Re: [tycho-user] null pointer when tycho pack200 is running

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [tycho-user] null pointer when tycho pack200 is running

From: Johan Compagner <jcompagner@xxxxxxxxxx>
Date: Tue, 21 Jul 2020 14:40:13 +0200
Delivered-to: tycho-user@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/tycho-user>
List-help: <mailto:tycho-user-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/tycho-user>, <mailto:tycho-user-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/tycho-user>, <mailto:tycho-user-request@eclipse.org?subject=unsubscribe>

ok to let others know:

we where using:

http://timestamp.comodoca.com/rfc3161

as the TSA timestamp server.

I think around yesterday they changed the certificate which is used to timestamp the jar

And i think that certificate or the root of that one is now know to the java version i have installed

even the openjdk 14 build: openjdk version "14.0.1" 2020-04-14

does not verify correctly those jars.

you get or the same null pointer when using jarsigner -verify or it reports it a bit better:

Warning:

This jar contains entries whose TSA certificate chain is invalid. Reason: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

On Tue, 21 Jul 2020 at 12:04, Johan Compagner <jcompagner@xxxxxxxxxx> wrote:

Hi,

i have suddenly (since yesterday or so) this :

Caused by: java.lang.NullPointerException
    at sun.security.pkcs.SignerInfo.getTimestamp (SignerInfo.java:568)
    at sun.security.util.SignatureFileVerifier.getSigners (SignatureFileVerifier.java:724)
    at sun.security.util.SignatureFileVerifier.processImpl (SignatureFileVerifier.java:295)
    at sun.security.util.SignatureFileVerifier.process (SignatureFileVerifier.java:263)
    at java.util.jar.JarVerifier.processEntry (JarVerifier.java:318)
    at java.util.jar.JarVerifier.update (JarVerifier.java:230)
    at java.util.jar.JarFile.initializeVerifier (JarFile.java:383)
    at java.util.jar.JarFile.getInputStream (JarFile.java:455)
    at com.sun.java.util.jar.pack.PackerImpl$DoPack$InFile.getInputStream (PackerImpl.java:392)
    at com.sun.java.util.jar.pack.PackerImpl$DoPack.run (PackerImpl.java:480)
    at com.sun.java.util.jar.pack.PackerImpl.pack (PackerImpl.java:100)
    at org.eclipse.tycho.extras.pack200.Pack200Wrapper.pack (Pack200Wrapper.java:51)
    at org.eclipse.tycho.extras.pack200.Pack200Wrapper.pack (Pack200Wrapper.java:41)
    at org.eclipse.tycho.extras.pack200.Pack200Archiver.pack (Pack200Archiver.java:147)
    at org.eclipse.tycho.extras.pack200.mojo.Pack200PackMojo.execute (Pack200PackMojo.java:79)

over multiply machines (windows and our build server)

I know it is not directly a tycho problem but does anybody know what that could be?

is that related to the timestamping server that we use?

It happens now and then

Weird thing is i would expect that the signing part that really uses a tsa i think would be a problem

But that seems be working fine?

Johan Compagner

Servoy

Johan Compagner

Servoy

References:
- [tycho-user] null pointer when tycho pack200 is running
  - From: Johan Compagner

Prev by Date: [tycho-user] null pointer when tycho pack200 is running
Next by Date: [tycho-user] Strange behavior jenkins Vs local
Previous by thread: [tycho-user] null pointer when tycho pack200 is running
Next by thread: [tycho-user] Strange behavior jenkins Vs local
Index(es):
- Date
- Thread

Breadcrumbs