Project

General

Profile

Defect #1304

Problem in codeSigning VelocityReport Plugin

Added by Bernd Korthaus about 6 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Normal
Category:
velocity
Target version:
-
Start date:
02/22/2018
Due date:
% Done:

0%

Estimated time:
Browser (if web client):

Description

I have installed the latest VelocityReport Plugin and tried to codesign it.
For velocityreport.jar, I get the messages listed below.
(I did not try to sign the velocityreport folder therefore)
The first line says
java.lang.reflect.InvocationTargetException

We use Java 8u144 and codeSigner8

I have to admit I am not a real expert in codeSigning.
When I start codeSigner8, there are two messages that bother me too in the Certificate information window:
1) Chane verification: Error
2) Error building certification path: CN=...

Maybe that could be the root cause?

D:\\servoy_testversion\\application_server\\plugins\\velocityreport.jar start processing
D:\\servoy_testversion\\application_server\\plugins\\velocityreport.jar unsigned
D:\\servoy_testversion\\application_server\\plugins\\velocityreport.jar repacked
null
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at net.stuff.servoy.signing.utils.JarSigner.run(JarSigner.java:19)
at net.stuff.servoy.CodeSignerFrame.signFile(CodeSignerFrame.java:1283)
at net.stuff.servoy.CodeSignerFrame.access$25(CodeSignerFrame.java:1244)
at net.stuff.servoy.CodeSignerFrame$3$1.run(CodeSignerFrame.java:258)
Caused by: java.lang.NoSuchMethodError: sun.security.pkcs.PKCS7.generateSignedData([B[Ljava/security/cert/X509Certificate;[BLjava/lang/String;Ljava/net/URI;Ljava/lang/String;)[B
at sun.security.tools.jarsigner.TimestampedSigner.generateSignedData(TimestampedSigner.java:135)
at sun.security.tools.jarsigner.SignatureFile$Block.<init>(Main.java:2378)
at sun.security.tools.jarsigner.SignatureFile.generateBlock(Main.java:2276)
at sun.security.tools.jarsigner.Main.signJar(Main.java:1272)
at sun.security.tools.jarsigner.Main.run(Main.java:240)
... 8 more
D:\\servoy_testversion\\application_server\\plugins\\velocityreport.jar first sign attempt
D:\\servoy_testversion\\application_server\\plugins\\velocityreport.jar repacked

History

#1

Updated by Bernd Korthaus about 6 years ago

Correction, it shows
1) Chain verification: Error

#2

Updated by Patrick Talbot about 6 years ago

  • Status changed from New to Feedback
  • Assignee set to Bernd Korthaus
  • Priority changed from Urgent to Normal

Please don't set a priority to urgent unless you are prepared to sponsor a fix.

Plus this is not a Velocity issue, so it should be opened in the Code Signer project.

Did you use the Code Signer for Java 8 > 101?
Anyway, from the error returned it looks like the issue is that your keystore is invalid, it's probably missing an intermediate certificate to create a certificate chain from your certificate to the root certificate.

#3

Updated by Bernd Korthaus about 6 years ago

Thank you very much for your fast response.
Sorry that I set some fields wrong and posted on the wrong project.

I use the CodeSigner Version 1.3.1 with Java 8u144.

I am willing to sponsor a fix or any other help that is needed, however as you pointed out, it seems my keystore is invalid.
But how can it be that a keystore that worked very well in the past and that is valid until December 2018, suddenly becomes invalid?
Did something change from Java side maybe?

I will contact the certificate vendor and ask about this topic.

#4

Updated by Patrick Talbot about 6 years ago

No problem Bernd! Perhaps you could send me your keystore to my ptalbot (at) free (dot) fr along with your keystore password so that I can have a look and try to see what's wrong...
I can sign an agreement if you fear sending it to me. Just let me know.
Can't really know what's wrong or if/how something has changed in the way Java validates the certificate until I can trace it...

#5

Updated by Patrick Talbot almost 6 years ago

  • Status changed from Feedback to Closed

Also available in: Atom PDF