I came across this same issue when testing clearPass in our environment. Is there a solution that I can implement to fix this issue so that I can use clearPass in a clustered environment?
Root cause: javax.crypto.BadPaddingException: Given final block not > properly padded > Thank you, Adam On Tue, Nov 19, 2013 at 2:02 PM, Marvin Addison <[email protected]> wrote: > > are suggesting at this time that IV values are somehow accessible from > any node (e.g. saved to decoratedMap/memcachedMap?) > > I'm working on a couple unrelated problems at present and the NIST > docs make it pretty clear that the IV generally should be unique for > each cleartext encrypted under the same key, in other words the IV > should be dynamic, which means it MUST be stored along with the > cleartext. I'm thinking since it amounts to solving the same problem > as you noted, might as well improve security at the same time. > Additionally, the IV may be transmitted in cleartext along with the > ciphertext without compromising security, so the simplest solution is > to prepend the IV to the ciphertext. The length of the IV must be the > same size as the block length of the underlying cipher, so you should > know how many bites to read off the data to get the IV needed for > decryption. > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
