[jira] [Commented] (SOLR-11690) DIH JdbcDataSource - Problem decoding encrypted password using encryptKeyFile

Tue, 28 Nov 2017 22:19:40 -0800 

    [ 
https://issues.apache.org/jira/browse/SOLR-11690?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16270217#comment-16270217
 ] 

Rajesh Arumugam commented on SOLR-11690:
----------------------------------------

I am working on mac os and i followed the steps defined 
here[http://lucene.apache.org/solr/guide/7_1/uploading-structured-data-store-data-with-the-data-import-handler.html#encrypting-a-database-password]
  for encrypting the database password. It seems the 
java.io.InputStreamReader.read() always reads the file with extra character at 
the end of the file. I tried different encryption keys but got the same result. 
Even i trimmed encryotionKeyFile using command "cat encryptionKeyFile | tr -d " 
\t\n\r"" but with no success.
As you said other users had also faced similar issue which you can see here 
[http://jezzper.com/jezzper/discussions.nsf/0/4481E9A7ACED95F7C1258069006CB856]
[https://www.daniweb.com/programming/threads/510043/solr-dataimport-handler-encrypted-pwd-final-block-not-properly-padded]
[http://search-lucene.com/m/Solr/eHNl2elXj1UDULt1?subj=Re+Problem+with+Password+Decryption+in+Data+Import+Handler
 ]

I feel if choppingthe last character off is not the ideal solution, I propose 
we somehow trim the whitespaces for an instance using String.trim() function. 

> DIH JdbcDataSource - Problem decoding encrypted password using encryptKeyFile
> -----------------------------------------------------------------------------
>
>                 Key: SOLR-11690
>                 URL: https://issues.apache.org/jira/browse/SOLR-11690
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: contrib - DataImportHandler
>    Affects Versions: 6.6.2
>            Reporter: Rajesh Arumugam
>              Labels: easyfix
>
> The password decryption is not working fine because of a bug in 
> JdbcDataSorce.java -> decryptPwd(Context context, Properties initProps) 
> method. The problem is due to bad construction of key string while making a 
> call to CryptoKeys.decodeAES(). Due to this the CryptoKeys throws "*Bad 
> password, algorithm, mode or padding; no salt, wrong number of iterations or 
> corrupted ciphertext.*" exception while trying to decode password.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to