Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-25937

"Given final block not properly padded" after deleting master.key after Java security update

XMLWordPrintable

      Recently core tests have started failing:

      https://jenkins.ci.cloudbees.com/job/core/job/jenkins-core-validated-merge/307/testReport/junit/jenkins.security/DefaultConfidentialStoreTest/roundtrip/

      java.io.IOException: javax.crypto.BadPaddingException: Given final block not properly padded
	at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:811)
	at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:676)
	at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:313)
	at javax.crypto.Cipher.doFinal(Cipher.java:1970)
	at javax.crypto.CipherInputStream.getMoreData(CipherInputStream.java:112)
	at javax.crypto.CipherInputStream.read(CipherInputStream.java:233)
	at javax.crypto.CipherInputStream.read(CipherInputStream.java:209)
	at org.apache.commons.io.IOUtils.copyLarge(IOUtils.java:1792)
	at org.apache.commons.io.IOUtils.copyLarge(IOUtils.java:1769)
	at org.apache.commons.io.IOUtils.copy(IOUtils.java:1744)
	at org.apache.commons.io.IOUtils.toByteArray(IOUtils.java:462)
	at jenkins.security.DefaultConfidentialStore.load(DefaultConfidentialStore.java:106)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite$PojoCachedMethodSiteNoUnwrapNoCoerce.invoke(PojoMetaMethodSite.java:230)
	at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite.call(PojoMetaMethodSite.java:53)
	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:42)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:116)
	at jenkins.security.DefaultConfidentialStoreTest.roundtrip(DefaultConfidentialStoreTest.groovy:52)

      This is reproducible when the test is run on Java 8, but not 7. It looks like a real bug, not just a test failure; this part of the test checks what happens when master.key is deleted and recreated, which presumably is a rare event, so it is not surprising if this was never noticed by users.

            jglick Jesse Glick
            jglick Jesse Glick
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: