FULL PRODUCT VERSION :
java version "1.6.0_18"
Java(TM) SE Runtime Environment (build 1.6.0_18-b07)
Java HotSpot(TM) Client VM (build 16.0-b13, mixed mode, sharing)

ADDITIONAL OS VERSION INFORMATION :
Windows XP SP3

A DESCRIPTION OF THE PROBLEM :
When timestamping a request jarsigner crashes with a null pointer exception:

jarsigner error: java.lang.NullPointerException
java.lang.NullPointerException
        at sun.security.tools.TimestampedSigner.generateTimestampToken(Timestamp
edSigner.java:346)
        at sun.security.tools.TimestampedSigner.generateSignedData(TimestampedSi
gner.java:211)
        at sun.security.tools.SignatureFile$Block.<init>(JarSigner.java:1979)
        at sun.security.tools.SignatureFile.generateBlock(JarSigner.java:1876)
        at sun.security.tools.JarSigner.signJar(JarSigner.java:1024)
        at sun.security.tools.JarSigner.run(JarSigner.java:203)
        at sun.security.tools.JarSigner.main(JarSigner.java:74)

The reason seems to be that line 376/377 extracts the keyPurposes.
keyPurposes = cert.getExtendedKeyUsage();

The keyPurposes variable is null after this statement. The certificate used for timestamping defininitely has the extendedKeyUsage Fields set and it includes the KP_TIMESTAMPING_OID OID.


  To make this reproducible, I captured the network traffic that is sent from the timestamp-server and try to attach the pcap file as well as the certificate used for timestamping.


STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Use jarsigner to sign and timestamp a jar-file with the attached certificate.


EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Jar file gets timestamped correctly, extended key usage can be extracted correctly from the timestamp server reply.
ACTUAL -
see description, jarsigner crashes because the extended key usage field can't be extracted correctly.

ERROR MESSAGES/STACK TRACES THAT OCCUR :
see description

REPRODUCIBILITY :
This bug can be reproduced always.

CUSTOMER SUBMITTED WORKAROUND :
unknown