Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-8234

OCSP requests with missing issuerKeyHash causes exception

    Details

    • Issue discovered during:
      Customer
    • Sprint:
      EJBCA Team Bob - 2019 w21

      Description

      OCSP requests with missing issuerKeyHash causes a NumberFormatException:

      2019-05-29 08:21:56,825 DEBUG [org.ejbca.ui.web.protocol.OCSPServlet] (default task-2) >checkAndGetRequestBytes. Received POST request with content length: 67 from 127.0.0.1
      2019-05-29 08:21:56,828 DEBUG [org.cesecore.certificates.ocsp.OcspResponseGeneratorSessionBean] (default task-2) Requestor name is null
      2019-05-29 08:21:56,829 DEBUG [org.cesecore.certificates.ocsp.OcspResponseGeneratorSessionBean] (default task-2) Incoming OCSP request is signed : false
      2019-05-29 08:21:56,832 ERROR [org.jboss.as.ejb3.invocation] (default task-2) WFLYEJB0034: EJB Invocation failed on component OcspResponseGeneratorSessionBean for method public abstract org.cesecore.certificates.ocsp.OcspResponseInformation org.cesecore.certificates.ocsp.OcspResponseGeneratorSession.getOcspResponse(byte[],java.security.cert.X509Certificate[],java.lang.String,java.lang.String,java.lang.StringBuffer,org.cesecore.certificates.ocsp.logging.AuditLogger,org.cesecore.certificates.ocsp.logging.TransactionLogger) throws org.cesecore.certificates.ocsp.exception.MalformedRequestException,org.bouncycastle.cert.ocsp.OCSPException: javax.ejb.EJBException: java.lang.NumberFormatException: Zero length BigInteger
              at org.jboss.as.ejb3@14.0.1.Final//org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInNoTx(CMTTxInterceptor.java:223)
      [...]
      Caused by: java.lang.NumberFormatException: Zero length BigInteger
              at java.base/java.math.BigInteger.<init>(BigInteger.java:308)
              at java.base/java.math.BigInteger.<init>(BigInteger.java:336)
              at deployment.ejbca.ear//org.cesecore.certificates.ocsp.cache.OcspSigningCache.getCacheIdFromCertificateID(OcspSigningCache.java:217)
              at deployment.ejbca.ear//org.cesecore.certificates.ocsp.cache.OcspSigningCache.getEntry(OcspSigningCache.java:55)
              at deployment.ejbca.ear.cesecore-ejb.jar//org.cesecore.certificates.ocsp.OcspResponseGeneratorSessionBean.translateRequestFromByteArray(OcspResponseGeneratorSessionBean.java:832)
      [...]
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              samuel Samuel Lidén Borell
              Reporter:
              samuel Samuel Lidén Borell
              Verified by:
              Tomas Gustavsson
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 hours
                  2h