Community
Participate
Working Groups
I got below error in Photon 4.8 eclipse. where as same code working fine in eclipse Oxygen 4.7 javax.crypto.BadPaddingException: Given final block not properly padded
(In reply to Rajagopalan G from comment #0) > I got below error in Photon 4.8 eclipse. where as same code working fine in > eclipse Oxygen 4.7 Could you please attach the reproducible code in the bug?
Created attachment 275927 [details] Pease the code in comment public String decryptData(String strInputText) { String strReturnedText = null; try { List<String> lstKeys = SecurityClient.lstKeyFile; key = readKey(lstKeys.get(0)); cipher.init(Cipher.DECRYPT_MODE, key); } catch (InvalidKeyException e) { //logger.error("Exception Details:"); e.printStackTrace(); } catch (NoSuchAlgorithmException e) { //logger.error("Exception Details:"); e.printStackTrace(); } catch (InvalidKeySpecException e) { //logger.error("Exception Details:"); e.printStackTrace(); } catch (IOException e) { // logger.error("Exception Details:"); e.printStackTrace(); } try { // Decode base64 to get bytes byte[] dec = new sun.misc.BASE64Decoder() .decodeBuffer(strInputText); byte[] utf16 = cipher.doFinal(dec); strReturnedText = new String(utf16, "UTF16"); } catch (UnsupportedEncodingException e) { //logger.error("Exception Details:"); e.printStackTrace(); } catch (IllegalBlockSizeException e) { //logger.error("Exception Details:"); e.printStackTrace(); } catch (BadPaddingException e) { //logger.error("Exception Details:"); e.printStackTrace(); } catch (IOException e) { //logger.error("Exception Details:"); e.printStackTrace(); } return strReturnedText; }
Thanks for the example. First, when I compile the program (after fixing some errors) with ecj version 4.7 through 4.9 I get the exact same class files from all versions. If you observe differently, please attach the different class files produced by Oxygen vs. Photon. If class files are identical, then different behavior of that program can impossibly be caused by JDT. *If* different class files can be produced under some circumstances, we'd need answers to the following: - do we need interface SecurityUtility, or can we safely remove the implements clause? - what is in SecurityClient? How is its field lstKeyFile initialized? - how should we invoke the program? There's no main nor do you show any input data.
Below code only we using import java.util.ArrayList; import java.util.List; import org.apache.log4j.Logger; public class SecurityClient { SecurityUtility scutil = new SecurityUtilImpl(); SecurityUtilImpl scimpl = new SecurityUtilImpl(); static List<String> lstKeyFile=new ArrayList<String>(); Logger logger = Logger.getLogger(SecurityClient.class); private void doGenerateKeyFile(String strKey,String strKeyFile) { scutil.generateKeyFile(strKey,strKeyFile); } private String doEncryption(String strInputData) { return scutil.encryptData(strInputData); } private String doEncryptionWithoutPWKey(String strInputData) { return scutil.encryptDataWithoutPWKey(strInputData); } private String doDecryption(String strEncryptData) { return scutil.decryptData(strEncryptData); } private boolean doValidateData(String strDecryptedData, String strEnteredData) { boolean bolStatus=false; String strPasswordKey=null; String strTempCombData=null; strPasswordKey=scimpl.getPasswordKey(lstKeyFile.get(1)); strTempCombData=strEnteredData+strPasswordKey; if(strTempCombData.equals(strDecryptedData)) { bolStatus=true; } return bolStatus; } public void generateKeyFile(String strKey,String strKeyFile) { doGenerateKeyFile(strKey,strKeyFile); lstKeyFile.add(strKeyFile); } public String encryptData(String strInputData) { return doEncryption(strInputData); } public String encryptDataWithoutPWKey(String strInputData) { return doEncryptionWithoutPWKey(strInputData); } public String decryptData(String strEncryptData) { return doDecryption(strEncryptData); } public boolean checkLoginStatus(String strDecryptedData, String strEnteredData) { return doValidateData(strDecryptedData,strEnteredData); } }
import java.io.BufferedWriter; import java.io.DataInputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileWriter; import java.io.IOException; import java.io.UnsupportedEncodingException; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.Provider; import java.security.Security; import java.security.spec.InvalidKeySpecException; import java.util.List; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.DESedeKeySpec; import org.apache.log4j.Logger; public final class SecurityUtilImpl implements SecurityUtility { Logger logger = Logger.getLogger(SecurityClient.class); Cipher cipher = null; SecretKey key = null; SecurityUtilImpl() { try { cipher = Cipher.getInstance("DESede"); } catch (Exception e) { System.err.println("Installing SunJCE provider."); Provider sunjce = new com.sun.crypto.provider.SunJCE(); Security.addProvider(sunjce); } } public String decryptData(String strInputText) { String strReturnedText = null; try { List<String> lstKeys = SecurityClient.lstKeyFile; key = readKey(lstKeys.get(0)); cipher.init(Cipher.DECRYPT_MODE, key); } catch (InvalidKeyException e) { logger.error("Exception Details:"); logger.error(e, e); } catch (NoSuchAlgorithmException e) { logger.error("Exception Details:"); logger.error(e, e); } catch (InvalidKeySpecException e) { logger.error("Exception Details:"); logger.error(e, e); } catch (IOException e) { logger.error("Exception Details:"); logger.error(e, e); } try { // Decode base64 to get bytes byte[] dec = new sun.misc.BASE64Decoder() .decodeBuffer(strInputText); byte[] utf16 = cipher.doFinal(dec); strReturnedText = new String(utf16, "UTF16"); } catch (UnsupportedEncodingException e) { logger.error("Exception Details:"); logger.error(e, e); } catch (IllegalBlockSizeException e) { logger.error("Exception Details:"); logger.error(e, e); } catch (BadPaddingException e) { logger.error("Exception Details:"); logger.error(e, e); } catch (IOException e) { logger.error("Exception Details:"); logger.error(e, e); } return strReturnedText; } public String encryptData(String strInputText) { String strReturnedText = null; String strPasswordKey = null; try { List<String> lstKeys = SecurityClient.lstKeyFile; key = readKey(lstKeys.get(0)); if (lstKeys.size() != 1) { strPasswordKey=getPasswordKey(lstKeys.get(1)); } else { strPasswordKey = ""; } } catch (InvalidKeyException ke) { logger.error("Exception Details:"); logger.error(ke); } catch (NoSuchAlgorithmException ae) { logger.error("Exception Details:"); logger.error(ae); } catch (InvalidKeySpecException kse) { logger.error("Exception Details:"); logger.error(kse); } catch (IOException ioe) { logger.error("Exception Details:"); logger.error(ioe); } try { cipher.init(Cipher.ENCRYPT_MODE, key); } catch (InvalidKeyException e) { logger.error("Exception Details:"); logger.error(e, e); } byte[] utf16; byte[] enc; try { strInputText = strInputText + strPasswordKey; utf16 = strInputText.getBytes("UTF16"); enc = cipher.doFinal(utf16); strReturnedText = new sun.misc.BASE64Encoder().encodeBuffer(enc); } catch (UnsupportedEncodingException e) { logger.error("Exception Details:"); logger.error(e, e); } catch (IllegalBlockSizeException e) { logger.error("Exception Details:"); logger.error(e, e); } catch (BadPaddingException e) { logger.error("Exception Details:"); logger.error(e, e); } return strReturnedText; } /** * To get Encrypted Data without using password key. */ public String encryptDataWithoutPWKey(String strInputText) { String strReturnedText = null; try { List<String> lstKeys = SecurityClient.lstKeyFile; key = readKey(lstKeys.get(0)); } catch (InvalidKeyException ke) { logger.error("Exception Details:"); logger.error(ke); } catch (NoSuchAlgorithmException ae) { logger.error("Exception Details:"); logger.error(ae); } catch (InvalidKeySpecException kse) { logger.error("Exception Details:"); logger.error(kse); } catch (IOException ioe) { logger.error("Exception Details:"); logger.error(ioe); } try { cipher.init(Cipher.ENCRYPT_MODE, key); } catch (InvalidKeyException e) { logger.error("Exception Details:"); logger.error(e, e); } byte[] utf16; byte[] enc; try { utf16 = strInputText.getBytes("UTF16"); enc = cipher.doFinal(utf16); strReturnedText = new sun.misc.BASE64Encoder().encodeBuffer(enc); } catch (UnsupportedEncodingException e) { logger.error("Exception Details:"); logger.error(e, e); } catch (IllegalBlockSizeException e) { logger.error("Exception Details:"); logger.error(e, e); } catch (BadPaddingException e) { logger.error("Exception Details:"); logger.error(e, e); } return strReturnedText; } public String getPasswordKey(String strFilePath) { String strPasswordKey=null; SecretKey skPasswordKey=null; try { skPasswordKey = readKey(strFilePath); strPasswordKey = new sun.misc.BASE64Encoder().encode(skPasswordKey .getEncoded()); } catch (InvalidKeyException ke) { logger.error("Exception Details:"); logger.error(ke); } catch (NoSuchAlgorithmException ae) { logger.error("Exception Details:"); logger.error(ae); } catch (InvalidKeySpecException kse) { logger.error("Exception Details:"); logger.error(kse); } catch (IOException ioe) { logger.error("Exception Details:"); logger.error(ioe); } return strPasswordKey; } public void generateKeyFile(String strEncKey, String strFilePath) { SecretKeyFactory keyFactory; DESedeKeySpec keySpec; logger.info("Generating key. This may take some time..."); try { byte[] keyAsBytes = strEncKey.getBytes("UTF-16"); keySpec = new DESedeKeySpec(keyAsBytes); keyFactory = SecretKeyFactory.getInstance("DESede"); key = keyFactory.generateSecret(keySpec); writeKey(key, strFilePath); logger.info("done"); logger.info("Secret key is generated based on User input "); } catch (IOException ioe) { logger.error("Exception Details:"); logger.error(ioe); } catch (NoSuchAlgorithmException ae) { logger.error("Exception Details:"); logger.error(ae); } catch (InvalidKeySpecException ke) { logger.error("Exception Details:"); logger.error(ke); } catch (Exception e) { logger.error("Exception Details:"); logger.error(e, e); } } /** Save the specified TripleDES SecretKey to the specified file */ private void writeKey(SecretKey key, String strFilePath) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException { FileWriter fw = new FileWriter(strFilePath); // Convert the secret key to an array of bytes like this SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("DESede"); DESedeKeySpec keyspec = (DESedeKeySpec) keyfactory.getKeySpec(key, DESedeKeySpec.class); byte[] rawkey = keyspec.getKey(); // Write the raw key to the file BufferedWriter out = new BufferedWriter(fw); out.write(new String(rawkey)); out.close(); } /** Read a TripleDES secret key from the specified file */ private SecretKey readKey(String strKeyFile) throws IOException, NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException { // Read the raw bytes from the keyfile File file = new File(strKeyFile); DataInputStream in = new DataInputStream(new FileInputStream(file)); byte[] rawkey = new byte[(int) file.length()]; in.readFully(rawkey); in.close(); // Convert the raw bytes to a secret key like this DESedeKeySpec keyspec = new DESedeKeySpec(rawkey); SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("DESede"); SecretKey key = keyfactory.generateSecret(keyspec); return key; } }
(In reply to Rajagopalan G from comment #4) > Below code only we using > ... > public class SecurityClient { (In reply to Rajagopalan G from comment #5) > public final class SecurityUtilImpl implements SecurityUtility { OK, this answers two of my questions. Remaining questions before we can investigate: (In reply to Stephan Herrmann from comment #3) > First, when I compile the program (after fixing some errors) with ecj > version 4.7 through 4.9 I get the exact same class files from all versions. > If you observe differently, please attach the different class files produced > by Oxygen vs. Photon. Please attach the .class files as requested. If there's no difference in output from different versions of ecj then this obviously does not demonstrate a regression in ecj. > - how should we invoke the program? There's no main nor do you show any > input data. Please answer this one, too.
Created attachment 276584 [details] Security client file Security client file
Created attachment 276585 [details] Securityutilimpl Securityutilimpl
I attached 2 class files. please fix this issue.
(In reply to Rajagopalan G from comment #9) > I attached 2 class files. Thanks, but please read carefully: (In reply to Stephan Herrmann from comment #3) > First, when I compile the program (after fixing some errors) with ecj > version 4.7 through 4.9 I get the exact same class files from all versions. > If you observe differently, please attach the different class files produced > by Oxygen vs. Photon. > > If class files are identical, then different behavior of that program can > impossibly be caused by JDT. We need to compare different versions. > please fix this issue. So far I see nothing needing a fix in JDT.
public void generateKeyFile(String strEncKey, String strFilePath) { SecretKeyFactory keyFactory; DESedeKeySpec keySpec; //logger.info("Generating key. This may take some time..."); try { byte[] keyAsBytes = strEncKey.getBytes("UTF-16"); keySpec = new DESedeKeySpec(keyAsBytes); keyFactory = SecretKeyFactory.getInstance("DESede"); key = keyFactory.generateSecret(keySpec); writeKey(key, strFilePath); //logger.info("done"); //logger.info("Secret key is generated based on User input "); } catch (IOException ioe) { //logger.error("Exception Details:"); ioe.printStackTrace(); } catch (NoSuchAlgorithmException ae) { //logger.error("Exception Details:"); ae.printStackTrace(); } catch (InvalidKeySpecException ke) { //logger.error("Exception Details:"); ke.printStackTrace(); } catch (Exception e) { //logger.error("Exception Details:"); e.printStackTrace(); } } Above code return the key(generateSecret) is differently in Oxygen and Photon. Please suggest to work in new eclipse....
(In reply to Rajagopalan G from comment #11) > Above code return the key(generateSecret) is differently in Oxygen and > Photon. Please suggest to work in new eclipse.... To demonstrate that Eclipse is the cause for different behavior you should attach .class files compiled by both versions of Eclipse. If OTOH .class files compiled by different versions of Eclipse are identical then Eclipse is NOT the cause for your problem. Perhaps you are running on different library versions with different behavior?
Created attachment 277021 [details] Sample project added here Sample project added here. Encryption got different in Oxygen and photon
4.10 also different...please suggest...
(In reply to Rajagopalan G from comment #14) > 4.10 also different...please suggest... Thanks for the sample project. You could speed up investigation by actually following the request in comment 12. Additionally, I wonder whether all the Web Tools magic in your project is necessary to demonstrate the bug? JDT developers typically have nothing of that installed in our environments.
We are using same key . but encryption got different. We don't have issue in our code, working fine in Oxygen. How Encryption text is changed in Photon?
This bug hasn't had any activity in quite some time. Maybe the problem got resolved, was a duplicate of something else, or became less pressing for some reason - or maybe it's still relevant but just hasn't been looked at yet. If you have further information on the current state of the bug, please add it. The information can be, for example, that the problem still occurs, that you still want the feature, that more information is needed, or that the bug is (for whatever reason) no longer relevant. -- The automated Eclipse Genie.
