Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Used cipher type in DefaultCipherHandler #1110

Closed
chrswk opened this issue Apr 28, 2020 · 2 comments · Fixed by #1112
Closed

Used cipher type in DefaultCipherHandler #1110

chrswk opened this issue Apr 28, 2020 · 2 comments · Fixed by #1112
Assignees
@sdorra
Labels
bug Something isn't working

Comments

@chrswk
Copy link

chrswk commented Apr 28, 2020

Without knowing the reasons behind picking "AES/CTR/PKCS5PADDING", would it be possible to change to something that is supported out of the box in the latest Java version of Cipher?

Caused by: sonia.scm.security.CipherException: could not encode string
	at sonia.scm.security.DefaultCipherHandler.encode(DefaultCipherHandler.java:222)
	at sonia.scm.security.DefaultCipherHandler.storeKey(DefaultCipherHandler.java:247)
	at sonia.scm.security.DefaultCipherHandler.<init>(DefaultCipherHandler.java:132)
	at sonia.scm.security.CipherUtil.<init>(CipherUtil.java:62)
	at sonia.scm.security.CipherUtil.getInstance(CipherUtil.java:83)
	at sonia.scm.lifecycle.modules.BootstrapModule.configure(BootstrapModule.java:93)
	at com.google.inject.AbstractModule.configure(AbstractModule.java:61)
	at com.google.inject.spi.Elements$RecordingBinder.install(Elements.java:344)
	at com.google.inject.spi.Elements.getElements(Elements.java:103)
	at com.google.inject.internal.InjectorShell$Builder.build(InjectorShell.java:137)
	at com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:103)
	... 57 more
Caused by: java.security.NoSuchAlgorithmException: Cannot find any provider supporting AES/CTR/PKCS5PADDING
	at java.base/javax.crypto.Cipher.getInstance(Cipher.java:573)
	at sonia.scm.security.DefaultCipherHandler.encode(DefaultCipherHandler.java:209)
	... 67 more
Caused by: javax.crypto.NoSuchPaddingException: CTR mode must be used with NoPadding
	at java.base/com.sun.crypto.provider.CipherCore.setPadding(CipherCore.java:299)
	at java.base/com.sun.crypto.provider.AESCipher.engineSetPadding(AESCipher.java:212)
	at java.base/javax.crypto.Cipher$Transform.setModePadding(Cipher.java:390)
	at java.base/javax.crypto.Cipher.getInstance(Cipher.java:566)
	... 68 more

Thanks
Chris
@sdorra sdorra added the bug Something isn't working label Apr 28, 2020
@sdorra sdorra self-assigned this Apr 28, 2020
@sdorra
Copy link
Member

sdorra commented Apr 28, 2020
edited

Thanks @chrswk for the report. Changing the used cipher should be easy, but i think we need a migration strategy for instances which have already encrypted data.

@sdorra sdorra mentioned this issue Apr 29, 2020
Merged
7 tasks
@chrswk
Copy link
Author

chrswk commented Apr 29, 2020

Awesome, thanks. Looking forward to RC8.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sdorra sdorra

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Use AES/GCM/NoPadding instead of AES/CTR/PKCS5PADDING scm-manager/scm-manager
2 participants
@sdorra @chrswk