Dear all,
I am having a strange intermittent problem on a customer site which I have been unable to reproduce on my development machine.
As I cannot find any source code for
COM.rsa.jsafe.SunJSSE_eq I am at a loss to guess what is causing the
NullPointerException.
I have logs where the error happened 3 times out of something like 200+ signed messages.
The application is a multithreaded soap server, where each thread gets its own brand new instance of org.apache.ws.security.components.crypto.Crypto
Although the customer server is processing one request at a time, just to be sure I have run several heavily multithreaded tests and that does not reproduce the problem.
I have also successfully signed the messages that had failed, using the same keystore, but from my dev machine. There would of course have been differences in the actual message, as WSSE create nonce and timestamps.
I use a standard JKS keystore, the signature algorithm is RSA.
My application uses its own sun 1.4.2 JRE and ignore all environment variables.
Can anyone among you hazard a guess as to what could cause the NPE or let me know a better forum where to get some information?
Could the content of the message cause the NPE, or is the problem related to the certificate, keystore, or something else?
Caused by: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is:
java.lang.NullPointerException
at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:606)
at com.anite.connect.utility.SoapDocument.finaliseWsseProcessing(SoapDocument.java:400)
... 18 more
Caused by: java.lang.NullPointerException
at COM.rsa.jsafe.SunJSSE_eq.a(DashoA6275)
at COM.rsa.jsafe.SunJSSE_eq.b(DashoA6275)
at COM.rsa.jsafe.SunJSSE_eq.b(DashoA6275)
at COM.rsa.jsafe.SunJSSE_eq.a(DashoA6275)
at COM.rsa.jsafe.SunJSSE_c4.a(DashoA6275)
at COM.rsa.jsafe.SunJSSE_c4.a(DashoA6275)
at COM.rsa.jsafe.SunJSSE_bn.c(DashoA6275)
at COM.rsa.jsafe.SunJSSE_bh.k(DashoA6275)
at com.sun.net.ssl.internal.ssl.JS_Signature.engineSign(DashoA6275)
at java.security.Signature$Delegate.engineSign(Signature.java:790)
at java.security.Signature.sign(Signature.java:397)
at org.apache.xml.security.algorithms.implementations.SignatureBaseRSA.engineSign(SignatureBaseRSA.java:132)
at org.apache.xml.security.algorithms.SignatureAlgorithm.sign(SignatureAlgorithm.java:164)
at org.apache.xml.security.signature.XMLSignature.sign(XMLSignature.java:508)
at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:599)
I am using the JSSE.jar included with my JRE 1.4.2. The jar manifest is
Manifest-Version: 1.0
Created-By: 1.4.2-rc (Sun Microsystems Inc.)
Pluggable: no
Crypto-Strength: strong
Specification-Vendor: Sun Microsystems, Inc.
Specification-Version: 1.4
Implementation-Vendor-Id: com.sun
Extension-Name: javax.net.ssl
Implementation-Version: 1.4.2
Implementation-Vendor: Sun Microsystems, Inc.
Any help appreciated.
Regards