search

appmattus / certificatetransparency

Certificate transparency for Android and JVM
Apache License 2.0
142 stars 29 forks source link

Crash on some devices: Caused by java.lang.NoClassDefFoundError: Failed resolution of: Ljava/time/Duration; #85

Closed kancic closed 1 year ago

kancic commented 1 year ago

Hi,

I'm getting this crash on the newest version 2.2.0:

Fatal Exception: java.lang.NoClassDefFoundError: com.appmattus.certificatetransparency.loglist.LogListCacheManagementDataSource
       at com.appmattus.certificatetransparency.loglist.LogListDataSourceFactory.createDataSource(LogListDataSourceFactory.kt:127)
       at com.appmattus.certificatetransparency.loglist.LogListDataSourceFactory.createDataSource$default(LogListDataSourceFactory.kt:119)
       at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyBase.<init>(CertificateTransparencyBase.kt:78)
       at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManager.<init>(CertificateTransparencyTrustManager.kt:46)
       at com.appmattus.certificatetransparency.CTTrustManagerBuilder.build(CTTrustManagerBuilder.kt:230)
       at com.appmattus.certificatetransparency.CTTrustManagerBuilderExtKt.certificateTransparencyTrustManager(CTTrustManagerBuilderExt.kt:32)
       at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManagerFactory$cachedTrustManager$2.invoke(CertificateTransparencyTrustManagerFactory.kt:47)
       at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManagerFactory$cachedTrustManager$2.invoke(CertificateTransparencyTrustManagerFactory.kt:44)
       at kotlin.SynchronizedLazyImpl.getValue(LazyJVM.kt:74)
       at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManagerFactory.getCachedTrustManager(CertificateTransparencyTrustManagerFactory.kt:44)
       at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManagerFactory.engineGetTrustManagers(CertificateTransparencyTrustManagerFactory.kt:62)
       at javax.net.ssl.TrustManagerFactory.getTrustManagers(TrustManagerFactory.java:285)
       at okhttp3.internal.platform.Platform.platformTrustManager(Platform.kt:81)
       at okhttp3.OkHttpClient.<init>(OkHttpClient.kt:237)
       at okhttp3.OkHttpClient$Builder.build(OkHttpClient.kt:1069)
       at our.package.name.OkHttpClientFactory.unsafe(OkHttpClientFactory.kt:24)

This is the code in question

    fun unsafe(): OkHttpClient {
        return OkHttpClient.Builder()
            .connectTimeout(CONNECTION_TIMEOUT.toLong(), TimeUnit.SECONDS)
            .readTimeout(CONNECTION_TIMEOUT.toLong(), TimeUnit.SECONDS)
            .writeTimeout(CONNECTION_TIMEOUT.toLong(), TimeUnit.SECONDS)
            .retryOnConnectionFailure(RETRY_ON_CONNECTION_FAILURE)
            .addInterceptor(HttpLoggingInterceptor { message: String -> Timber.tag("OkHttp - Unsafe").i(message) }.setLevel(HttpLoggingInterceptor.Level.BODY))
            .build()
    }

Caused by java.lang.NoClassDefFoundError: Failed resolution of: Ljava/time/Duration;
       at com.appmattus.certificatetransparency.loglist.LogListCacheManagementDataSource.<clinit>(LogListCacheManagementDataSource.kt:137)
       at com.appmattus.certificatetransparency.loglist.LogListDataSourceFactory.createDataSource(LogListDataSourceFactory.kt:127)
       at com.appmattus.certificatetransparency.loglist.LogListDataSourceFactory.createDataSource$default(LogListDataSourceFactory.kt:119)
       at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyBase.<init>(CertificateTransparencyBase.kt:78)
       at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManager.<init>(CertificateTransparencyTrustManager.kt:46)
       at com.appmattus.certificatetransparency.CTTrustManagerBuilder.build(CTTrustManagerBuilder.kt:230)
       at com.appmattus.certificatetransparency.CTTrustManagerBuilderExtKt.certificateTransparencyTrustManager(CTTrustManagerBuilderExt.kt:32)
       at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManagerFactory$cachedTrustManager$2.invoke(CertificateTransparencyTrustManagerFactory.kt:47)
       at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManagerFactory$cachedTrustManager$2.invoke(CertificateTransparencyTrustManagerFactory.kt:44)
       at kotlin.SynchronizedLazyImpl.getValue(LazyJVM.kt:74)
       at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManagerFactory.getCachedTrustManager(CertificateTransparencyTrustManagerFactory.kt:44)
       at com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManagerFactory.engineGetTrustManagers(CertificateTransparencyTrustManagerFactory.kt:62)
       at javax.net.ssl.TrustManagerFactory.getTrustManagers(TrustManagerFactory.java:285)
       at com.google.android.gms.org.conscrypt.SSLParametersImpl.createDefaultX509TrustManager(:com.google.android.gms@231312021@23.13.12 (040408-519946965):1)
       at com.google.android.gms.org.conscrypt.SSLParametersImpl.getDefaultX509TrustManager(:com.google.android.gms@231312021@23.13.12 (040408-519946965))
       at com.google.android.gms.org.conscrypt.SSLParametersImpl.<init>(:com.google.android.gms@231312021@23.13.12 (040408-519946965):8)
       at com.google.android.gms.org.conscrypt.OpenSSLContextImpl.<init>(:com.google.android.gms@231312021@23.13.12 (040408-519946965):7)
       at com.google.android.gms.org.conscrypt.DefaultSSLContextImpl.<init>(:com.google.android.gms@231312021@23.13.12 (040408-519946965):1)
       at com.google.android.gms.org.conscrypt.DefaultSSLContextImpl.<init>(:com.google.android.gms@231312021@23.13.12 (040408-519946965))
       at com.google.android.gms.org.conscrypt.DefaultSSLContextImpl$TLSv12.<init>(:com.google.android.gms@231312021@23.13.12 (040408-519946965))
       at java.lang.Class.newInstance(Class.java)
       at java.security.Provider$Service.newInstance(Provider.java:1264)
       at sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
       at sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
       at javax.net.ssl.SSLContext.getInstance(SSLContext.java:189)
       at javax.net.ssl.SSLContext.getDefault(SSLContext.java:130)
       at javax.net.ssl.SSLServerSocketFactory.getDefault(SSLServerSocketFactory.java:136)
       at com.google.android.gms.org.conscrypt.OpenSSLServerSocketFactoryImpl.setUseEngineSocketByDefault(:com.google.android.gms@231312021@23.13.12 (040408-519946965))
       at com.google.android.gms.org.conscrypt.Conscrypt.setUseEngineSocketByDefault(:com.google.android.gms@231312021@23.13.12 (040408-519946965))
       at com.google.android.gms.providerinstaller.ProviderInstallerImpl.insertProvider(:com.google.android.gms@231312021@23.13.12 (040408-519946965):7)
       at java.lang.reflect.Method.invoke(Method.java)
       at com.google.android.gms.common.security.ProviderInstallerImpl.insertProvider(:com.google.android.gms@231312021@23.13.12 (040408-519946965):2)
       at java.lang.reflect.Method.invoke(Method.java)
       at com.google.android.gms.security.ProviderInstaller.zzc(com.google.android.gms:play-services-basement@@18.1.0:2)
       at com.google.android.gms.security.ProviderInstaller.installIfNeeded(com.google.android.gms:play-services-basement@@18.1.0:12)
      at our.package.name.CustomApplication.installTls12(CustomApplication.kt:192)

This is the code in question. Not really sure if we need it.

private fun installTls12() {
        try {
            ProviderInstaller.installIfNeeded(this)
        } catch (e: Exception) {
            // Indicates a non-recoverable error: let the user know.
        }
    }
viter-sweatcon commented 1 year ago

I think turning on the Java 8+ APIs desugaring (https://github.com/appmattus/certificatetransparency/pull/86) in your project can help you to solve this issues. The cause of java.lang.NoClassDefFoundError: Failed resolution of: Ljava/time/Duration; is that class java.time.Duration was added in android SDK starting from api level 26.

mattmook commented 1 year ago

I've added a note to the readme as well as updated the 2.x release notes on GitHub to note that to use the library on API 25 and lower that desugaring needs to be enabled.

As such I'm closing this issue as I'm not currently not going to be making a change to the codebase.