VOOZH about

URL: https://www.ibm.com/support/pages/apar/IV84129

⇱ IV84129: NULLPOINTEREXCEPTION WITH JSSE/FIPS IN JAVA 8

IV84129: NULLPOINTEREXCEPTION WITH JSSE/FIPS IN JAVA 8

APAR status

  • Closed as program error.

Error description

  • Error Message: When enabling FIPS in Java 8, a
NullPointerException is seen while performing SSL connection.
.
Stack Trace: java.lang.NullPointerException
 at com.ibm.crypto.fips.provider.GCTR.gcm_ad(Unknown Source)
 at com.ibm.crypto.fips.provider.AESGCMCrypt.c(Unknown
Source)
 at com.ibm.crypto.fips.provider.AESGCMCipher.a(Unknown
Source)
 at
com.ibm.crypto.fips.provider.AESGCMCipher.engineDoFinal(Unknown
Source)
 at javax.crypto.CipherSpi.bufferCrypt(Unknown Source)
 at javax.crypto.CipherSpi.engineDoFinal(Unknown Source)
 at javax.crypto.Cipher.doFinal(Unknown Source)
 at com.ibm.jsse2.CipherBox.decrypt(CipherBox.java:587)
 at
com.ibm.jsse2.EngineInputRecord.decrypt(EngineInputRecord.java:1
93)
 at
com.ibm.jsse2.SSLEngineImpl.readRecord(SSLEngineImpl.java:1024)
 at
com.ibm.jsse2.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:957
)
 at
com.ibm.jsse2.SSLEngineImpl.unwrap(SSLEngineImpl.java:831)
 at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:619)
.

Local fix



Problem summary


    

  • Problem in handling ByteBuffer with non-zero pos



Problem conclusion


    

  • The fix is to copy the input data to be processed to a newly
created array and then perform the encryption/decryption on the
newly created array,
The associated RTC PR is 111196
The associated Austin CMVC defect is 117225
The associated Austin APAR is IV83436
JVMs affected : Java 8.0
The fix was delivered for Java 8.0 SR3 FP10
The affected jar is "ibmjsseprovider2.jar".
The build level of this jar for the affected releases is
"20160420"
.
This APAR will be fixed in the following Java Releases:
 8 SR3 FP10 (8.0.3.10)
.
Contact your IBM Product's Service Team for these Service
Refreshes and Fix Packs.
For those running stand-alone, information about the available
Service Refreshes and Fix Packs can be found at:
 https://www.ibm.com/developerworks/java/jdk/



Temporary fix


    



Comments


    



APAR Information




    

  • APAR number
    IV84129
    • 

  • Reported component name
    SECURITY
    • 

  • Reported component ID
    620700125
    • 

  • Reported release
    270
    • 

  • Status
    CLOSED PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2016-04-25
    • 

  • Closed date
    2016-04-25
    • 

  • Last modified date
    2016-04-25
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 




    

  • Fixed component name
    SECURITY
    • 

  • Fixed component ID
    620700125
    • 



Applicable component levels


    

  • R270 PSY
       UP
    • 







 
 
 
 

 [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
 

 

 
 
 

 

 

 

 

 

 
Document Information


 

 

 Modified date:
 

 07 December 2020