IBM Support

PM79176: RAW KEY DATA IS ZEROED OUT BY THE FINALIZER BEFORE GETENCODED() COMPLETES.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Error Message: Refer to the stack tract below.
.
Stack Trace: java.security.UnrecoverableKeyException: Given
final block not properly padded
    at com.ibm.crypto.provider.y.a(Unknown Source)
    at
com.ibm.crypto.provider.PKCS12KeyStore.engineGetKey(Unknown
Source)
    at java.security.KeyStore.getKey(KeyStore.java:191)
    at com.ibm.jsse2.xc.<init>(xc.java:40)
    at com.ibm.jsse2.jc$a_.engineInit(jc$a_.java:10)
    at
javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:9)
    at
com.ibm.ws.ssl.provider.AbstractJSSEProvider.getKeyTrustManagers
(AbstractJSSEProvider.java:489)
    at
com.ibm.ws.ssl.provider.AbstractJSSEProvider.generateNewSSLConte
xt(AbstractJSSEProvider.java:204)
    at
com.ibm.ws.ssl.provider.AbstractJSSEProvider.getSSLContext(Abstr
actJSSEProvider.java:186)
    at
com.ibm.ws.ssl.provider.AbstractJSSEProvider.getSSLSocketFactory
(AbstractJSSEProvider.java:893)
    at
com.ibm.websphere.ssl.JSSEHelper.getSSLSocketFactory(JSSEHelper.
java:605)
    at
com.ibm.websphere.ssl.protocol.SSLSocketFactory.<init>(SSLSocket
Factory.java:96)
    at java.lang.J9VMInternals.newInstanceImpl(Native Method)
    at java.lang.Class.newInstance(Class.java:1345)
.

Local fix

  • 



Problem summary


    

  • Raw key data is zeroed out by finalizer when being referenced by
caller code.

    



Problem conclusion


    

  • This defect will be fixed in:
7.0.0 SR4
6.0.1 SR5
6.0.0 SR13
5.0.0 SR16
1.4.2 SR14
.
Added "synchronized" declaration for methods that referencs the
raw key data.
JVMs affected: 1.4.2 SR14, 5.0 SR16, 6.0 SR13, 6.26 SR5, and 7.0
SR4.
Jars affected: ibmjceprovider.jar.
Hursley defect 195261
Austin defect 113420

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    PM79176
    • 

  • Reported component name
    JAVA(1.3/1.4 CO
    • 

  • Reported component ID
    5648C9800
    • 

  • Reported release
    42A
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2012-12-13
    • 

  • Closed date
    2013-01-03
    • 

  • Last modified date
    2013-01-03
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    
IV33474
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    JAVA(1.3/1.4 CO
    • 

  • Fixed component ID
    5648C9800
    • 



Applicable component levels


    

  • R42A  PSY
       UP
    • 

  • R42L  PSY
       UP
    • 

  • R42W  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SUPPORT","label":"IBM Worldwide Support"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1.4.2","Edition":"","Line of Business":{"code":"","label":""}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            09 February 2022
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback