| You don't often get email from
[email protected]. Learn why this is important |
-- | -- | --
CAUTION:
External Sender - Be cautious when clicking links or opening
attachments. Please email
[email protected] with any questions.
Hi,
I hit the NPE below with OCSP validation using these BC libs:
+--- org.bouncycastle:bcpkix-jdk15on:1.70
| | +--- org.bouncycastle:bcprov-jdk15on:1.70
| | \--- org.bouncycastle:bcutil-jdk15on:1.70
| | \--- org.bouncycastle:bcprov-jdk15on:1.70
| +--- org.bouncycastle:bcprov-jdk15on:1.70
The exception does not happen reproducibly, it's rather intermittent:
at java.base/java.lang.Thread.run(Thread.java:833) Caused by:
java.lang.NullPointerException: Cannot invoke "java.util.Map.put(Object,
Object)" because "<local6>" is null
at org.bouncycastle.jce.provider.OcspCache.getOcspResponse(Unknown Source)
at org.bouncycastle.jce.provider.ProvOcspRevocationChecker.check(Unknown Source)
at org.bouncycastle.jce.provider.ProvRevocationChecker.check(Unknown Source)
at java.base/java.security.cert.PKIXCertPathChecker.check(PKIXCertPathChecker.java:176)
at org.bouncycastle.jce.provider.RFC3280CertPathUtilities.processCertA(Unknown Source)
at org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi_8.engineValidate(Unknown Source)
at org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi_8.build(Unknown Source) ... 86 common frames omitted
I will replace the dependency with the debug artefacts to get info
about line numbers, but maybe someone on this list has seen this before
and can advise.
You don't often get email from
[email protected]. [Learn why this is important](https://aka.ms/LearnAboutSenderIdentification)
CAUTION: External Sender - Be cautious when clicking links or opening attachments. Please email [email protected] with any questions.
Hi,
I hit the NPE below with OCSP validation using these BC libs:
+--- org.bouncycastle:bcpkix-jdk15on:1.70
| | +--- org.bouncycastle:bcprov-jdk15on:1.70
| | --- org.bouncycastle:bcutil-jdk15on:1.70
| | --- org.bouncycastle:bcprov-jdk15on:1.70
| +--- org.bouncycastle:bcprov-jdk15on:1.70
The exception does not happen reproducibly, it's rather intermittent:
at java.base/java.lang.Thread.run(Thread.java:833) Caused by: java.lang.NullPointerException: Cannot invoke "java.util.Map.put(Object, Object)" because "" is null
at org.bouncycastle.jce.provider.OcspCache.getOcspResponse(Unknown Source)
at org.bouncycastle.jce.provider.ProvOcspRevocationChecker.check(Unknown Source)
at org.bouncycastle.jce.provider.ProvRevocationChecker.check(Unknown Source)
at java.base/java.security.cert.PKIXCertPathChecker.check(PKIXCertPathChecker.java:176)
at org.bouncycastle.jce.provider.RFC3280CertPathUtilities.processCertA(Unknown Source)
at org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi_8.engineValidate(Unknown Source)
at org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi_8.build(Unknown Source) ... 86 common frames omitted
I will replace the dependency with the debug artefacts to get info about line numbers, but maybe someone on this list has seen this before and can advise.
From:Eckenfels. Bernd [email protected]
I bet it’s the weak reference here:
https://github.com/bcgit/bc-java/blob/5c35c9a5e79648d7fdf85d7cbaffe8169f249443/prov/src/main/java/org/bouncycastle/jce/provider/OcspCache.java#L199C32-L199C32
responseMap = markerRef.get();
responseMap.put(certID, response);
There's a new beta up which should fix this one at https://www.bouncycastle.org/betas
There's a new beta up which should fix this one at https://www.bouncycastle.org/betas
The url worked a few days ago but now gives 404
More excitement than I've had in a while, but I'm pleased to say the site is back. Let me know how you go.
https://github.com/bcgit/bc-java/issues/1548 is blocking me from upgrading.
@felixdo have you confirmed the latest beta fixes the issue?
@dghgit as commented above I can't even try because of #1548
@felixdo #1548 has been fixed as part of this. Apologies for the confusion.
@dghgit It's on my list to test this, but can't say when.
bcgit
