Mantis - Quercus
|
|||||
Viewing Issue Advanced Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
3538 | major | always | 05-30-09 16:05 | 07-20-09 09:31 | |
|
|||||
Reporter: | Taylor | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 3.2.1 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
|
|||||
Summary: | 0003538: phpMyAdmin has problem with padding of cleartext for blowfish decryption | ||||
Description: |
Trying to get phpmyadmin running on quercus on glassfish v2.1. There is failure due to padding for encryption, using blowfish, when it decrypts in MCrypt. I went to quercus source to change it to no-padding. I discovered that Quercus already chooses no-padding for all encryption methods, except that it has been commented out and replaced with PKCS5 for blowfish. I assume there is a reason for this, so I guess there is no point in changing it back? This is independent of digitalrinaldo's bug about invalid key length. Note: I was hoping to use this in a class I'm teaching, use glassfish+mysql and phpmyadmin. All those students would go out and tell their employers to take a look at quercus..... |
||||
Steps To Reproduce: | |||||
Additional Information: |
From the glassfish logs: PWC1406: Servlet.service() for servlet phpMyAdmin threw exception java.lang.RuntimeException: java.lang.RuntimeException: javax.crypto.BadPaddingException: Given final block not properly padded at com.caucho.quercus.lib.mcrypt.McryptModule.mcrypt_decrypt(McryptModule.java:177) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at com.caucho.quercus.module.StaticFunction.invoke(StaticFunction.java:129) at com.caucho.quercus.env.JavaInvoker.callMethod(JavaInvoker.java:618) at com.caucho.quercus.env.JavaInvoker.call(JavaInvoker.java:553) at com.caucho.quercus.expr.FunctionExpr.evalImpl(FunctionExpr.java:182) at com.caucho.quercus.expr.FunctionExpr.eval(FunctionExpr.java:126) at com.caucho.quercus.env.JavaInvoker.evalArguments(JavaInvoker.java:429) at com.caucho.quercus.expr.FunctionExpr.evalImpl(FunctionExpr.java:170) at com.caucho.quercus.expr.FunctionExpr.eval(FunctionExpr.java:126) at com.caucho.quercus.program.ReturnStatement.execute(ReturnStatement.java:68) at com.caucho.quercus.program.BlockStatement.execute(BlockStatement.java:105) at com.caucho.quercus.program.Function.callImpl(Function.java:363) at com.caucho.quercus.program.Function.callCopy(Function.java:297) at com.caucho.quercus.expr.FunctionExpr.evalImpl(FunctionExpr.java:180) at com.caucho.quercus.expr.FunctionExpr.evalCopy(FunctionExpr.java:150) at com.caucho.quercus.expr.AssignExpr.eval(AssignExpr.java:86) at com.caucho.quercus.program.ExprStatement.execute(ExprStatement.java:64) at com.caucho.quercus.program.BlockStatement.execute(BlockStatement.java:105) at com.caucho.quercus.program.Function.callImpl(Function.java:363) at com.caucho.quercus.program.Function.call(Function.java:292) at com.caucho.quercus.expr.FunctionExpr.evalImpl(FunctionExpr.java:182) at com.caucho.quercus.expr.FunctionExpr.eval(FunctionExpr.java:126) at com.caucho.quercus.expr.Expr.evalBoolean(Expr.java:467) at com.caucho.quercus.expr.NotExpr.evalBoolean(NotExpr.java:72) at com.caucho.quercus.program.IfStatement.execute(IfStatement.java:80) at com.caucho.quercus.program.BlockStatement.execute(BlockStatement.java:105) at com.caucho.quercus.program.IfStatement.execute(IfStatement.java:81) at com.caucho.quercus.program.BlockStatement.execute(BlockStatement.java:105) at com.caucho.quercus.program.IfStatement.execute(IfStatement.java:81) at com.caucho.quercus.program.BlockStatement.execute(BlockStatement.java:105) at com.caucho.quercus.program.QuercusProgram.execute(QuercusProgram.java:327) at com.caucho.quercus.page.InterpretedPage.execute(InterpretedPage.java:71) at com.caucho.quercus.env.Env.include(Env.java:4074) at com.caucho.quercus.env.Env.includeOnce(Env.java:4025) at com.caucho.quercus.expr.IncludeOnceExpr.eval(IncludeOnceExpr.java:89) at com.caucho.quercus.program.ExprStatement.execute(ExprStatement.java:64) at com.caucho.quercus.program.BlockStatement.execute(BlockStatement.java:105) at com.caucho.quercus.program.QuercusProgram.execute(QuercusProgram.java:327) at com.caucho.quercus.page.InterpretedPage.execute(InterpretedPage.java:71) at com.caucho.quercus.page.QuercusPage.executeTop(QuercusPage.java:119) at com.caucho.quercus.servlet.QuercusServletImpl.service(QuercusServletImpl.java:167) at com.caucho.quercus.servlet.QuercusServlet.service(QuercusServlet.java:407) at javax.servlet.http.HttpServlet.service(HttpServlet.java:831) at org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:411) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:290) at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:271) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:202) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080) at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:272) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:341) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:263) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:214) at com.sun.enterprise.web.portunif.PortUnificationPipeline$PUTask.doTask(PortUnificationPipeline.java:380) at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265) at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106) Caused by: java.lang.RuntimeException: javax.crypto.BadPaddingException: Given final block not properly padded at com.caucho.quercus.lib.mcrypt.Mcrypt.decrypt(Mcrypt.java:98) at com.caucho.quercus.lib.mcrypt.McryptModule.mcrypt_decrypt(McryptModule.java:173) ... 73 more Caused by: javax.crypto.BadPaddingException: Given final block not properly padded at com.sun.crypto.provider.SunJCE_h.b(DashoA12275) at com.sun.crypto.provider.SunJCE_h.b(DashoA12275) at com.sun.crypto.provider.BlowfishCipher.engineDoFinal(DashoA12275) at javax.crypto.Cipher.doFinal(DashoA12275) at com.caucho.quercus.lib.mcrypt.Mcrypt.decrypt(Mcrypt.java:96) ... 74 more |
||||
Relationships | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|