Details
-
Bug
-
Resolution: Fixed
-
P4
-
6u18
-
b03
-
x86
-
windows_xp
Backports
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2191468 | 7 | Weijun Wang | P4 | Closed | Fixed | b91 |
Description
FULL PRODUCT VERSION :
java version "1.6.0_18"
Java(TM) SE Runtime Environment (build 1.6.0_18-b07)
Java HotSpot(TM) Client VM (build 16.0-b13, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Windows XP SP3
A DESCRIPTION OF THE PROBLEM :
When timestamping a request jarsigner crashes with a null pointer exception:
jarsigner error: java.lang.NullPointerException
java.lang.NullPointerException
at sun.security.tools.TimestampedSigner.generateTimestampToken(Timestamp
edSigner.java:346)
at sun.security.tools.TimestampedSigner.generateSignedData(TimestampedSi
gner.java:211)
at sun.security.tools.SignatureFile$Block.<init>(JarSigner.java:1979)
at sun.security.tools.SignatureFile.generateBlock(JarSigner.java:1876)
at sun.security.tools.JarSigner.signJar(JarSigner.java:1024)
at sun.security.tools.JarSigner.run(JarSigner.java:203)
at sun.security.tools.JarSigner.main(JarSigner.java:74)
The reason seems to be that line 376/377 extracts the keyPurposes.
keyPurposes = cert.getExtendedKeyUsage();
The keyPurposes variable is null after this statement. The certificate used for timestamping defininitely has the extendedKeyUsage Fields set and it includes the KP_TIMESTAMPING_OID OID.
To make this reproducible, I captured the network traffic that is sent from the timestamp-server and try to attach the pcap file as well as the certificate used for timestamping.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Use jarsigner to sign and timestamp a jar-file with the attached certificate.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Jar file gets timestamped correctly, extended key usage can be extracted correctly from the timestamp server reply.
ACTUAL -
see description, jarsigner crashes because the extended key usage field can't be extracted correctly.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
see description
REPRODUCIBILITY :
This bug can be reproduced always.
CUSTOMER SUBMITTED WORKAROUND :
unknown
java version "1.6.0_18"
Java(TM) SE Runtime Environment (build 1.6.0_18-b07)
Java HotSpot(TM) Client VM (build 16.0-b13, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Windows XP SP3
A DESCRIPTION OF THE PROBLEM :
When timestamping a request jarsigner crashes with a null pointer exception:
jarsigner error: java.lang.NullPointerException
java.lang.NullPointerException
at sun.security.tools.TimestampedSigner.generateTimestampToken(Timestamp
edSigner.java:346)
at sun.security.tools.TimestampedSigner.generateSignedData(TimestampedSi
gner.java:211)
at sun.security.tools.SignatureFile$Block.<init>(JarSigner.java:1979)
at sun.security.tools.SignatureFile.generateBlock(JarSigner.java:1876)
at sun.security.tools.JarSigner.signJar(JarSigner.java:1024)
at sun.security.tools.JarSigner.run(JarSigner.java:203)
at sun.security.tools.JarSigner.main(JarSigner.java:74)
The reason seems to be that line 376/377 extracts the keyPurposes.
keyPurposes = cert.getExtendedKeyUsage();
The keyPurposes variable is null after this statement. The certificate used for timestamping defininitely has the extendedKeyUsage Fields set and it includes the KP_TIMESTAMPING_OID OID.
To make this reproducible, I captured the network traffic that is sent from the timestamp-server and try to attach the pcap file as well as the certificate used for timestamping.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Use jarsigner to sign and timestamp a jar-file with the attached certificate.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Jar file gets timestamped correctly, extended key usage can be extracted correctly from the timestamp server reply.
ACTUAL -
see description, jarsigner crashes because the extended key usage field can't be extracted correctly.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
see description
REPRODUCIBILITY :
This bug can be reproduced always.
CUSTOMER SUBMITTED WORKAROUND :
unknown
Attachments
Issue Links
- backported by
-
JDK-2191468 Jarsigner can't extract Extended Key Usage from Timestamp Reply currectly
-
- Closed
-