Details
-
Bug
-
Resolution: Done
-
Critical
-
None
-
None
-
None
-
None
-
RHEL 6 x64 environment.
- OpenJDK
java -version
java version "1.7.0_25"
OpenJDK Runtime Environment (rhel-2.3.10.4.el6_4-x86_64)
OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode)java.security
#security.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg security.provider.1=sun.security.provider.Sun security.provider.2=sun.security.rsa.SunRsaSign security.provider.3=com.sun.net.ssl.internal.ssl.Provider security.provider.4=com.sun.crypto.provider.SunJCE security.provider.5=sun.security.jgss.SunProvider security.provider.6=com.sun.security.sasl.Provider security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.8=sun.security.smartcardio.SunPCSC
nss.cfg
name = NSS nssLibraryDirectory = /usr/lib64 nssDbMode = noDb attributes = compatibility #handleStartupErrors = ignoreMultipleInitialisation
- Oracle JDK
java version "1.7.0_25"
Java(TM) SE Runtime Environment (build 1.7.0_25-b15)
Java HotSpot(TM) 64-Bit Server VM (build 23.25-b01, mixed mode)java.security
security.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg security.provider.2=sun.security.provider.Sun security.provider.3=sun.security.rsa.SunRsaSign security.provider.4=sun.security.ec.SunEC security.provider.5=com.sun.net.ssl.internal.ssl.Provider security.provider.6=com.sun.crypto.provider.SunJCE security.provider.7=sun.security.jgss.SunProvider security.provider.8=com.sun.security.sasl.Provider security.provider.9=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.10=sun.security.smartcardio.SunPCSC
nss.conf
name = NSS nssLibraryDirectory = /usr/lib64 nssDbMode = noDb attributes = compatibility #handleStartupErrors = ignoreMultipleInitialisation
Unrestricted security policy - updated local_policy.jar and US_export_policy.jar
RHEL 6 x64 environment. OpenJDK java -version java version "1.7.0_25" OpenJDK Runtime Environment (rhel-2.3.10.4.el6_4-x86_64) OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode) java.security #security.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg security.provider.1=sun.security.provider.Sun security.provider.2=sun.security.rsa.SunRsaSign security.provider.3=com.sun.net.ssl.internal.ssl.Provider security.provider.4=com.sun.crypto.provider.SunJCE security.provider.5=sun.security.jgss.SunProvider security.provider.6=com.sun.security.sasl.Provider security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.8=sun.security.smartcardio.SunPCSC nss.cfg name = NSS nssLibraryDirectory = /usr/lib64 nssDbMode = noDb attributes = compatibility #handleStartupErrors = ignoreMultipleInitialisation Oracle JDK java version "1.7.0_25" Java(TM) SE Runtime Environment (build 1.7.0_25-b15) Java HotSpot(TM) 64-Bit Server VM (build 23.25-b01, mixed mode) java.security security.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg security.provider.2=sun.security.provider.Sun security.provider.3=sun.security.rsa.SunRsaSign security.provider.4=sun.security.ec.SunEC security.provider.5=com.sun.net.ssl.internal.ssl.Provider security.provider.6=com.sun.crypto.provider.SunJCE security.provider.7=sun.security.jgss.SunProvider security.provider.8=com.sun.security.sasl.Provider security.provider.9=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.10=sun.security.smartcardio.SunPCSC nss.conf name = NSS nssLibraryDirectory = /usr/lib64 nssDbMode = noDb attributes = compatibility #handleStartupErrors = ignoreMultipleInitialisation Unrestricted security policy - updated local_policy.jar and US_export_policy.jar
Description
Kris found reported this issue and we were not sure where the problem was. I've been able to reproduce this by only using the SimplePush Server on OpenShift by directly sending a notification to a channel.
The error I'm seeing (I've added some additional logging) is the following:
2013/09/02 06:32:23,205 INFO [org.jboss.aerogear.simplepush.server.netty.NotificationHandler] (nioEventLoopGroup-4-2) /update/NH6A7LiVX6PWj2F42FjnKKmOLYYhHwFt_kxdYyEFY0IuE0uapSQOW2a7aM5WqzWgUK-1mqU5gT6EKxcXQo5wGg 2013/09/02 06:32:23,207 INFO [org.jboss.aerogear.simplepush.util.CryptoUtil] (nioEventLoopGroup-4-2) Try to decrypt: [NH6A7LiVX6PWj2F42FjnKKmOLYYhHwFt_kxdYyEFY0IuE0uapSQOW2a7aM5WqzWgUK-1mqU5gT6EKxcXQo5wGg] 2013/09/02 06:32:23,209 INFO [org.jboss.aerogear.simplepush.util.CryptoUtil] (nioEventLoopGroup-4-2) Decrypting : [NH6A7LiVX6PWj2F42FjnKKmOLYYhHwFt_kxdYyEFY0IuE0uapSQOW2a7aM5WqzWgUK-1mqU5gT6EKxcXQo5wGg] with key [3ZILBAh8vNMU] 2013/09/02 06:32:23,214 ERROR [org.jboss.aerogear.simplepush.server.netty.NotificationHandler] (nioEventLoopGroup-4-2) Error while processing notifiation:: java.security.ProviderException: doFinal() failed at sun.security.pkcs11.P11Cipher.implDoFinal(P11Cipher.java:814) at sun.security.pkcs11.P11Cipher.engineDoFinal(P11Cipher.java:542) at sun.security.pkcs11.P11Cipher.engineDoFinal(P11Cipher.java:525) at javax.crypto.Cipher.doFinal(Cipher.java:1922) [jce.jar:1.7.0_25] at org.jboss.aerogear.simplepush.util.CryptoUtil.decrypt(CryptoUtil.java:114) [aerogear-simplepush-server-core-0.8.0.jar:0.8.0] at org.jboss.aerogear.simplepush.util.CryptoUtil.decryptEndpoint(CryptoUtil.java:136) [aerogear-simplepush-server-core-0.8.0.jar:0.8.0] at org.jboss.aerogear.simplepush.server.netty.NotificationHandler$Notifier.call(NotificationHandler.java:124) [aerogear-simplepush-server-netty-0.8.0.jar:0.8.0] at org.jboss.aerogear.simplepush.server.netty.NotificationHandler$Notifier.call(NotificationHandler.java:110) [aerogear-simplepush-server-netty-0.8.0.jar:0.8.0] at io.netty.util.concurrent.PromiseTask.run(PromiseTask.java:73) [netty-all-4.0.5.Final-SNAPSHOT.jar:] at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:354) [netty-all-4.0.5.Final-SNAPSHOT.jar:] at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:366) [netty-all-4.0.5.Final-SNAPSHOT.jar:] at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:101) [netty-all-4.0.5.Final-SNAPSHOT.jar:] at java.lang.Thread.run(Thread.java:724) [rt.jar:1.7.0_25] Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ENCRYPTED_DATA_INVALID at sun.security.pkcs11.wrapper.PKCS11.C_DecryptFinal(Native Method) at sun.security.pkcs11.P11Cipher.implDoFinal(P11Cipher.java:806) ... 12 more
Steps to reproduce:
1. Create an OpenShift application to work against:
rhc create-app kris "https://cartreflect-claytondev.rhcloud.com/reflect?github=danbev/openshift-origin-cartridge-aerogear-push&commit=a448d69036150f720555a1b8929e231fb7719816" mysql-5.1
2. Update the example and change the server url to point to the application created in step one.
3. Again follow the steps example to register a channel and then send to that channel.
Attachments
Issue Links
- is related to
-
AEROGEAR-7447 Remove java7 marker in OpenShift usr template
- Closed