IllegalArgumentException in OcspCache when optional parent revocation checker OcspExtensions is empty

[felixdo]

This is probably happening since 1.77 caused by the fix for 1479. The OcspCache should somehow check that it doesnt create Extensions from an empty list, which is afaiu the default in PKIXRevocationChecker.

[dghgit]

This is fixed in the latest beta at https://www.bouncycastle.org/betas

[felixdo]

@dghgit Are the betas somehow consumable by maven/gradle builds?

[dghgit]

If you rename the jars to end with 178-SNAPSHOT.jar instead of 178b*.jar you should find the tools can use them okay.

[adodao]

When is version 1.78 planned to be released with the fix? When validating the SwissSign certificates via this OCSP (
http://ocsp.swisssign.ch) returns this exception.

-> basicOCSPResp.getResponses();

[dghgit]

The beta builds at https://www.bouncycastle.org/betas are now being distributed in a more "maven friendly" fashion (they end with 1.78-SNAPSHOT, they can also be built directly using ./gradlew clean build in the bc-java repo).

[phaus]

Good day! is there any update when we could have this fix in a stable release?

[wkruse]

It looks like there is already a 1.78 in Maven, but according to the

• Missing 1.78 release tag? #1618
• bcpg in release 1.78 now requires bcutil dependency #1619
• Upgrading to 1.78 results in class not found errors when running in OSGI containers #1621

it shouldn't be used, but 1.78.1 seems to be just around the corner.

[dghgit]

1.78 is largely safe to use, if you're affected by the issues we're fixing it simply won't work... (so there's no risk of harm, other than inactivity...)

[dghgit]

Fixed in 1.78.