APAR status
Closed as program error.
Error description
When GerneralSecurityException (such as InvalidKeyExeption) is thrown in validation of the digital signature in xml, an incorrect instance of signature will be put to the cache for future use. When another validation is performed afterward, the cached signature object will be reused and NullPointerExeption will be thrown. In such situation, the signature object should not be cached for reuse. Affected JVMs: 6.0, 6.26, 7.0 Affected JAR: ibmxmlcrypto.jar
Local fix
Level 3 to update.
Problem summary
When GeneralSecurityException (such as InvalidKeyExeption) is thrown in validation of the digital signature in xml, an incorrect instance of signature will be put to the cache for future use. When another validation is performed afterward, the cached signature object will be reused and NullPointerExeption will be thrown. In such situation, the signature object should not be cached for reuse.
Problem conclusion
Affects ibmxmlcrypto.jar. Available in 6.0 SR11, 6.0_26 SR 3, and 7.0 SR 3 Jar build date: 120425
Temporary fix
Comments
APAR Information
APAR number
IV19948
Reported component name
JAVA SPEC REQUE
Reported component ID
TIVOXML00
Reported release
100
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2012-04-23
Closed date
2012-04-25
Last modified date
2012-04-26
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
JAVA SPEC REQUE
Fixed component ID
TIVOXML00
Applicable component levels
R100 PSY
UP
Rate this page:
Average rating
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.