BadPaddingException
Hello everyone,
let me apologize up front for posting this in the cryptography forum.I have several problems some of which are very basic in nature but are wreaking havoc. One problem belongs in this forum.
The setup that I have a problem with is as follows: iPlanet 4.1 SP8 (I couldn't upgrade it to the latest version of the web server for historical reasons) on Solaris 8 with 1.5.0_06-b05 as my jre. Things are looking a little better on a different machine that runs SUNOne Webserver 6.1 with the rest exactly the same.
In one of my servlets, I have to contact another servlet running on an entirely different network over https. This target servlet is supposed to be contacted using the POST method and expect back some XML. Firewalls on my end allow outbound traffic for this particular url and on the other end, my parterner's firewall allows traffic from my end. Here is the pseudo code of what I am doing:
java.net.URL url = new URL("https://myurlstring");
javax.net.ssl.HttpsURLConnection secureConnection = (javax.net.ssl.HttpsURLConnection) url.openConnection();
secureConnection.setRequestMethod("POST");
secureConnection.setDoInput(true);
secureConnection.setRequestProperty("CDI", .CDI);
secureConnection.setRequestProperty("Time", timeStamp);
secureConnection.setRequestProperty("Check", check);
secureConnection.setRequestProperty("VendorID", "ME");
inputStream = secureConnection.getInputStream();
Ofcourse, these lines of code are surronded by a bunch of try catch blocks and debugging messages.
Here is the list of problems that I have in the environment with iPlanet 4.1.
Problem 1:
On the statement where I try to get the input stream, I get the following error.
java.lang.NoClassDefFoundError: javax/crypto/BadPaddingException, stack: java.lang.NoClassDefFoundError: javax/crypto/BadPaddingException
This looks like a simple case of CLASSPATH issue. I know this class is in jce.jar file, which is in the user's (the user that the web server is run as) environment as well as defined in the jvm12.conf file. I tried putting this jar file in several different locations and then modifying the classpath and the jvm12.conf file and restarting the web server instance, but to no good results. This is happening only with the machine running iPlanet 4.1
Assuming that I can overcome the CLASSPATH issue (ofcourse, my brain is fried and I need help there too :-), the fact that a BadPaddingException is being thrown is the real problem. I read some posts about this exception, but couldn't figure out where to begin looking for (this problem is compounded by the fact that on my second machine running later version of the web server, I don't have this problem).
My second problem is ( I know this doesn't belong in this forum, but to minimize cross posting, I am putting it here):
On the machine that I do get the inputStream successfully, the request property "VendorID", is always null for the target servlet. I, together with the programmer on my partner's end verified several times that the expected name is correct in all sense, i.e., case, name etc. I have no idea why this is being viewed as null on the other end. I tried to change the order in which I set the properties, change the value etc, but without luck. I haven't come across any restrictions as to the number, order, values of properties.
Any and all help is greatly appreciated. Thanks one and all.
- Sharma
> This looks like a simple case of CLASSPATH issue.
Not to me if you are using 1.5.0_0x.
> I
> know this class is in jce.jar file, which is in the
> user's (the user that the web server is run as)
> environment as well as defined in the jvm12.conf
> file.
I would expect it to use the jre.jar that is in the jre/lib directory. No external jre.jar should be required.
> I tried putting this jar file in several
> different locations and then modifying the classpath
> and the jvm12.conf file and restarting the web server
> instance, but to no good results. This is happening
> only with the machine running iPlanet 4.1
>
> Assuming that I can overcome the CLASSPATH issue
> (ofcourse, my brain is fried and I need help there
> too :-), the fact that a BadPaddingException is being
> thrown is the real problem. I read some posts about
> this exception, but couldn't figure out where to
> begin looking for (this problem is compounded by the
> fact that on my second machine running later version
> of the web server, I don't have this problem).
>
Once again - how can WE be expected to solve your BadPaddingException problem without any view of the code.
Hi Sabre150, thanks for the reply. I, infact read the documentation on how classes are loaded before I concluded I have a CLASSPATH issue. Could you please explain why this is not a simple or a classpath issue as you suggest. Also, you suggest I use the jre.jar file in jre/lib directory. I am not sure if this is a typo and should be jce.jar. In any case, I tried to remove all external references to jce.jar in my CLASSPATH variable and let the runtime determine where to find it. As I have experienced, that didn't help either.
As for the bad padding exception, I am not doing any encryption/decryption in the code to communicate with the target servlet. I know it is a pain to figure out what is going wrong without having the exact trace. I am including the stack trace here under. The class com.spfc.util.TdaPrivateutils is the class from which I am trying to contact the external servlet.
Thank you.
java.lang.NoClassDefFoundError: javax/crypto/BadPaddingException, stack: java.lang.NoClassDefFoundError: javax/crypto/BadPaddingException
at sun.security.rsa.RSASignature.engineVerify(RSASignature.java:173)
at java.security.Signature$Delegate.engineVerify(Signature.java:1143)
at java.security.Signature.verify(Signature.java:597)
at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:441)
at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:389)
at javax.crypto.SunJCE_b.c(DashoA6275)
at javax.crypto.SunJCE_b.b(DashoA6275)
at javax.crypto.SunJCE_s.run(DashoA6275)
at java.security.AccessController.doPrivileged(Native Method)
at javax.crypto.SunJCE_b.<clinit>(DashoA6275)
at javax.crypto.Cipher.a(DashoA6275)
at javax.crypto.Cipher.getInstance(DashoA6275)
at com.sun.net.ssl.internal.ssl.JsseJce.getCipher(JsseJce.java:90)
at com.sun.net.ssl.internal.ssl.CipherBox.<init>(CipherBox.java:84)
at com.sun.net.ssl.internal.ssl.CipherBox.newCipherBox(CipherBox.java:118)
at com.sun.net.ssl.internal.ssl.CipherSuite$BulkCipher.newCipher(CipherSuite.java:443)
at com.sun.net.ssl.internal.ssl.CipherSuite$BulkCipher.isAvailable(CipherSuite.java:479)
at com.sun.net.ssl.internal.ssl.CipherSuite$BulkCipher.isAvailable(CipherSuite.java:460)
at com.sun.net.ssl.internal.ssl.CipherSuite.isAvailable(CipherSuite.java:135)
at com.sun.net.ssl.internal.ssl.CipherSuiteList.buildAvailableCache(CipherSuiteList.java:178)
at com.sun.net.ssl.internal.ssl.CipherSuiteList.getDefault(CipherSuiteList.java:201)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.init(SSLSocketImpl.java:504)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.<init>(SSLSocketImpl.java:475)
at com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(SSLSocketFactoryImpl.java:90)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:372)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:913)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
at com.spfc.util.TdaPrivateUtils.getInfoFromSSServlet(Unknown Source)
Thanks.
> > This looks like a simple case of CLASSPATH issue.
>
>
> Not to me if you are using 1.5.0_0x.
>
> > I
> > know this class is in jce.jar file, which is in
> the
> > user's (the user that the web server is run as)
> > environment as well as defined in the jvm12.conf
> > file.
>
> I would expect it to use the jre.jar that is in the
> jre/lib directory. No external jre.jar should be
> required.
>
> > I tried putting this jar file in several
> > different locations and then modifying the
> classpath
> > and the jvm12.conf file and restarting the web
> server
> > instance, but to no good results. This is
> happening
> > only with the machine running iPlanet 4.1
> >
> > Assuming that I can overcome the CLASSPATH issue
> > (ofcourse, my brain is fried and I need help there
> > too :-), the fact that a BadPaddingException is
> being
> > thrown is the real problem. I read some posts
> about
> > this exception, but couldn't figure out where to
> > begin looking for (this problem is compounded by
> the
> > fact that on my second machine running later
> version
> > of the web server, I don't have this problem).
> >
>
> Once again - how can WE be expected to solve your
> BadPaddingException problem without any view of the
> code.
> Also, you suggest I use the jre.jar
> file in jre/lib directory. I am not sure if this is
> a typo and should be jce.jar.
Yes, simple typo! jce.jar.
> In any case, I tried
> to remove all external references to jce.jar in my
> CLASSPATH variable and let the runtime determine
> where to find it. As I have experienced, that didn't
> help either.
>
> As for the bad padding exception, I am not doing any
> encryption/decryption in the code to communicate with
> the target servlet. I know it is a pain to figure
> out what is going wrong without having the exact
> trace. I am including the stack trace here under.
> The class com.spfc.util.TdaPrivateutils is the class
> from which I am trying to contact the external
> servlet.
OK. The stack trace does not really help me (though it might help others).
Probably not causing your problem but have you installed the 'Unlimited Strength Jurisdiction Policy Files'?
Sorry I can't be of more help.
Hello every one,
I solved one of the problems I have - which is the classdefnotfound error that was caused becuase the web server couldn't locate the jce.jar file. Here is what I did. In the article at http://docs.sun.com/source/816-5689-10/jsp.htm#26714, there is a suggestion on how to manipulate JRE/JDK paths. Essentially, I edited the start-jvm script in server_root/https-admserv directory and put in the path to jce.jar in there. Now that I solved this, I have to get to the actual error of bad padding itself.
Thanks one and all.
