APAR status
Closed as program error.
Error description
Error Message: N/A . Stack Trace: CC_EVP_SignFinal+0x7c (0x0EA7F00C <OSB>libjgsk8iccs.so+0xf00c<CSB>) Java_com_ibm_crypto_plus_provider_icc_NativeInterface_SIGNATURE_ 1sign+0x1e8 (0x0EA28BFC <OSB>libjgskit.so+0x18bfc<CSB>)</ .
Local fix
Do not use non-FIPS140-2 compliant EC curves with IBMJCEPlusFIPS provider.
Problem summary
IBMJCEPlusFIPS provider fails during signature operations using non FIPS140-2 compliant EC keys.
Problem conclusion
The JVM has been updated so that IBMJCEPlusFIPS provider does not fail during EC crypto operations. The updated code, when non FIPS140-2 compliant curves are specified, throws an InvalidKeyException during signature generation. It also, during key pair generation, throws either an InvalidParameterException or a providerException with the message ?Curve not supported in FIPS? . The affected file: ibmjceplus.jar The associated Java Security GIT issues: 511 The associated RTC problem report is: 148863 The Java 8 build dates are: FIPS140-2 - Build-Date: 20230315 The fix was delivered for: Java 8.0 SR8 FP5 The JVMs affected: Java 8, SR5 FP10 or later. . This APAR will be fixed in the following Releases: . IBM SDK, Java Technology Edition 8 SR8 FP5 (8.0.8.5) . Contact your IBM Product's Service Team for these Service Refreshes and Fix Packs. For those running stand-alone, information about the available maintenance can be found at: https://www.ibm.com/support/pages/java-sdk
Temporary fix
Comments
APAR Information
APAR number
IJ45883
Reported component name
SECURITY
Reported component ID
620700125
Reported release
270
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2023-03-17
Closed date
2023-03-17
Last modified date
2023-03-17
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SECURITY
Fixed component ID
620700125
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
Document Information
Modified date:
18 March 2023