[jira] [Created] (CXF-8816) Deflater and Inflater initialized with different 'nowrap' value
Andriy Redko created CXF-8816: - Summary: Deflater and Inflater initialized with different 'nowrap' value Key: CXF-8816 URL: https://issues.apache.org/jira/browse/CXF-8816 Project: CXF Issue Type: Bug Affects Versions: 4.0.0, 3.5.5, 3.4.10 Reporter: Andriy Redko -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-8816) Deflater and Inflater initialized with different 'nowrap' value
[ https://issues.apache.org/jira/browse/CXF-8816?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-8816: -- Description: As for now Deflater and Inflater initialized with different 'nowrap' value. As result we are getting the folowing Exeption: ``` java.lang.SecurityException: java.util.zip.DataFormatException: invalid stored block lengths at org.apache.cxf.rt.security.crypto.CryptoUtils.processBytes(CryptoUtils.java:587) at org.apache.cxf.rt.security.crypto.CryptoUtils.decryptBytes(CryptoUtils.java:483) at org.apache.cxf.rs.security.jose.jwe.AbstractJweDecryption.doDecrypt(AbstractJweDecryption.java:72) at org.apache.cxf.rs.security.jose.jwe.AbstractJweDecryption.decrypt(AbstractJweDecryption.java:57) at org.apache.cxf.rs.security.jose.jwe.JweJsonConsumer.decryptWith(JweJsonConsumer.java:64) ``` This PR will fix the Jwe Compression by setting the 'nowrap' parameter for both Deflater and Inflater to 'true' (RAW DEF) as specified in the RFC1951. > Deflater and Inflater initialized with different 'nowrap' value > --- > > Key: CXF-8816 > URL: https://issues.apache.org/jira/browse/CXF-8816 > Project: CXF > Issue Type: Bug >Affects Versions: 3.4.10, 3.5.5, 4.0.0 >Reporter: Andriy Redko >Priority: Major > > As for now Deflater and Inflater initialized with different 'nowrap' value. > As result we are getting the folowing Exeption: > ``` > java.lang.SecurityException: java.util.zip.DataFormatException: invalid > stored block lengths > at > org.apache.cxf.rt.security.crypto.CryptoUtils.processBytes(CryptoUtils.java:587) > at > org.apache.cxf.rt.security.crypto.CryptoUtils.decryptBytes(CryptoUtils.java:483) > at > org.apache.cxf.rs.security.jose.jwe.AbstractJweDecryption.doDecrypt(AbstractJweDecryption.java:72) > at > org.apache.cxf.rs.security.jose.jwe.AbstractJweDecryption.decrypt(AbstractJweDecryption.java:57) > at > org.apache.cxf.rs.security.jose.jwe.JweJsonConsumer.decryptWith(JweJsonConsumer.java:64) > ``` > This PR will fix the Jwe Compression by setting the 'nowrap' parameter for > both Deflater and Inflater to 'true' (RAW DEF) as specified in the RFC1951. -- This message was sent by Atlassian Jira (v8.20.10#820010)
