Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-992

org.jboss.security.Base64Encoder doesn't work for certain lengths (1026 or 3072 for example)

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • PicketBox_5_1_1.Beta1
    • PicketBox_5_1_0.Final
    • JBossSX
    • None
    • Hide

      Attached a simple reproducer (the length of the array is passed):

      javac -cp ~/picketbox/dist/target/picketbox-5.1.1.Beta1-SNAPSHOT.jar Reproducer.java
      java -cp picketbox/main/picketbox-5.1.1.Final.jar:. Reproducer 1026
      

      You will see that with 1026 and 3072 the first base64 is missing the last four bytes (one is using picketbox and the other java8 Base64 class).

      Show
      Attached a simple reproducer (the length of the array is passed): javac -cp ~/picketbox/dist/target/picketbox-5.1.1.Beta1-SNAPSHOT.jar Reproducer.java java -cp picketbox/main/picketbox-5.1.1.Final.jar:. Reproducer 1026 You will see that with 1026 and 3072 the first base64 is missing the last four bytes (one is using picketbox and the other java8 Base64 class).
    • Hide

      None, use another Base64 implementation like the one in JDK.

      Show
      None, use another Base64 implementation like the one in JDK.

      When a byte array of certain lengths (1026 and 3072 for example) is encoded in base64 using the class org.jboss.security.Base64Encoder the last chunk of four bytes is omitted.

        1. Reproducer.java
          0.7 kB
          Ricardo Martin Camarero

              rhn-support-ivassile Ilia Vassilev
              rhn-support-rmartinc Ricardo Martin Camarero
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: