I tried to initialized dynamically SunPKCS11 provider using OpenJDK 8 1.8.0_322 (on Linux) but get the following exception:
java.lang.ExceptionInInitializerError at AES256.init(AES256.java:26) at AES256.encrypt(AES256.java:76) at AES256Example.main(AES256Example.java:20) Caused by: java.lang.NullPointerException at sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:67)
the part of code that cause this issue:
File homedir = new File(System.getProperty("java.home"));
File fileToRead = new File(homedir, "/lib/security/nss.fips.cfg");
Provider p = new sun.security.pkcs11.SunPKCS11(fileToRead.getPath()); <<< this line causes exception
The content of nss.fips.cfg:
name = NSS-FIPS
nssLibraryDirectory = /usr/lib64
nssSecmodDirectory = sql:/etc/pki/nssdb
nssDbMode = readOnly
nssModule = fips
If I initialize SunPKCS11 with the same nss.fips.cfg it works correctly. The provider for SunPKCS11 is libsoftokn3.so.
What do I do wrong?
What is a solution of this issue?
Thanks very much for your efforts, but I found the cause of this issue.
The issue occurs because in Suse 15, the constructor of the SunPKCS11 class was changed.
The constructor tries to determine if system fips is enabled but the object used to perform this checking was not initialized. This object is initialized in "Security" class.