Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None
Environment:
Hide

RHEL 6 x64 environment.

OpenJDK

java -version
java version "1.7.0_25"
OpenJDK Runtime Environment (rhel-2.3.10.4.el6_4-x86_64)
OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode)

java.security

#security.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg security.provider.1=sun.security.provider.Sun security.provider.2=sun.security.rsa.SunRsaSign security.provider.3=com.sun.net.ssl.internal.ssl.Provider security.provider.4=com.sun.crypto.provider.SunJCE security.provider.5=sun.security.jgss.SunProvider security.provider.6=com.sun.security.sasl.Provider security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.8=sun.security.smartcardio.SunPCSC

nss.cfg

name = NSS nssLibraryDirectory = /usr/lib64 nssDbMode = noDb attributes = compatibility #handleStartupErrors = ignoreMultipleInitialisation

Oracle JDK

java version "1.7.0_25"
Java(TM) SE Runtime Environment (build 1.7.0_25-b15)
Java HotSpot(TM) 64-Bit Server VM (build 23.25-b01, mixed mode)

java.security

security.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg security.provider.2=sun.security.provider.Sun security.provider.3=sun.security.rsa.SunRsaSign security.provider.4=sun.security.ec.SunEC security.provider.5=com.sun.net.ssl.internal.ssl.Provider security.provider.6=com.sun.crypto.provider.SunJCE security.provider.7=sun.security.jgss.SunProvider security.provider.8=com.sun.security.sasl.Provider security.provider.9=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.10=sun.security.smartcardio.SunPCSC

nss.conf

name = NSS nssLibraryDirectory = /usr/lib64 nssDbMode = noDb attributes = compatibility #handleStartupErrors = ignoreMultipleInitialisation

Unrestricted security policy - updated local_policy.jar and US_export_policy.jar
Show
RHEL 6 x64 environment. OpenJDK java -version java version "1.7.0_25" OpenJDK Runtime Environment (rhel-2.3.10.4.el6_4-x86_64) OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode) java.security #security.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg security.provider.1=sun.security.provider.Sun security.provider.2=sun.security.rsa.SunRsaSign security.provider.3=com.sun.net.ssl.internal.ssl.Provider security.provider.4=com.sun.crypto.provider.SunJCE security.provider.5=sun.security.jgss.SunProvider security.provider.6=com.sun.security.sasl.Provider security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.8=sun.security.smartcardio.SunPCSC nss.cfg name = NSS nssLibraryDirectory = /usr/lib64 nssDbMode = noDb attributes = compatibility #handleStartupErrors = ignoreMultipleInitialisation Oracle JDK java version "1.7.0_25" Java(TM) SE Runtime Environment (build 1.7.0_25-b15) Java HotSpot(TM) 64-Bit Server VM (build 23.25-b01, mixed mode) java.security security.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg security.provider.2=sun.security.provider.Sun security.provider.3=sun.security.rsa.SunRsaSign security.provider.4=sun.security.ec.SunEC security.provider.5=com.sun.net.ssl.internal.ssl.Provider security.provider.6=com.sun.crypto.provider.SunJCE security.provider.7=sun.security.jgss.SunProvider security.provider.8=com.sun.security.sasl.Provider security.provider.9=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.10=sun.security.smartcardio.SunPCSC nss.conf name = NSS nssLibraryDirectory = /usr/lib64 nssDbMode = noDb attributes = compatibility #handleStartupErrors = ignoreMultipleInitialisation Unrestricted security policy - updated local_policy.jar and US_export_policy.jar

Git Pull Request:
https://github.com/aerogear/aerogear-simplepush-server/pull/38

Description

Kris found reported this issue and we were not sure where the problem was. I've been able to reproduce this by only using the SimplePush Server on OpenShift by directly sending a notification to a channel.
The error I'm seeing (I've added some additional logging) is the following:

2013/09/02 06:32:23,205 INFO  [org.jboss.aerogear.simplepush.server.netty.NotificationHandler] (nioEventLoopGroup-4-2) /update/NH6A7LiVX6PWj2F42FjnKKmOLYYhHwFt_kxdYyEFY0IuE0uapSQOW2a7aM5WqzWgUK-1mqU5gT6EKxcXQo5wGg
2013/09/02 06:32:23,207 INFO  [org.jboss.aerogear.simplepush.util.CryptoUtil] (nioEventLoopGroup-4-2) Try to decrypt: [NH6A7LiVX6PWj2F42FjnKKmOLYYhHwFt_kxdYyEFY0IuE0uapSQOW2a7aM5WqzWgUK-1mqU5gT6EKxcXQo5wGg]
2013/09/02 06:32:23,209 INFO  [org.jboss.aerogear.simplepush.util.CryptoUtil] (nioEventLoopGroup-4-2) Decrypting : [NH6A7LiVX6PWj2F42FjnKKmOLYYhHwFt_kxdYyEFY0IuE0uapSQOW2a7aM5WqzWgUK-1mqU5gT6EKxcXQo5wGg] with key [3ZILBAh8vNMU]
2013/09/02 06:32:23,214 ERROR [org.jboss.aerogear.simplepush.server.netty.NotificationHandler] (nioEventLoopGroup-4-2) Error while processing notifiation:: java.security.ProviderException: doFinal() failed
        at sun.security.pkcs11.P11Cipher.implDoFinal(P11Cipher.java:814)
        at sun.security.pkcs11.P11Cipher.engineDoFinal(P11Cipher.java:542)
        at sun.security.pkcs11.P11Cipher.engineDoFinal(P11Cipher.java:525)
        at javax.crypto.Cipher.doFinal(Cipher.java:1922) [jce.jar:1.7.0_25]
        at org.jboss.aerogear.simplepush.util.CryptoUtil.decrypt(CryptoUtil.java:114) [aerogear-simplepush-server-core-0.8.0.jar:0.8.0]
        at org.jboss.aerogear.simplepush.util.CryptoUtil.decryptEndpoint(CryptoUtil.java:136) [aerogear-simplepush-server-core-0.8.0.jar:0.8.0]
        at org.jboss.aerogear.simplepush.server.netty.NotificationHandler$Notifier.call(NotificationHandler.java:124) [aerogear-simplepush-server-netty-0.8.0.jar:0.8.0]
        at org.jboss.aerogear.simplepush.server.netty.NotificationHandler$Notifier.call(NotificationHandler.java:110) [aerogear-simplepush-server-netty-0.8.0.jar:0.8.0]
        at io.netty.util.concurrent.PromiseTask.run(PromiseTask.java:73) [netty-all-4.0.5.Final-SNAPSHOT.jar:]
        at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:354) [netty-all-4.0.5.Final-SNAPSHOT.jar:]
        at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:366) [netty-all-4.0.5.Final-SNAPSHOT.jar:]
        at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:101) [netty-all-4.0.5.Final-SNAPSHOT.jar:]
        at java.lang.Thread.run(Thread.java:724) [rt.jar:1.7.0_25]
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ENCRYPTED_DATA_INVALID
        at sun.security.pkcs11.wrapper.PKCS11.C_DecryptFinal(Native Method)
        at sun.security.pkcs11.P11Cipher.implDoFinal(P11Cipher.java:806)
        ... 12 more

Steps to reproduce:
1. Create an OpenShift application to work against:

rhc create-app kris "https://cartreflect-claytondev.rhcloud.com/reflect?github=danbev/openshift-origin-cartridge-aerogear-push&commit=a448d69036150f720555a1b8929e231fb7719816" mysql-5.1

2. Update the example and change the server url to point to the application created in step one.
3. Again follow the steps example to register a channel and then send to that channel.

Attachments

Issue Links

is related to

AEROGEAR-7447 Remove java7 marker in OpenShift usr template

Closed

Activity

People

Assignee:: Daniel Bevenius (Inactive)

Reporter:: Daniel Bevenius (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2013/09/02 6:42 AM

Updated:: 2021/10/24 6:40 AM

Resolved:: 2013/10/02 10:04 AM