TLSv1.2 with Bouncy Castle and RSAPSS throws NPE during ECDHServerKeyExchange on OpenJDK8 u272

Solution In Progress - Updated -

Issue

  • The following exception running Mule on OpenJDK 8 u272:
2021-02-26 15:12:39,624 [[bbus-esb-1.0.0].http.requester.HTTPS_Intesa.worker(9)] DEBUG org.glassfish.grizzly.ssl.SSLBaseFilter - Error during re-handshaking
java.lang.NullPointerException: null
        at org.bouncycastle.crypto.signers.PSSSigner.generateSignature(Unknown Source) ~[bcprov-jdk15on-1.56.jar:1.56.0]
        at org.bouncycastle.jcajce.provider.asymmetric.rsa.PSSSignatureSpi.engineSign(Unknown Source) ~[bcprov-jdk15on-1.56.jar:1.56.0]
        at java.security.Signature$Delegate.engineSign(Signature.java:1382) ~[?:1.8.0_275]
        at java.security.Signature.sign(Signature.java:698) ~[?:1.8.0_275]
        at sun.security.ssl.CertificateVerify$T12CertificateVerifyMessage.<init>(CertificateVerify.java:608) ~[?:1.8.0_275]
        at sun.security.ssl.CertificateVerify$T12CertificateVerifyProducer.produce(CertificateVerify.java:760) ~[?:1.8.0_275]
        at sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:421) ~[?:1.8.0_275]
        at sun.security.ssl.ServerHelloDone$ServerHelloDoneConsumer.consume(ServerHelloDone.java:182) ~[?:1.8.0_275]
        at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:377) ~[?:1.8.0_275]
        at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444) ~[?:1.8.0_275]
        at sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:968) ~[?:1.8.0_275]
        at sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:955) ~[?:1.8.0_275]
        at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_275]
        at sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:902) ~[?:1.8.0_275]
        at org.glassfish.grizzly.ssl.SSLUtils.executeDelegatedTask(SSLUtils.java:274) ~[grizzly-framework-2.3.33.jar:2.3.33]
  • When will the fix for JDK-8256252 be available in a RH build of OpenJDK?

Environment

  • OpenJDK
    • 8 u272
    • 11

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In