Skip to content
This repository has been archived by the owner on Oct 22, 2024. It is now read-only.

Using bouncycastle version 1.66 throws ClassCastException #8

Open
ingesyvertsen opened this issue Jul 17, 2020 · 0 comments
Open

Using bouncycastle version 1.66 throws ClassCastException #8

ingesyvertsen opened this issue Jul 17, 2020 · 0 comments

Comments

@ingesyvertsen
Copy link

We tried to upgrade our bouncycastle dependencies to version 1.66, but we get a ClassCastException with the following stacktrace:

no.difi.vefa.peppol.security.lang.PeppolSecurityException: Exception when reading AIA: 'org.bouncycastle.asn1.DLTaggedObject cannot be cast to org.bouncycastle.asn1.DERTaggedObject'.
	at no.difi.vefa.peppol.security.util.DifiCertificateValidator.validate(DifiCertificateValidator.java:64)
	at no.difi.vefa.peppol.lookup.LookupClient.getServiceMetadata(LookupClient.java:95)
       ...internal stack trace here....
Caused by: no.difi.certvalidator.api.FailedValidationException: Exception when reading AIA: 'org.bouncycastle.asn1.DLTaggedObject cannot be cast to org.bouncycastle.asn1.DERTaggedObject'.
	at no.difi.certvalidator.rule.OCSPRule.validate(OCSPRule.java:41)
	at no.difi.certvalidator.rule.AbstractRule.validate(AbstractRule.java:24)
	at no.difi.certvalidator.rule.HandleErrorRule.validate(HandleErrorRule.java:44)
	at no.difi.certvalidator.rule.AbstractRule.validate(AbstractRule.java:17)
	at no.difi.certvalidator.structure.AndJunction.validate(AndJunction.java:29)
	at no.difi.certvalidator.structure.AbstractJunction.validate(AbstractJunction.java:36)
	at no.difi.certvalidator.util.CachedValidatorRule.load(CachedValidatorRule.java:43)
	at no.difi.certvalidator.util.CachedValidatorRule.load(CachedValidatorRule.java:13)
	at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3528)
	at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2277)
	at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2154)
	at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2044)
	at com.google.common.cache.LocalCache.get(LocalCache.java:3952)
	at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3974)
	at com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4958)
	at com.google.common.cache.LocalCache$LocalLoadingCache.getUnchecked(LocalCache.java:4964)
	at no.difi.certvalidator.util.CachedValidatorRule.validate(CachedValidatorRule.java:30)
	at no.difi.certvalidator.util.CachedValidatorRule.validate(CachedValidatorRule.java:35)
	at no.difi.certvalidator.structure.AndJunction.validate(AndJunction.java:29)
	at no.difi.certvalidator.structure.AndJunction.validate(AndJunction.java:29)
	at no.difi.certvalidator.structure.AbstractJunction.validate(AbstractJunction.java:36)
	at no.difi.certvalidator.util.CachedValidatorRule.load(CachedValidatorRule.java:43)
	at no.difi.certvalidator.util.CachedValidatorRule.load(CachedValidatorRule.java:13)
	at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3528)
	at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2277)
	at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2154)
	at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2044)
	at com.google.common.cache.LocalCache.get(LocalCache.java:3952)
	at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3974)
	at com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4958)
	at com.google.common.cache.LocalCache$LocalLoadingCache.getUnchecked(LocalCache.java:4964)
	at no.difi.certvalidator.util.CachedValidatorRule.validate(CachedValidatorRule.java:30)
	at no.difi.certvalidator.util.CachedValidatorRule.validate(CachedValidatorRule.java:35)
	at no.difi.certvalidator.ValidatorGroup.validate(ValidatorGroup.java:79)
	at no.difi.certvalidator.ValidatorGroup.validate(ValidatorGroup.java:70)
	at no.difi.vefa.peppol.security.util.DifiCertificateValidator.validate(DifiCertificateValidator.java:62)
	... 48 more
Caused by: net.klakegg.pkix.ocsp.OcspException: Exception when reading AIA: 'org.bouncycastle.asn1.DLTaggedObject cannot be cast to org.bouncycastle.asn1.DERTaggedObject'.
	at net.klakegg.pkix.ocsp.AbstractOcspClient.detectOcspUri(AbstractOcspClient.java:99)
	at net.klakegg.pkix.ocsp.OcspClient.verify(OcspClient.java:51)
	at net.klakegg.pkix.ocsp.OcspClient.verify(OcspClient.java:44)
	at no.difi.certvalidator.rule.OCSPRule.validate(OCSPRule.java:34)
	... 83 more
Caused by: java.lang.ClassCastException: org.bouncycastle.asn1.DLTaggedObject cannot be cast to org.bouncycastle.asn1.DERTaggedObject
	at net.klakegg.pkix.ocsp.AbstractOcspClient.detectOcspUri(AbstractOcspClient.java:91)
	... 86 more

It seems similar to this issue for digipost's certificate validator digipost/certificate-validator#15
@ingesyvertsen ingesyvertsen changed the title Bouncycastle version 1.66 throws ClassCastException Using bouncycastle version 1.66 throws ClassCastException Jul 17, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ingesyvertsen