cipher.engineInit(PBE2Cipher.ja
va:111)
 at

com.ibm.crypto.plus.provider.PBE2Cipher.engineInit(PBE2Cipher.ja
va:192)
.

Local fix

  • Get the AlgorithmParameters from the Cipher instance after the
first
 init call. Provide those AlgorithmParameters to the
subsequent init
 calls.

Problem summary

  • The problem is caused when an instance of a PBE2 cipher is
 initialized to encrypt and then the same instance is
initialized
 again without providing the algorithm parameters.

Problem conclusion

  • The PBE2 cipher has been corrected to use the algorithm
parameters
 provided or generated during the first
initialization of the
 instance when the same instance is initialized for
decryption and no
 algorithm parameters.
 IBMJCEPlus.jar was updated so PBE2 cipher instances
will use the
 initial algorithm parmeters during subsequent
initializations when
 those parameters are not provided by the caller The
associated
 Hursley RTC Problem Report is 151927 The associated
Austin GIT
 defect is IBMJCEPlus#716 The associated Austin APAR
is IJ52595 JVMs
 affected: Java 8.0 The fix was delivered for Java 8
sr8 fp40 The
 affected jar is "ibmjceplus.jar". The build level of
this jar for
 the affected releases is Java 8 20241017

.
This APAR will be fixed in the following Releases:
.
IBM Semeru Runtimes
IBM SDK, Java Technology Edition
 8 SR8 FP40 (8.0.8.40)
.
Downloads and supplementary documentation can be found at the
following locations:
- For non z/OS operating systems:
 - IBM Semeru Runtimes, Version 11 and later
 https://www.ibm.com/semeru-runtimes/downloads/
 - IBM SDK, Java Technology Edition, Version 8
 https://www.ibm.com/support/pages/java-sdk-downloads/
- For the z/OS operating system:
 - Java SDK Products on z/OS
 https://www.ibm.com/support/pages/java-sdk-products-zos

Temporary fix



Comments


    



APAR Information




    

  • APAR number
    IJ52919
    • 

  • Reported component name
    SECURITY
    • 

  • Reported component ID
    620700125
    • 

  • Reported release
    270
    • 

  • Status
    CLOSED PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2024-10-25
    • 

  • Closed date
    2024-10-30
    • 

  • Last modified date
    2024-10-30
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    SECURITY
    • 

  • Fixed component ID
    620700125
    • 



Applicable component levels







 
 
 
 

 [{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
 

 

 
 
 

 

 

 

 

 

 
Document Information


 

 

 Modified date:
 

 30 October 2024