000025193 - How to resolve ArrayIndexOutOfBoundsException received when using the CertJ.buildCertPath method in RSA BSAFE Cert-J

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025193
Applies ToRSA BSAFE Cert-J 1.0
RSA BSAFE Cert-J 1.8
This bug is in the savePathCtx method in the CertPathCommonImplementation class.  This method is an internal private method.
IssueHow to resolve ArrayIndexOutOfBoundsException received when using the CertJ.buildCertPath method in RSA BSAFE Cert-J
The function buildCertPath calls an internal function that copies the path context.  
When copying the policies it loops through the number of certs instead of the number of policies.
CauseThere is a bug in Cert-J 1.0 and 1.8.  The function buildCertPath calls an internal function that copies the path context.  However, when copying the policies it loops through the number of certs instead of the number of policies.  If these numbers are the same then no exception will occur.  It is only if these numbers are different that a problem happens.
ResolutionIn Cert-J 1.8 this bug should not appear (unless someone specifically calls this class) since Cert-J 1.8 uses the CertPathCommon class and the CertPathCommonImplementation class is not used.

There is a patch for this in Cert-J 1.0.  You can download the updated Cert-J class file from RSA SecurCare Online or contact support for the patched CertPathCommonImplementation class file.  If you want a patch for 1.8 you can contact Support to request that a patch for that version be created.  The best solution is to upgrade to the latest version of Cert-J.

This bug is fixed in Cert-J 2.0.
Legacy Article IDa3120

Attachments

    Outcomes