Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-992

org.jboss.security.Base64Encoder doesn't work for certain lengths (1026 or 3072 for example)

    Details

    • Steps to Reproduce:
      Hide

      Attached a simple reproducer (the length of the array is passed):

      javac -cp ~/picketbox/dist/target/picketbox-5.1.1.Beta1-SNAPSHOT.jar Reproducer.java
      java -cp picketbox/main/picketbox-5.1.1.Final.jar:. Reproducer 1026
      

      You will see that with 1026 and 3072 the first base64 is missing the last four bytes (one is using picketbox and the other java8 Base64 class).

      Show
      Attached a simple reproducer (the length of the array is passed): javac -cp ~/picketbox/dist/target/picketbox-5.1.1.Beta1-SNAPSHOT.jar Reproducer.java java -cp picketbox/main/picketbox-5.1.1.Final.jar:. Reproducer 1026 You will see that with 1026 and 3072 the first base64 is missing the last four bytes (one is using picketbox and the other java8 Base64 class).
    • Workaround Description:
      Hide

      None, use another Base64 implementation like the one in JDK.

      Show
      None, use another Base64 implementation like the one in JDK.

      Description

      When a byte array of certain lengths (1026 and 3072 for example) is encoded in base64 using the class org.jboss.security.Base64Encoder the last chunk of four bytes is omitted.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  ivassile Ilia Vassilev
                  Reporter:
                  rhn-support-rmartinc Ricardo Martin Camarero
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: