On Sat, Dec 22, 2018, 11:56 AM Christopher Schultz < ch...@christopherschultz.net wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Tim, > > On 12/21/18 08:14, Tim K wrote: > > On Thu, Dec 20, 2018, 10:11 PM Christopher Schultz < > > ch...@christopherschultz.net wrote: > > > > Tim, > > > > On 12/20/18 10:18, Tim K wrote: > >>>>> > >>>>> I just downloaded and tried 9.0.14 but I'm still getting > >>>>> the same BadPaddingException upon starting the second > >>>>> instance. I confirmed the encryptionKey matches on my two > >>>>> instances. > >>>>> > >>>> > >>>> Maybe something is wrong with my config? For this test, I > >>>> have both Tomcats on the same server using different ports: > > > > This is the only thing that matters to the encryption interceptor: > > > >>>> <Interceptor > >>>> className="org.apache.catalina.tribes.group.interceptors.EncryptInt > erc > > > >>>> > eptor" > >>>> > >>>> > > encryptionKey="e0f2cdf931e99fdce0453964294f97f3" /> > > > > I'm not sure if the order of encrypt/asyncdispatch interceptors > > matters much. > > > > I copy/pasted your key into the TestEncryptInterceptor unit test > > and I didn't get any errors. I generated 4 new 32-character > > (16-byte) keys and tried all of them and didn't get any errors. > > > > Oddly, the very first time I copy/pasted it from your email > > message into the tester it failed with BadPaddingException, but > > when I re-copied "just in case" it stopped failing. Can you > > download and build the 9.0.14 source and run that unit test in your > > environment? Like this: > > > > $ ant test > > -Dtest.entry=org.apache.catalina.tribes.group.interceptors.TestEncrypt > In > > > > > terceptor > > > > If that works, try copy/pasting your key into the source file of > > the test -- it's right up at the top, called "encryptionKey128" -- > > then save and re-run the test (ant will recompile it). If that > > works... then I'm stumped. > > > > -chris > >> > >> --------------------------------------------------------------------- > >> > >> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > >> For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > I grabbed the src from the site and built it successfully, tried > > the test but it is looking for a message.bin file... > > If the file doesn't exist, it skips the test. That's normal. > > > I tried just touch'ing that file and the first test fails with a > > NegativeArraySizeException > > Right... because it should contain an encrypted message. A zero-byte > file won't be decrypted properly. > > (BTW this explains why I got a BadPaddingException in that *single* > test... I forgot that the test decrypts the file left-behind from the > previous test. This was intentional, to ensure that there wasn't some > magical state being held within the JVM allowing it to decrypt the > message.) > > > and it deletes the message.bin file and the subsequent 2 tests > > can't find it. Is there something special I need to do with that > > message.bin file to run the junit tests? > No. The tests are running as expected. > > > Also, I tried just using the exact encryptionKey128 you had within > > the test class and that one didn't work in my config either, same > > BadPaddingException. > > Try running the test twice in a row. From your output, it looks like > the test runs fine. > > Oh, you meant using my cafebabe key in your setup didn't work? Please > see Keiichi's reply: it seems that the EncryptInterceptor must be > "outside" of the TcpFailureDetector. > > - -chris > -----BEGIN PGP SIGNATURE----- > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ > > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlwebM8ACgkQHPApP6U8 > pFg2ew/+K1IqiZQR7brZVz7Oi8wa7VdRWvVz8viQDrTj05dbRCdicntdxz7PTWXQ > SGNH/qxXaPfgDHq2N7S8zDHwpj0gTfadn6IFuWUgZYR3jaufpEAS4lmNpyg8e5K4 > +JIacYRZDGaMWzGo+MvhNLPZQ/RhdMc2MMHW6Gmg4PSU7vwYP6o3Pp5TZsOd7U6p > asQKKDfleVjavxeLUOVlUoXwxXIGdYBe8Jd0iuS725xG68GX//8az85nHkbJfrqd > 0jgKx2YpWONStGjOtlsNhBEn9Sj5XTdZ3qJV36O1KtfT1vYBFZtzD748iuLTS+GI > xxcVZuxdZgbF2qrISnPCfjnGVC0lJn6mDJgXMdVNCJ//kqlsrq1BTu5elOgRZxsG > dLNF5WqVdPpBzFnHXaTg1nLxK0/wtox6RVR6ENid5jto6vu+nX5M+Fnus02st5W0 > 7OsKkODnz8Vc32tB1u6HwvfQiVvEYU/kTQhMG6Crvouqzguzl4rjH9A3rLzYugSs > 5bULs57Ac6d+xnp/8lwM0742piCJD60oBHEYqLWDZQjYPc0sIo77bzBceJXk3t4K > tIPZuOJOaQVBTom/CThoWMmliaECD7QL9dJnci2Rr4G8QBL+Bw86vvDOej/HnW6b > N5A1brToQjHJQ7M2DeKm/u+mT0xG8zBgGAI0VL6DK229yOLpvFo= > =nSuF > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org Moving the encryption interceptor to the first position appears to have resolved this for me. Thank you all for the assistance!
