Forum Stats

  • 3,838,261 Users
  • 2,262,349 Discussions


getKey throws an exception on multi-thread env even if it is synchronized

843811 Member Posts: 49,851
edited May 20, 2009 7:05AM in Cryptography

I got the following exception when I used KeyStore#getKey method on multi-thread environment. Given final block not properly padded
at com.sun.crypto.provider.SunJCE_z.a(DashoA13*..)
at com.sun.crypto.provider.JceKeyStore.engineGetKey(DashoA13*..)

This is similar to the topic "Is KeyStore thread safe?"(Jan 29, 2008 8:40 PM), I suppose.
In the topic, KeyStore#getKey should be synchronized because it isn't thread safe.
Therefore I synchronized it, but this problem still occurred.

I used the following program for a duration test.
About in 1 hour, the exception always occurs.


public class KeyStoreTest implements Runnable {

public final static String KSFILE = ".\\.jcekeystore"; // Please change here. Your "JCEKS" file name.
public static String sLock = "lock";

public static void main(String[] args) {
Thread[] threads;
int count = 20;
while (true) {
threads = new Thread[count];
for (int i = 0; i < count; i++) {
threads[i] = new Thread(new KeyStoreTest());
for (int i = 0; i < count; i++) {
if (threads[i].isAlive()) {
try {
} catch (InterruptedException e) {}

public void run() {
InputStream is = null;
try {
is = new FileInputStream(KSFILE);
Key key;
synchronized (sLock) {
//System.out.print("start - ");
KeyStore store = KeyStore.getInstance("jceks");
store.load(is, "12345678".toCharArray()); // Please change here. PIN code.
String alias = "alias"; // Please change here. Alias.
String keypassed = "keypasswd"; // Please change here. Key Password.
key = store.getKey(alias, keypassed.toCharArray());
} catch (Exception e) {
} finally {
if (is != null) {
try {
} catch (IOException e) {}
is = null;

I think there's no problem in my test program.
Do you have any information about the problem?

My test environment is below:
Java : jre1.6.0 update 13
OS : Windows XP

I tested this code with jre1.5.0 update 18, too.
But I didn't get the exception.

Masanori Hayashi


  • EJP
    EJP Member Posts: 32,920 Gold Crown
    You're using different KeyStore objects in every thread, so there is no apparent need for synchronization at all here.
  • 843811
    843811 Member Posts: 49,851
    Hello, ejp.

    Thank you for your advice.
    I tried the duration test without synchronization.
    But the problem still occurs.
    Therefore it seems that there would be some problem at Java side.

    Do you have any other informaiton?

  • 843811
    843811 Member Posts: 49,851
    XCon 2009 XFocus Information Security Conference Call for Paper
    August, 18th - 19th, 2009, Beijing, China (
    Upholding rigorous work style , Xcon sincerely welcomes contributions from information security technique enthusiasts and expects your participation and sharing.

    Anyone who loves information security, including information security experts and fans, network administrators, network security consultants, CIO, hacker technique fans.

    Location : Beijing kaiyuan Hotel ( )

    Topics Range (but unlimited):

    --- Security in new fields
    - Vista
    - Web 2.0
    - 3G/4G network
    - Mobile Handset (Symbian / IPhone / Android / Windows Mobile )
    - Banks & financial institutes
    - Business Information System
    - Virtualzation
    - New vulnerability discovering

    --- Application security
    - Web application vulnerability research
    - Application reverse engineering and related automated tools
    - Database security & attacks
    - Protocol security & exploitation
    - Advanced Trojans, worms and backdoor technique
    - Encryption & decryption technique
    - Routing device

    --- Intrusion detection/forensics analysis
    - File system analysis & recovery
    - Real-time data structure recovery
    - Reverse engineering (malicious code analysis technique, vulnerability research)
    - Intrusion detection and anti-detection technique
    - Traffic analysis

    --- Wireless & VoIP security
    - 802.11x, CDPD, Bluetooth, WAP/TDMA, GSM, SMS
    - PDA & mobile protocol analysis
    - Palm, Pocket Pc
    - Wireless gateway
    - VoIP security & vulnerability analysis
    - WLANs hardening & vulnerability analysis

    ---P2P technique
    - Instant messenger (MSN, Skype, ICQ, etc.)
    - P2P application (BT, Emule, Thunder, online multi-media, etc.)

    Paper Submission:
    The papers need include informations as follow:
    1) Brief introduction to the topic and whether the topic had been publicized, and if so, the publized range.
    2) Introduction to yourself .
    3) Contact information: full name, alias, nationality, network nickname, e-mail, tel, fax, current working place and company, IM (MSN, ICQ,YM, AIM or others).
    4) Presentation details:
    - how long is the presentation
    - if any new tool/vulnerability/exploit will be released
    5) The paper need include both PPT (for presentation) and WORD (for detailed description) in MS Office or OpenOffice format.

    All the papers will be submitted to [email protected] for preliminary selection. The deadline for submission is July,10th, 2009, and confirmed by the deadline July, 18th, 2009. No matter if the paper is accepted, we will officially inform you within 5 work days.

    Important dates
    * Deadline for submission : July,10th, 2009
    * Deadline for confirmation : July, 18th, 2009

    Speakers' privilege
    If your paper is accepted by XCon, you will be invited to give an individual lecture in XCon. The speakers will be provided with :
    - Round-trip plane ticket (Economy class, one person only, Foreign speakers up to $1,200 .)
    - Two days' food and accommodation
    - Invitation to celebration party
    - Sightseeing some famous places of interest in Beijing, tasting Chinese flavored food
    - Luck draw
    - Speakers must provide corresponding invoice or credential.
    - XCon owns the right of final explanation about the conference.

    For more information about the conference, please contact [email protected] or professional XCon2009 organizer. MSN: [email protected]; tel : 086-010-62029792

    Application for Attending:
    In order to attend the conference, please register at XCon website ( or directly contact the organizer mentioned above. We will offer different discounts according to the time of application.
    Attenders' food and accommodation will be covered by themselves, and XCon will provide restaurant reservation and other service.

    Other information :
    All the information about XCon will be released on XCon and Xfocus website. Please visit for more information about speakers, agenda and previous XCon documents.

    Thank you for your support to XCon.
  • 843811
    843811 Member Posts: 49,851
    Hi All,

    I reported this problem to the Bug Database.
    And, it was registered as a bug.

    If you got interested in this problem,
    please see

This discussion has been closed.