From 03f2ab325d30b74095f8abec8dbe09def27950c7 Mon Sep 17 00:00:00 2001 From: Valerie Peng Date: Fri, 21 Aug 2020 03:09:42 +0000 Subject: [PATCH] 8246383: NullPointerException in JceSecurity.getVerificationResult when using Entrust provider Removed the static SecureRandom object in JceSecurity whose instantion caused NPE Reviewed-by: xuelei --- .../java/security/AlgorithmParameterGenerator.java | 7 ++++--- src/java.base/share/classes/javax/crypto/Cipher.java | 8 ++++---- .../share/classes/javax/crypto/JceSecurity.java.template | 5 +---- .../share/classes/javax/crypto/KeyAgreement.java | 6 +++--- .../share/classes/javax/crypto/KeyGenerator.java | 6 +++--- 5 files changed, 15 insertions(+), 17 deletions(-) diff --git a/src/java.base/share/classes/java/security/AlgorithmParameterGenerator.java b/src/java.base/share/classes/java/security/AlgorithmParameterGenerator.java index ab7ec2deb93..13e9eaa2126 100644 --- a/src/java.base/share/classes/java/security/AlgorithmParameterGenerator.java +++ b/src/java.base/share/classes/java/security/AlgorithmParameterGenerator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,6 +27,7 @@ package java.security; import java.security.spec.AlgorithmParameterSpec; import java.util.Objects; +import sun.security.jca.JCAUtil; /** * The {@code AlgorithmParameterGenerator} class is used to generate a @@ -308,7 +309,7 @@ public class AlgorithmParameterGenerator { * @param size the size (number of bits). */ public final void init(int size) { - paramGenSpi.engineInit(size, new SecureRandom()); + paramGenSpi.engineInit(size, JCAUtil.getSecureRandom()); } /** @@ -339,7 +340,7 @@ public class AlgorithmParameterGenerator { */ public final void init(AlgorithmParameterSpec genParamSpec) throws InvalidAlgorithmParameterException { - paramGenSpi.engineInit(genParamSpec, new SecureRandom()); + paramGenSpi.engineInit(genParamSpec, JCAUtil.getSecureRandom()); } /** diff --git a/src/java.base/share/classes/javax/crypto/Cipher.java b/src/java.base/share/classes/javax/crypto/Cipher.java index ecabcce29cd..7a2580cd9b5 100644 --- a/src/java.base/share/classes/javax/crypto/Cipher.java +++ b/src/java.base/share/classes/javax/crypto/Cipher.java @@ -1233,7 +1233,7 @@ public class Cipher { * by the underlying {@code CipherSpi}. */ public final void init(int opmode, Key key) throws InvalidKeyException { - init(opmode, key, JceSecurity.RANDOM); + init(opmode, key, JCAUtil.getSecureRandom()); } /** @@ -1372,7 +1372,7 @@ public class Cipher { public final void init(int opmode, Key key, AlgorithmParameterSpec params) throws InvalidKeyException, InvalidAlgorithmParameterException { - init(opmode, key, params, JceSecurity.RANDOM); + init(opmode, key, params, JCAUtil.getSecureRandom()); } /** @@ -1513,7 +1513,7 @@ public class Cipher { public final void init(int opmode, Key key, AlgorithmParameters params) throws InvalidKeyException, InvalidAlgorithmParameterException { - init(opmode, key, params, JceSecurity.RANDOM); + init(opmode, key, params, JCAUtil.getSecureRandom()); } /** @@ -1659,7 +1659,7 @@ public class Cipher { public final void init(int opmode, Certificate certificate) throws InvalidKeyException { - init(opmode, certificate, JceSecurity.RANDOM); + init(opmode, certificate, JCAUtil.getSecureRandom()); } /** diff --git a/src/java.base/share/classes/javax/crypto/JceSecurity.java.template b/src/java.base/share/classes/javax/crypto/JceSecurity.java.template index b3aa210fc41..a54f794d03e 100644 --- a/src/java.base/share/classes/javax/crypto/JceSecurity.java.template +++ b/src/java.base/share/classes/javax/crypto/JceSecurity.java.template @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -75,11 +75,8 @@ import sun.security.util.Debug; final class JceSecurity { - private static final Debug debug = Debug.getInstance("jca"); - static final SecureRandom RANDOM = new SecureRandom(); - // The defaultPolicy and exemptPolicy will be set up // in the static initializer. private static CryptoPermissions defaultPolicy = null; diff --git a/src/java.base/share/classes/javax/crypto/KeyAgreement.java b/src/java.base/share/classes/javax/crypto/KeyAgreement.java index 96d78d0d32c..6435f66c29b 100644 --- a/src/java.base/share/classes/javax/crypto/KeyAgreement.java +++ b/src/java.base/share/classes/javax/crypto/KeyAgreement.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -446,7 +446,7 @@ public class KeyAgreement { * has an incompatible algorithm type. */ public final void init(Key key) throws InvalidKeyException { - init(key, JceSecurity.RANDOM); + init(key, JCAUtil.getSecureRandom()); } /** @@ -514,7 +514,7 @@ public class KeyAgreement { public final void init(Key key, AlgorithmParameterSpec params) throws InvalidKeyException, InvalidAlgorithmParameterException { - init(key, params, JceSecurity.RANDOM); + init(key, params, JCAUtil.getSecureRandom()); } private String getProviderName() { diff --git a/src/java.base/share/classes/javax/crypto/KeyGenerator.java b/src/java.base/share/classes/javax/crypto/KeyGenerator.java index d365ebe89f9..511d46c76ac 100644 --- a/src/java.base/share/classes/javax/crypto/KeyGenerator.java +++ b/src/java.base/share/classes/javax/crypto/KeyGenerator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -449,7 +449,7 @@ public class KeyGenerator { public final void init(AlgorithmParameterSpec params) throws InvalidAlgorithmParameterException { - init(params, JceSecurity.RANDOM); + init(params, JCAUtil.getSecureRandom()); } /** @@ -513,7 +513,7 @@ public class KeyGenerator { * supported. */ public final void init(int keysize) { - init(keysize, JceSecurity.RANDOM); + init(keysize, JCAUtil.getSecureRandom()); } /**