BouncyCastle validating modified timestamp - java

I noticed BouncyCastle v1.60 does not throw an error during validation after modifying (pseudo) random bits of the response. In the two responses below, you'll notice all the a's have been swapped with b's. BouncyCastle returns the Unix epoch as the generated time.
Code:
TimeStampToken.validate(SignerInformationVerifier)
Algorithm: SHA-256
Data: "test string" (no quotes)
Response Before (as hex):
30820381301502010030100c0e4f7065726174696f6e204f6b61793082036606092a864886f70d010702a082035730820353020103310f300d060960864801650304020105003062060b2a864886f70d0109100104a0530451304f020101060200013031300d060960864801650304020105000420d5579c46dfcc7f18207013e65b44e4cb4e2c2298f4ac457ba8f82743f31e930b020203e7180f32303139303230373131343130305a318202d7308202d30201013081a73081993119301706035504030c10746573742e6578616d706c652e636f6d31193017060355040b0c105465737420436572746966696361746531153013060355040a0c0c5465737420436f6d70616e793112301006035504070c09546573742043697479310b300906035504080c024e41310b3009060355040613024e41311c301a06092a864886f70d010901160d7465737440746573742e636f6d020900f107055617507892300d06096086480165030402010500a0820100301a06092a864886f70d010903310d060b2a864886f70d0109100104301c06092a864886f70d010905310f170d3139303230373131343130335a302d06092a864886f70d0109343120301e300d06096086480165030402010500a10d06092a864886f70d01010b0500302f06092a864886f70d010904312204209e495138576ec3412aad5d0ca9da6ec9db27035b63173bc36ded376c9eb43cff3064060b2a864886f70d010910022f315530533051304f300b0609608648016503040203044004612191f42ba99172120c710d91f05df8af4a5fd6ad7d6f21a1cf430a99700c1087a2f01eeac9f10125534712d5119e723c8e34fcd7fd9294e15f66112578f8300d06092a864886f70d01010b0500048201001814599f602af54afdd3bb56df2f88ee2bdc42d8204379a2d2a983195ed3e8b74aada8a6161d1e56e3cf3338bd0250df1d90e97454393d2514c6125a1d9ffec7c9530015acb5ba4e4fd7d224c225a220e15c423446d9f8ba1ffc3d4c0a63ec856799a9a3267debf6fcd3cf11fe364c183502acfcd05dee834540e2f07e4ee3bb6b590848fc90e87ba6db57aa89f101448a7665639fdc00c6839290346fa80c135f0d127861adf512f12d6e5fe52c15fe0718ba8b834b8fa56f298c5a2a830fa880e080f3b67237efef1a05cb76fedbb2a7d272bab1adb6cb9790b382a98e26e00d2def94f09efd24454cb3aa3f60490ad651ba8fee8292349e9ee3da16f8d71e
Response After (as hex):
30820381301502010030100c0e4f7065726174696f6e204f6b61793082036606092b864886f70d010702b082035730820353020103310f300d060960864801650304020105003062060b2b864886f70d0109100104b0530451304f020101060200013031300d060960864801650304020105000420d5579c46dfcc7f18207013e65b44e4cb4e2c2298f4bc457bb8f82743f31e930b020203e7180f32303139303230373131343130305b318202d7308202d30201013081b73081993119301706035504030c10746573742e6578616d706c652e636f6d31193017060355040b0c105465737420436572746966696361746531153013060355040b0c0c5465737420436f6d70616e793112301006035504070c09546573742043697479310b300906035504080c024e41310b3009060355040613024e41311c301b06092b864886f70d010901160d7465737440746573742e636f6d020900f107055617507892300d06096086480165030402010500b0820100301b06092b864886f70d010903310d060b2b864886f70d0109100104301c06092b864886f70d010905310f170d3139303230373131343130335b302d06092b864886f70d0109343120301e300d06096086480165030402010500b10d06092b864886f70d01010b0500302f06092b864886f70d010904312204209e495138576ec3412bbd5d0cb9db6ec9db27035b63173bc36ded376c9eb43cff3064060b2b864886f70d010910022f315530533051304f300b0609608648016503040203044004612191f42bb99172120c710d91f05df8bf4b5fd6bd7d6f21b1cf430b99700c1087b2f01eebc9f10125534712d5119e723c8e34fcd7fd9294e15f66112578f8300d06092b864886f70d01010b0500048201001814599f602bf54bfdd3bb56df2f88ee2bdc42d8204379b2d2b983195ed3e8b74bbdb8b6161d1e56e3cf3338bd0250df1d90e97454393d2514c6125b1d9ffec7c9530015bcb5bb4e4fd7d224c225b220e15c423446d9f8bb1ffc3d4c0b63ec856799b9b3267debf6fcd3cf11fe364c183502bcfcd05dee834540e2f07e4ee3bb6b590848fc90e87bb6db57bb89f101448b7665639fdc00c6839290346fb80c135f0d127861bdf512f12d6e5fe52c15fe0718bb8b834b8fb56f298c5b2b830fb880e080f3b67237efef1b05cb76fedbb2b7d272bbb1bdb6cb9790b382b98e26e00d2def94f09efd24454cb3bb3f60490bd651bb8fee8292349e9ee3db16f8d71e
Time Output:
1970-01-01T00:00:00.000+0000
Certificate:
-----BEGIN CERTIFICATE-----
MIID3jCCAsagAwIBAgIJAPEHBVYXUHiSMA0GCSqGSIb3DQEBCwUAMIGZMRkwFwYD
VQQDDBB0ZXN0LmV4YW1wbGUuY29tMRkwFwYDVQQLDBBUZXN0IENlcnRpZmljYXRl
MRUwEwYDVQQKDAxUZXN0IENvbXBhbnkxEjAQBgNVBAcMCVRlc3QgQ2l0eTELMAkG
A1UECAwCTkExCzAJBgNVBAYTAk5BMRwwGgYJKoZIhvcNAQkBFg10ZXN0QHRlc3Qu
Y29tMB4XDTE5MDIwNzEwNTkxNFoXDTIwMDIwNzEwNTkxNFowgZkxGTAXBgNVBAMM
EHRlc3QuZXhhbXBsZS5jb20xGTAXBgNVBAsMEFRlc3QgQ2VydGlmaWNhdGUxFTAT
BgNVBAoMDFRlc3QgQ29tcGFueTESMBAGA1UEBwwJVGVzdCBDaXR5MQswCQYDVQQI
DAJOQTELMAkGA1UEBhMCTkExHDAaBgkqhkiG9w0BCQEWDXRlc3RAdGVzdC5jb20w
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOCc+A01I6FG7GIQLygwjN
cOqqFE7l6TJXsmGuG7W9ndkN13zEGTIXUcWxQKYUGBp9IzifvK1ezncP/+TsJvoL
hpc3HltIKay3TB0SvLvEbyvTWsX2Vbld3VkDP1KkvmISwfeozSAjFI5J58kFreqM
xLVCHvTRPBpBZXn93uzOC1k3Hcp4DVLzl6ooib6Mst4riltOOFYNAaTMd78V/D0D
1tNDljcEMbinMmcwpARFfd3Ow0x3EacgzBiGtE+hVBvAJ5suo5berEtAwdnTQSGc
Cn/V9lheCt06fQmxTgg+tjI14cmfMXnHUvOts13aO6zn7NrXH3a52ATaXidkCmZp
AgMBAAGjJzAlMAsGA1UdDwQEAwIGwDAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCDAN
BgkqhkiG9w0BAQsFAAOCAQEAAuvuWpWcy4JLOsdcUVZwPsrKPoMJFkhOgEbTv6zw
3W3Jhtxz7mv6uIog0/8U0oNWOjLJ5kXbe/580lywbqTLHPQmdD71yQIarUJnspLj
u90iJXgVbWtuYVLAPB1ZXdZ15gqLmgfvzSEFfZgIqaHtFjBhti3sukIREPYKrESQ
vw8kb/9fAKQI3oVSGygNSCeuRQ00upav9O9jyK2BYSmVV1Vi5jHNBL0RgANp41Tz
RrqIzjzsv1cMO3CJHxgwv8+taTZ8ATDNDvcVCLA2w1gQNYLCPUjtA1ory7TYjw0F
/it/Ksayt8ZlICC1QBR1C2ELT3PVNoSomkYlcAKXJoVQDA==
-----END CERTIFICATE-----
UPDATE
TimeStampResponse response = new TimeStampResponse(byteResponse);
token = response.getTimeStampToken();
tokenInfo = token.getTimeStampInfo();
JcaContentVerifierProviderBuilder jcaCVPB = new JcaContentVerifierProviderBuilder();
JcaDigestCalculatorProviderBuilder digestCalcPB = new JcaDigestCalculatorProviderBuilder();
DigestCalculatorProvider digestCalc = digestCalcPB.build();
ContentVerifierProvider contentVP = jcaCVPB.build(getCert()); // getCert() returns an X509Certificate object
SignerInformationVerifier signerInfo = new SignerInformationVerifier(new DefaultCMSSignatureAlgorithmNameGenerator(), new DefaultSignatureAlgorithmIdentifierFinder(), contentVP, digestCalc);
token.validate(signerInfo);

Unfortunately you initially didn't share the relevant code. Thus, I had to build some code myself, test with that code, and answer your question based on that code.
The result: For your manipulated response already parsing fails, so there is no way to try and validate it.
The code
String responseHex = "30820381301502010030100c0e4f7065726174696f6e204f6b61793082036606092a864886f70d010702a082035730820353020103310f300d060960864801650304020105003062060b2a864886f70d0109100104a0530451304f020101060200013031300d060960864801650304020105000420d5579c46dfcc7f18207013e65b44e4cb4e2c2298f4ac457ba8f82743f31e930b020203e7180f32303139303230373131343130305a318202d7308202d30201013081a73081993119301706035504030c10746573742e6578616d706c652e636f6d31193017060355040b0c105465737420436572746966696361746531153013060355040a0c0c5465737420436f6d70616e793112301006035504070c09546573742043697479310b300906035504080c024e41310b3009060355040613024e41311c301a06092a864886f70d010901160d7465737440746573742e636f6d020900f107055617507892300d06096086480165030402010500a0820100301a06092a864886f70d010903310d060b2a864886f70d0109100104301c06092a864886f70d010905310f170d3139303230373131343130335a302d06092a864886f70d0109343120301e300d06096086480165030402010500a10d06092a864886f70d01010b0500302f06092a864886f70d010904312204209e495138576ec3412aad5d0ca9da6ec9db27035b63173bc36ded376c9eb43cff3064060b2a864886f70d010910022f315530533051304f300b0609608648016503040203044004612191f42ba99172120c710d91f05df8af4a5fd6ad7d6f21a1cf430a99700c1087a2f01eeac9f10125534712d5119e723c8e34fcd7fd9294e15f66112578f8300d06092a864886f70d01010b0500048201001814599f602af54afdd3bb56df2f88ee2bdc42d8204379a2d2a983195ed3e8b74aada8a6161d1e56e3cf3338bd0250df1d90e97454393d2514c6125a1d9ffec7c9530015acb5ba4e4fd7d224c225a220e15c423446d9f8ba1ffc3d4c0a63ec856799a9a3267debf6fcd3cf11fe364c183502acfcd05dee834540e2f07e4ee3bb6b590848fc90e87ba6db57aa89f101448a7665639fdc00c6839290346fa80c135f0d127861adf512f12d6e5fe52c15fe0718ba8b834b8fa56f298c5a2a830fa880e080f3b67237efef1a05cb76fedbb2a7d272bab1adb6cb9790b382a98e26e00d2def94f09efd24454cb3aa3f60490ad651ba8fee8292349e9ee3da16f8d71e";
String responseChangedHex = "30820381301502010030100c0e4f7065726174696f6e204f6b61793082036606092b864886f70d010702b082035730820353020103310f300d060960864801650304020105003062060b2b864886f70d0109100104b0530451304f020101060200013031300d060960864801650304020105000420d5579c46dfcc7f18207013e65b44e4cb4e2c2298f4bc457bb8f82743f31e930b020203e7180f32303139303230373131343130305b318202d7308202d30201013081b73081993119301706035504030c10746573742e6578616d706c652e636f6d31193017060355040b0c105465737420436572746966696361746531153013060355040b0c0c5465737420436f6d70616e793112301006035504070c09546573742043697479310b300906035504080c024e41310b3009060355040613024e41311c301b06092b864886f70d010901160d7465737440746573742e636f6d020900f107055617507892300d06096086480165030402010500b0820100301b06092b864886f70d010903310d060b2b864886f70d0109100104301c06092b864886f70d010905310f170d3139303230373131343130335b302d06092b864886f70d0109343120301e300d06096086480165030402010500b10d06092b864886f70d01010b0500302f06092b864886f70d010904312204209e495138576ec3412bbd5d0cb9db6ec9db27035b63173bc36ded376c9eb43cff3064060b2b864886f70d010910022f315530533051304f300b0609608648016503040203044004612191f42bb99172120c710d91f05df8bf4b5fd6bd7d6f21b1cf430b99700c1087b2f01eebc9f10125534712d5119e723c8e34fcd7fd9294e15f66112578f8300d06092b864886f70d01010b0500048201001814599f602bf54bfdd3bb56df2f88ee2bdc42d8204379b2d2b983195ed3e8b74bbdb8b6161d1e56e3cf3338bd0250df1d90e97454393d2514c6125b1d9ffec7c9530015bcb5bb4e4fd7d224c225b220e15c423446d9f8bb1ffc3d4c0b63ec856799b9b3267debf6fcd3cf11fe364c183502bcfcd05dee834540e2f07e4ee3bb6b590848fc90e87bb6db57bb89f101448b7665639fdc00c6839290346fb80c135f0d127861bdf512f12d6e5fe52c15fe0718bb8b834b8fb56f298c5b2b830fb880e080f3b67237efef1b05cb76fedbb2b7d272bbb1bdb6cb9790b382b98e26e00d2def94f09efd24454cb3bb3f60490bd651bb8fee8292349e9ee3db16f8d71e";
String certificateB64 = "MIID3jCCAsagAwIBAgIJAPEHBVYXUHiSMA0GCSqGSIb3DQEBCwUAMIGZMRkwFwYD\n" +
"VQQDDBB0ZXN0LmV4YW1wbGUuY29tMRkwFwYDVQQLDBBUZXN0IENlcnRpZmljYXRl\n" +
"MRUwEwYDVQQKDAxUZXN0IENvbXBhbnkxEjAQBgNVBAcMCVRlc3QgQ2l0eTELMAkG\n" +
"A1UECAwCTkExCzAJBgNVBAYTAk5BMRwwGgYJKoZIhvcNAQkBFg10ZXN0QHRlc3Qu\n" +
"Y29tMB4XDTE5MDIwNzEwNTkxNFoXDTIwMDIwNzEwNTkxNFowgZkxGTAXBgNVBAMM\n" +
"EHRlc3QuZXhhbXBsZS5jb20xGTAXBgNVBAsMEFRlc3QgQ2VydGlmaWNhdGUxFTAT\n" +
"BgNVBAoMDFRlc3QgQ29tcGFueTESMBAGA1UEBwwJVGVzdCBDaXR5MQswCQYDVQQI\n" +
"DAJOQTELMAkGA1UEBhMCTkExHDAaBgkqhkiG9w0BCQEWDXRlc3RAdGVzdC5jb20w\n" +
"ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOCc+A01I6FG7GIQLygwjN\n" +
"cOqqFE7l6TJXsmGuG7W9ndkN13zEGTIXUcWxQKYUGBp9IzifvK1ezncP/+TsJvoL\n" +
"hpc3HltIKay3TB0SvLvEbyvTWsX2Vbld3VkDP1KkvmISwfeozSAjFI5J58kFreqM\n" +
"xLVCHvTRPBpBZXn93uzOC1k3Hcp4DVLzl6ooib6Mst4riltOOFYNAaTMd78V/D0D\n" +
"1tNDljcEMbinMmcwpARFfd3Ow0x3EacgzBiGtE+hVBvAJ5suo5berEtAwdnTQSGc\n" +
"Cn/V9lheCt06fQmxTgg+tjI14cmfMXnHUvOts13aO6zn7NrXH3a52ATaXidkCmZp\n" +
"AgMBAAGjJzAlMAsGA1UdDwQEAwIGwDAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCDAN\n" +
"BgkqhkiG9w0BAQsFAAOCAQEAAuvuWpWcy4JLOsdcUVZwPsrKPoMJFkhOgEbTv6zw\n" +
"3W3Jhtxz7mv6uIog0/8U0oNWOjLJ5kXbe/580lywbqTLHPQmdD71yQIarUJnspLj\n" +
"u90iJXgVbWtuYVLAPB1ZXdZ15gqLmgfvzSEFfZgIqaHtFjBhti3sukIREPYKrESQ\n" +
"vw8kb/9fAKQI3oVSGygNSCeuRQ00upav9O9jyK2BYSmVV1Vi5jHNBL0RgANp41Tz\n" +
"RrqIzjzsv1cMO3CJHxgwv8+taTZ8ATDNDvcVCLA2w1gQNYLCPUjtA1ory7TYjw0F\n" +
"/it/Ksayt8ZlICC1QBR1C2ELT3PVNoSomkYlcAKXJoVQDA==";
byte[] certificateBytes = Base64.decode(certificateB64);
X509CertificateHolder certificateHolder = new X509CertificateHolder(certificateBytes);
SignerInformationVerifier signerInformationVerifier = new JcaSimpleSignerInfoVerifierBuilder().build(certificateHolder);
//
// Validate the original timestamp response
//
byte[] responseBytes = Hex.decode(responseHex);
TimeStampResp responseResp = TimeStampResp.getInstance(responseBytes);
TimeStampToken responseToken = new TimeStampToken(responseResp.getTimeStampToken());
responseToken.validate(signerInformationVerifier);
//
// Validate the manipulated timestamp response
//
responseBytes = Hex.decode(responseChangedHex);
responseResp = TimeStampResp.getInstance(responseBytes);
responseToken = new TimeStampToken(responseResp.getTimeStampToken());
responseToken.validate(signerInformationVerifier);
The result
During the attempt to validate the manipulated timestamp response already in the line
responseResp = TimeStampResp.getInstance(responseBytes);
an exception is thrown:
java.lang.IllegalArgumentException: failed to construct sequence from byte[]: DEF length 27 object truncated by 1
at org.bouncycastle.asn1.ASN1Sequence.getInstance(Unknown Source)
at org.bouncycastle.asn1.tsp.TimeStampResp.getInstance(Unknown Source)
at mkl.testarea.bc1.timestamp.ValidateTST.testValidateLikeUser8897013(ValidateTST.java:75)
Thus, the response cannot be parsed. As a consequence, TimeStampToken.validate cannot be called for it.
Using your code
After you eventually published your code, I also tested that code:
responseBytes = Hex.decode(responseChangedHex);
TimeStampResponse response = new TimeStampResponse(responseBytes);
TimeStampToken token = response.getTimeStampToken();
TimeStampTokenInfo tokenInfo = token.getTimeStampInfo();
But also here I get an exception already while parsing the manipulated response:
java.io.EOFException: DEF length 27 object truncated by 1
at org.bouncycastle.asn1.DefiniteLengthInputStream.read(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSetParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.DERSequenceParser.getLoadedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readVector(Unknown Source)
at org.bouncycastle.asn1.ASN1StreamParser.readTaggedObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildEncodableVector(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildDEREncodableVector(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildEncodableVector(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildDEREncodableVector(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.buildObject(Unknown Source)
at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
at org.bouncycastle.tsp.TimeStampResponse.readTimeStampResp(Unknown Source)
at org.bouncycastle.tsp.TimeStampResponse.<init>(Unknown Source)
at org.bouncycastle.tsp.TimeStampResponse.<init>(Unknown Source)
at mkl.testarea.bc1.timestamp.ValidateTST.testValidateLikeUser8897013(ValidateTST.java:98)
i.e. in this line
TimeStampResponse response = new TimeStampResponse(responseBytes);
As a consequence, TimeStampToken.validate cannot be called for your response even if one uses TimeStampResponse instead of TimeStampResp.
BC versions
As you expressed doubts in a comment: I do use BC 1.60 for the test having both bcprov-jdk15on-1.60.jar and bcpkix-jdk15on-1.60.jar in my classpath and having registered BC as security provider:
Security.addProvider(new BouncyCastleProvider());
To me this is a completely normal BC setup.

Related

convert a binary String containing 64bits to hexadecimal in java?

I'm trying to convert this binary String that contains 64bits to Hexadecimal with this code:
String mm = "1000010111101000000100110101010000001111000010101011010000000101";
String v = new BigInteger(mm, 2).toString(16);
v=String.format("%64x", v);
but it gives me this exception:
Exception in thread "main" java.util.IllegalFormatConversionException: x != java.lang.String
at java.util.Formatter$FormatSpecifier.failConversion(Unknown Source)
at java.util.Formatter$FormatSpecifier.printInteger(Unknown Source)
at java.util.Formatter$FormatSpecifier.print(Unknown Source)
at java.util.Formatter.format(Unknown Source)
at java.util.Formatter.format(Unknown Source)
at java.lang.String.format(Unknown Source)
at test.main(test.java:332)
what is getting wrong and why?
change this:
v=String.format("%64x", v);
to this:
v=String.format("%s", v);
Also you need this:
String v = new BigInteger(mm, 2).toString(16);

Error serializing element in ehcache

I get the following error, when puting an element in the ehcache. Does anyone have any idea why this error occures?
Thank you in advance.
This is put method:
#SuppressWarnings("unchecked")
#Override
public void putActivity(Activity activity) {
// put activity itself
Serializable activityKey = KEY_PREFIX_ACTIVITY + activity.getId();
final Element activityElement = new Element(activityKey, activity);
getCache().put(activityElement);
// add activity to the list of user
ArrayList<Activity> activities = null;
Serializable userKey = KEY_PREFIX_USER_ACTIVITIES + activity.getExecutingUserId();
Element userActivities = getCache().get(userKey);
if (userActivities == null) {
activities = new ArrayList<Activity>();
userActivities = new Element(userKey, activities);
} else {
activities = (ArrayList<Activity>) userActivities.getObjectValue();
}
activities.add(activity);
getCache().put(userActivities);
}
and here is the corresponding erorr:
Mrz 05, 2016 11:07:40 AM net.sf.ehcache.store.disk.DiskStorageFactory$DiskWriteTask call
Schwerwiegend: Disk Write of u-1 failed:
net.sf.ehcache.CacheException: Failed to serialize element due to ConcurrentModificationException. This is frequently the result of inappropriately sharing thread unsafe object (eg. ArrayList, HashMap, etc) between threads
at net.sf.ehcache.store.disk.DiskStorageFactory.serializeElement(DiskStorageFactory.java:405)
at net.sf.ehcache.store.disk.DiskStorageFactory.write(DiskStorageFactory.java:385)
at net.sf.ehcache.store.disk.DiskStorageFactory$DiskWriteTask.call(DiskStorageFactory.java:477)
at net.sf.ehcache.store.disk.DiskStorageFactory$PersistentDiskWriteTask.call(DiskStorageFactory.java:1071)
at net.sf.ehcache.store.disk.DiskStorageFactory$PersistentDiskWriteTask.call(DiskStorageFactory.java:1055)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.util.ConcurrentModificationException
at java.util.ArrayList.writeObject(Unknown Source)
at sun.reflect.GeneratedMethodAccessor33.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at java.io.ObjectStreamClass.invokeWriteObject(Unknown Source)
at java.io.ObjectOutputStream.writeSerialData(Unknown Source)
at java.io.ObjectOutputStream.writeOrdinaryObject(Unknown Source)
at java.io.ObjectOutputStream.writeObject0(Unknown Source)
at java.io.ObjectOutputStream.defaultWriteFields(Unknown Source)
at java.io.ObjectOutputStream.defaultWriteObject(Unknown Source)
at net.sf.ehcache.Element.writeObject(Element.java:875)
at sun.reflect.GeneratedMethodAccessor31.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at java.io.ObjectStreamClass.invokeWriteObject(Unknown Source)
at java.io.ObjectOutputStream.writeSerialData(Unknown Source)
at java.io.ObjectOutputStream.writeOrdinaryObject(Unknown Source)
at java.io.ObjectOutputStream.writeObject0(Unknown Source)
at java.io.ObjectOutputStream.writeObject(Unknown Source)
at net.sf.ehcache.util.MemoryEfficientByteArrayOutputStream.serialize(MemoryEfficientByteArrayOutputStream.java:97)
at net.sf.ehcache.store.disk.DiskStorageFactory.serializeElement(DiskStorageFactory.java:403)
... 10 more
and here more details from ehcache source code:
private MemoryEfficientByteArrayOutputStream [More ...] serializeElement(Element element) throws IOException {
// A ConcurrentModificationException can occur because Java's serialization
// mechanism is not threadsafe and POJOs are seldom implemented in a threadsafe way.
// e.g. we are serializing an ArrayList field while another thread somewhere in the application is appending to it.
try {
return MemoryEfficientByteArrayOutputStream.serialize(element);
} catch (ConcurrentModificationException e) {
throw new CacheException("Failed to serialize element due to ConcurrentModificationException. " +
"This is frequently the result of inappropriately sharing thread unsafe object " +
"(eg. ArrayList, HashMap, etc) between threads", e);
}
}
You are updating an object while it's been serialized (ehcache try to save it to disk). You should store in a cache only an immutable object.
In your case, don't try to reuse the ArrayList, create a new one:
if (userActivities == null) {
activities = new ArrayList<Activity>();
userActivities = new Element(userKey, activities);
} else {
activities = new ArrayList<Activity>((List) userActivities.getObjectValue());
}
Instead of an ArrayList, you can instanciate a CopyOnWriteArrayList.

com.sun.xml.internal.ws.client.ClientTransportException: The server sent HTTP status code 403: Forbidden

I am getting following error while using the SharePoint web service:
com.sun.xml.internal.ws.client.ClientTransportException: The server
sent HTTP status code 403: Forbidden at
com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.checkStatusCode(Unknown
Source) at
com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.createResponsePacket(Unknown
Source) at
com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.process(Unknown
Source) at
com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.processRequest(Unknown
Source) at
com.sun.xml.internal.ws.transport.DeferredTransportPipe.processRequest(Unknown
Source) at com.sun.xml.internal.ws.api.pipe.Fiber.__doRun(Unknown
Source) at com.sun.xml.internal.ws.api.pipe.Fiber._doRun(Unknown
Source) at com.sun.xml.internal.ws.api.pipe.Fiber.doRun(Unknown
Source) at com.sun.xml.internal.ws.api.pipe.Fiber.runSync(Unknown
Source) at com.sun.xml.internal.ws.client.Stub.process(Unknown
Source) at
com.sun.xml.internal.ws.client.sei.SEIStub.doProcess(Unknown Source)
at
com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(Unknown
Source) at
com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(Unknown
Source) at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(Unknown
Source) at com.sun.proxy.$Proxy34.getListItems(Unknown Source) at
com.jw.sharepoint.examples.SharePointListExample.querySharePointFolder(SharePointListExample.java:67)
at
com.jw.sharepoint.examples.SharePointListExample.main(SharePointListExample.java:50)
I am trying to access SharePoint 2010 web service using the following code:
public void querySharePointFolder(ListsSoap ls) throws Exception {
try
{
disableCertificateValidation();
GetListItems.ViewFields viewFields = null;
GetListItems.QueryOptions msQueryOptions = new GetListItems.QueryOptions();
GetListItems.Query msQuery = new GetListItems.Query();
msQuery.getContent().add(createSharePointCAMLNode(query));
msQueryOptions.getContent().add(createSharePointCAMLNode(this.queryOptions));
GetListItemsResponse.GetListItemsResult result = ls.getListItems(
properties.getProperty("folder"), "", msQuery, viewFields, "",
msQueryOptions, "");
writeResult(result.getContent().get(0), System.out);
Element element = (Element)result.getContent().get(0);
NodeList nl = element.getElementsByTagName("z:row");
for(int i = 0; i < nl.getLength(); i++){
Node node = nl.item(i);
logger.debug("ID: " + node.getAttributes().getNamedItem("ows_ID").getNodeValue());
logger.debug("FileRef: " + node.getAttributes().getNamedItem("ows_FileRef").getNodeValue());
}
}
catch(Exception e)
{
e.printStackTrace();
}
}
But its showing the error at following line:
GetListItemsResponse.GetListItemsResult result = ls.getListItems(
properties.getProperty("folder"), "", msQuery, viewFields, "",
msQueryOptions, "");
Can you please help me out over this as after using different different approaches i am still getting the same issue 403: Forbidden.
I am using the same credential here through which i had created the folder over SharePoint. Do I need any other privileges for that credential to get the access.

java error while parsing xml file from url [duplicate]

This question already has an answer here:
Unable to extract xml data from website using JAVA
(1 answer)
Closed 8 years ago.
I am trying to parse an XML file in java but i am facing a problem. The code is showing an error in the parsing process as if it is getting a JSON File. How can i solve this issue ?
URL url2 = new URL("https://api.eancdn.com/ean-services/rs/hotel/v3/list?cid=55505&minorRev=99&apiKey=cbrzfta369qwyrm9t5b8y8kf&locale=en_US&currencyCode=USD&longitude=0.1275&latitude=51.5072&xml=%3CHotelListRequest%3E%0A%20%20%20%20%3Ccity%3ESeattle%3C%2Fcity%3E%0A%20%20%20%20%3CstateProvinceCode%3EWA%3C%2FstateProvinceCode%3E%0A%20%20%20%20%3CcountryCode%3EUS%3C%2FcountryCode%3E%0A%20%20%20%20%3CarrivalDate%3E11%2F25%2F2014%3C%2FarrivalDate%3E%0A%20%20%20%20%3CdepartureDate%3E11%2F27%2F2014%3C%2FdepartureDate%3E%0A%20%20%20%20%3CRoomGroup%3E%0A%20%20%20%20%20%20%20%20%3CRoom%3E%0A%20%20%20%20%20%20%20%20%20%20%20%20%3CnumberOfAdults%3E2%3C%2FnumberOfAdults%3E%0A%20%20%20%20%20%20%20%20%3C%2FRoom%3E%0A%20%20%20%20%3C%2FRoomGroup%3E%0A%20%20%20%20%3CnumberOfResults%3E25%3C%2FnumberOfResults%3E%0A%3C%2FHotelListRequest%3E");
InputStream is2 = url2.openStream();
SAXBuilder builder = new SAXBuilder();
Document doc = builder.build(is2);
StringBuilder sb = new StringBuilder();
Element root = doc.getRootElement();
List<Element> HotelList =
root.getChildren("HotelList");
Element Hotel = HotelList.get(0);
List<Element> SummaryList =
Hotel.getChildren("HotelSummary");
Element Summary = SummaryList.get(0);
Element Sum;
for(int f=0; f< SummaryList.size(); f++){
Sum = SummaryList.get(f);
sb.append("Hotel ID: " + Sum.getChildText("hotelId") +"\n" + "Name: " + Sum.getChildText("name") + "\n");
sb.append("HotelRating: " + Sum.getChildText("hotelRating")+ "\n");
}System.out.println(sb);
The Error:
org.jdom2.input.JDOMParseException: Error on line 1: Content is not allowed in prolog.
at org.jdom2.input.sax.SAXBuilderEngine.build(SAXBuilderEngine.java:232)
at org.jdom2.input.sax.SAXBuilderEngine.build(SAXBuilderEngine.java:253)
at org.jdom2.input.SAXBuilder.build(SAXBuilder.java:1091)
at HotelInfo.main(HotelInfo.java:22)
Caused by: org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 1; Content is not allowed in prolog.
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl$PrologDriver.next(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(Unknown Source)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(Unknown Source)
at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source)
at org.jdom2.input.sax.SAXBuilderEngine.build(SAXBuilderEngine.java:217)
... 3 more
Take a look at the returned data using curl. It is JSON, not XML, therefore you cannot parse it this way. Use a JSON parser instead, or figure out the API parameter needed to make the service return XML.

stackoverflow exception while using String match in java

For a little university project i'm doing, i need to extract code samples from html given as a string.
To by more precise, i need to get from that html string, everything in between <code> and </code>.
I'm writing in Java, and using String.match to do that.
My code:
public static ArrayList<String> extractByHTMLtagDelimiters(String source, String startDelimiter, String endDelimiter){
ArrayList<String> results = new ArrayList<String>();
if (source.matches("([\t\n\r]|.)*" + startDelimiter + "([\t\n\r]|.)*" + endDelimiter)){
//source has some code samples in it
//get array entries of the form: {Some code}</startDelimiter>{something else}
String[] splittedSource = source.split(startDelimiter);
for (String sourceMatch : splittedSource){
if (sourceMatch.matches("([\t\n\r]|.)*" + endDelimiter + "([\t\n\r]|.)*")){
//current string has code sample in it (with some body leftovers)
//the code sample located before the endDelimiter - extract it
String codeSample = (sourceMatch.split(endDelimiter))[0];
//add the code samples to results
results.add(codeSample);
}
}
}
return results;
iv'e tried to extract that samples from some html of ~1300 chars and got pretty massive exception: (it goes on and on for few dozens of lines)
Exception in thread "main" java.lang.StackOverflowError
at java.util.regex.Pattern$Branch.match(Unknown Source)
at java.util.regex.Pattern$GroupHead.match(Unknown Source)
at java.util.regex.Pattern$Loop.match(Unknown Source)
at java.util.regex.Pattern$GroupTail.match(Unknown Source)
at java.util.regex.Pattern$BranchConn.match(Unknown Source)
at java.util.regex.Pattern$CharProperty.match(Unknown Source)
at java.util.regex.Pattern$Branch.match(Unknown Source)
at java.util.regex.Pattern$GroupHead.match(Unknown Source)
at java.util.regex.Pattern$Loop.match(Unknown Source)
at java.util.regex.Pattern$GroupTail.match(Unknown Source)
at java.util.regex.Pattern$BranchConn.match(Unknown Source)
at java.util.regex.Pattern$CharProperty.match(Unknown Source)
at java.util.regex.Pattern$Branch.match(Unknown Source)
at java.util.regex.Pattern$GroupHead.match(Unknown Source)
at java.util.regex.Pattern$Loop.match(Unknown Source)
at java.util.regex.Pattern$GroupTail.match(Unknown Source)
at java.util.regex.Pattern$BranchConn.match(Unknown Source)
at java.util.regex.Pattern$CharProperty.match(Unknown Source)
at java.util.regex.Pattern$Branch.match(Unknown Source)
at java.util.regex.Pattern$GroupHead.match(Unknown Source)
at java.util.regex.Pattern$Loop.match(Unknown Source)
i've found the following bug report:
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=5050507
is there anything i can do to still use string.match? if not, can you please recommend some other way to do it without implementing html parsing by myself?
Thank a lot,
Dub.
You can just manually go through the input string using String's indexOf() method to find the start and end deliminters and extract out the bits between yourself.
public static void main(String[] args) {
String source = "<html>blah<code>this is awesome</code>more junk</html>";
String startDelim = "<code>";
String endDelim = "</code>";
int start = source.indexOf(startDelim);
int end = source.indexOf(endDelim);
String code = source.substring(start + startDelim.length(), end);
System.out.println(code);
}
If you need to find more than one, then just use indexOf again starting at the point you finished:
int nextStart = source.indexOf(startDelim, end + endDelim.length())
Simply replace your regex pattern with "(?s).*"
This matches anything including new lines as you intended.

Categories

Resources