Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-25937

"Given final block not properly padded" after deleting master.key after Java security update

    Details

    • Similar Issues:

      Description

      Recently core tests have started failing:

      https://jenkins.ci.cloudbees.com/job/core/job/jenkins-core-validated-merge/307/testReport/junit/jenkins.security/DefaultConfidentialStoreTest/roundtrip/

      java.io.IOException: javax.crypto.BadPaddingException: Given final block not properly padded
      	at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:811)
      	at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:676)
      	at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:313)
      	at javax.crypto.Cipher.doFinal(Cipher.java:1970)
      	at javax.crypto.CipherInputStream.getMoreData(CipherInputStream.java:112)
      	at javax.crypto.CipherInputStream.read(CipherInputStream.java:233)
      	at javax.crypto.CipherInputStream.read(CipherInputStream.java:209)
      	at org.apache.commons.io.IOUtils.copyLarge(IOUtils.java:1792)
      	at org.apache.commons.io.IOUtils.copyLarge(IOUtils.java:1769)
      	at org.apache.commons.io.IOUtils.copy(IOUtils.java:1744)
      	at org.apache.commons.io.IOUtils.toByteArray(IOUtils.java:462)
      	at jenkins.security.DefaultConfidentialStore.load(DefaultConfidentialStore.java:106)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:606)
      	at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite$PojoCachedMethodSiteNoUnwrapNoCoerce.invoke(PojoMetaMethodSite.java:230)
      	at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite.call(PojoMetaMethodSite.java:53)
      	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:42)
      	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)
      	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:116)
      	at jenkins.security.DefaultConfidentialStoreTest.roundtrip(DefaultConfidentialStoreTest.groovy:52)
      

      This is reproducible when the test is run on Java 8, but not 7. It looks like a real bug, not just a test failure; this part of the test checks what happens when master.key is deleted and recreated, which presumably is a rare event, so it is not surprising if this was never noticed by users.

        Attachments

          Activity

            People

            • Assignee:
              jglick Jesse Glick
              Reporter:
              jglick Jesse Glick
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: