From a95fad89a0ebb66c21ad05ce7cd3aca58ee45b5d Mon Sep 17 00:00:00 2001
From: hierynomus <jeroen@javadude.nl>
Date: Tue, 20 Jan 2015 09:34:12 +0100
Subject: [PATCH] Fixed NPE in decrypt by passing in empty char[]

---
 .../net/schmizz/sshj/userauth/keyprovider/PKCS8KeyFile.java   | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/main/java/net/schmizz/sshj/userauth/keyprovider/PKCS8KeyFile.java b/src/main/java/net/schmizz/sshj/userauth/keyprovider/PKCS8KeyFile.java
index 3e65c49f..cc775faa 100644
--- a/src/main/java/net/schmizz/sshj/userauth/keyprovider/PKCS8KeyFile.java
+++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/PKCS8KeyFile.java
@@ -139,7 +139,9 @@ public class PKCS8KeyFile
                     JcePEMDecryptorProviderBuilder decryptorBuilder = new JcePEMDecryptorProviderBuilder();
                     decryptorBuilder.setProvider("BC");
                     try {
-                        passphrase = pwdf == null ? null : pwdf.reqPassword(resource);
+                        // Do not return null, as JcePEMDecryptorProviderBuilder$1$1.decrypt would throw an exception
+                        // in that case because it requires a 'password' (i.e. passphrase).
+                        passphrase = pwdf == null ? "".toCharArray() : pwdf.reqPassword(resource);
                         kp = pemConverter.getKeyPair(encryptedKeyPair.decryptKeyPair(decryptorBuilder.build(passphrase)));
                     } finally {
                         PasswordUtils.blankOut(passphrase);