APAR status
Closed as program error.
Error description
Error Message: N/A . Stack Trace: java.security.ProviderException: Failure in engineUpdate at com.ibm.crypto.plus.provider.IBMJCEPlus.a(IBMJCEPlus.java:79) at com.ibm.crypto.plus.provider.q.engineUpdate(q.java:39) at java.security.MessageDigest$Delegate.engineUpdate(MessageDigest. java:595) at java.security.MessageDigest.update(MessageDigest.java:336) at java.security.DigestOutputStream.write(DigestOutputStream.java:1 58) at java.io.DataOutputStream.write(DataOutputStream.java:118) at java.io.DataOutputStream.writeUTF(DataOutputStream.java:413) at java.io.DataOutputStream.writeUTF(DataOutputStream.java:335) at sun.rmi.server.Util.computeMethodHash(Util.java:383) at sun.rmi.server.UnicastServerRef$HashToMethod_Maps.computeValue(U nicastServerRef.java:617) at sun.rmi.server.UnicastServerRef$HashToMethod_Maps.computeValue(U nicastServerRef.java:590) at sun.rmi.server.WeakClassHashMap.get(WeakClassHashMap.java:86) at sun.rmi.server.UnicastServerRef.exportObject(UnicastServerRef.ja va:255) at sun.rmi.registry.RegistryImpl.setup(RegistryImpl.java:225) at sun.rmi.registry.RegistryImpl.access$100(RegistryImpl.java:91) at sun.rmi.registry.RegistryImpl$2.run(RegistryImpl.java:201) at sun.rmi.registry.RegistryImpl$2.run(RegistryImpl.java:198) at java.security.AccessController.doPrivileged(AccessController.jav a:942) at sun.rmi.registry.RegistryImpl.<init>(RegistryImpl.java:198) at sun.rmi.registry.RegistryImpl$5.run(RegistryImpl.java:504) at sun.rmi.registry.RegistryImpl$5.run(RegistryImpl.java:502) at java.security.AccessController.doPrivileged(AccessController.jav a:770) at sun.rmi.registry.RegistryImpl.main(RegistryImpl.java:501) .
Local fix
The default policy file JAVA_HOME/jre/lib/security/java.policy file specifies the default permissions: Modify JAVA_HOME/jre/lib/security/java.policy to grant additional permissions: permission java.lang.RuntimePermission "accessDeclaredMembers"; permission java.lang.RuntimePermission "accessClassInPackage.sun.misc"; permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
Problem summary
IBMJCEPlus fails, when the security manager is enabled, with the default permissions specified in JAVA_HOME/jre/lib/security/java.policy file.
Problem conclusion
The JVM has been updated so that IBMJCEPlus does not fail, when the security manager is enabled, with default permissions, specified in JAVA_HOME/jre/lib/security/java.policy file. The associated Hursley RTC Problem Report is 143661 The associated Austin GitHub task is 313 JVMs affected is Java 8.0 The fix was delivered for Java 8.0 SR6 FP15. Affected file: ibmjceplus.jar (Build Date: 20200618) Co-requisites: gskit.dll on Windows - Build-Date: 20200620 libjgskit.so on non-Windows - Build Date: 20200619, 20200620 ibmjceprovider.jar (Austin Build-Level: 20200609-326) ibmjcefw.jar (Build-Level: 200602-85) . This APAR will be fixed in the following Java Releases: 8 SR6 FP15 (8.0.6.15) . Contact your IBM Product's Service Team for these Service Refreshes and Fix Packs. For those running stand-alone, information about the available Service Refreshes and Fix Packs can be found at: https://www.ibm.com/developerworks/java/jdk/
Temporary fix
Comments
APAR Information
APAR number
IJ25896
Reported component name
SECURITY
Reported component ID
620700125
Reported release
270
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2020-06-25
Closed date
2020-08-27
Last modified date
2020-08-27
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SECURITY
Fixed component ID
620700125
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
Document Information
Modified date:
28 August 2020