Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: PicketBox_4_0_21.Final
Affects Version/s: PicketBox_4_0_21.Beta2
Component/s: None
Labels:
None

Git Pull Request:
https://github.com/picketbox/picketbox/pull/8
Bugzilla References:
https://bugzilla.redhat.com/show_bug.cgi?id=1125004

Vault util is failing for some password/salt/iteration combinations because Base64Utils class strips zeroes from provided byte array.

So if a user encodes a key with length 8 and the leading byte of the key is zero, then after decoding he only gets 7 (or less) bytes.

For instance:

encode ( { 0, 81, 121, -37, 46, -64, 20, 114 } ) -> "1HUTikm1Ho"
decode ("1HUTikm1Ho") -> {  81, 121, -37, 46, -64, 20, 114  }

As a result the PBEUtil will fail with javax.crypto.IllegalBlockSizeException.

IMHO the same problem can occur on other places where the Base64Utils class is used (not only the Vault).

blocks

WFLY-3778 Tests in Manualmode test suite fail occasionally

Closed

Assignee:: Josef Cacek (Inactive)

Reporter:: Josef Cacek (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2014/07/31 9:44 AM

Updated:: 2020/09/14 5:03 AM

Resolved:: 2014/08/25 8:19 AM