Bug 1474664 - NPE in HttpClient utility output
NPE in HttpClient utility output
Status: CLOSED DUPLICATE of bug 1461528
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: pki-core (Show other bugs)
7.4
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: RHCS Maintainers
Asha Akkiangady
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-07-25 03:05 EDT by Geetika Kapoor
Modified: 2017-08-31 11:29 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-08-31 11:29:35 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Geetika Kapoor 2017-07-25 03:05:23 EDT
Description of problem:

NPE in HttpClient utility in below mentioned cases:

1. During cmc request if KRA is not reachable or is shutdown.
2. In case encryption is not set in KRA, so there is no common way to communicate between KRA and CA 

KRA rest info:
<KRAInfo><Attributes/><ArchivalMechanism>encrypt</ArchivalMechanism><EncryptAlgorithm>AES/CBC/PKCS5Padding</EncryptAlgorithm><RecoveryMechanism>encrypt</RecoveryMechanism><WrapAlgorithm>AES/CBC/PKCS5Padding</WrapAlgorithm></KRAInfo>

 CA rest info:
<CAInfo><Attributes/><ArchivalMechanism>encrypt</ArchivalMechanism><EncryptAlgorithm>AES/CBC/PKCS5Padding</EncryptAlgorithm><WrapAlgorithm>AES/CBC/PKCS5Padding</WrapAlgorithm></CAInfo>

3. if key wrap algorithm is not set correctly, HttpClient fails with NPE.



Version-Release number of selected component (if applicable):

pki-ca-10.4.1-11.el7.noarch

How reproducible:

always

Steps to Reproduce:
1. This can be easily reproduce by shutting down KRA subsystem and try to perform any CMC archival test case.Example: self signed
2.
3.

Actual results:

1. NPE

Expected results:


Additional info:

Failures and NPE:

[root@pki1 certs_db]# HttpClient user-signed/HttpClient-cmc-crmf.self.cfg

Total number of bytes read = 3425
after SSLSocket created, thread token is NSS FIPS 140-2 User Private Key
client cert is not null
handshake happened
writing to socket
Total number of bytes read = 234
PEhUTUw+CjxCT0RZIEJHQ09MT1I9d2hpdGU+CjxQPgpUaGUgQ2VydGlmaWNhdGUg
U3lzdGVtIGhhcyBlbmNvdW50ZXJlZCBhbiB1bnJlY292ZXJhYmxlIGVycm9yLgo8
UD4KRXJyb3IgTWVzc2FnZTo8QlI+CjxJPmphdmEubGFuZy5OdWxsUG9pbnRlckV4
Y2VwdGlvbjwvST4KPFA+ClBsZWFzZSBjb250YWN0IHlvdXIgbG9jYWwgYWRtaW5p
c3RyYXRvciBmb3IgYXNzaXN0YW5jZS4KPC9CT0RZPgo8L0hUTUw+Cg0K


The response in binary format is stored in user-signed/cmc.self.Resp

[root@pki1 certs_db]# cat user-signed/cmc.self.Resp
<HTML>
<BODY BGCOLOR=white>
<P>
The Certificate System has encountered an unrecoverable error.
<P>
Error Message:<BR>
<I>java.lang.NullPointerException</I>
<P>
Please contact your local administrator for assistance.
</BODY>
</HTML>
Comment 2 Christina Fu 2017-08-21 14:50:05 EDT
This looks like a duplicated bug for:
https://bugzilla.redhat.com/show_bug.cgi?id=1461528
which has just been fixed.
Comment 3 Matthew Harmsen 2017-08-31 11:29:35 EDT

*** This bug has been marked as a duplicate of bug 1461528 ***

Note You need to log in before you can comment on or make changes to this bug.