[
https://issues.apache.org/jira/browse/SLING-10415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17351760#comment-17351760
]
Bertrand Delacretaz commented on SLING-10415:
---------------------------------------------
IIUC that PR#1 does not check that it is actually a newline character that's
being removed.
In terms of defensive programming I think that should be checked.
Or maybe what you actually want to do is to remove all extra whitespace
characters, similar to what trim() does? It's easy to leave extra spaces, tabs
and newlines when editing files and it might be better to cleanup everything.
> JasyptStandardPBEStringCryptoService fails to start with: Password is not
> ASCII
> -------------------------------------------------------------------------------
>
> Key: SLING-10415
> URL: https://issues.apache.org/jira/browse/SLING-10415
> Project: Sling
> Issue Type: Bug
> Components: Commons
> Affects Versions: Commons Crypto 1.0.0
> Reporter: Dan Klco
> Assignee: Dan Klco
> Priority: Major
> Fix For: Commons Crypto 1.1.0
>
>
> JasyptStandardPBEStringCryptoService fails to start with Password is not
> ASCII.
> I tried changing the [File Password
> Provider|https://github.com/apache/sling-org-apache-sling-commons-crypto/blob/892a242028bca2f1bd19d50f60515e10e1985553/src/main/java/org/apache/sling/commons/crypto/internal/FilePasswordProvider.java#L81]
> from :
> {{try (final BufferedReader reader = Files.newBufferedReader(file.toPath(),
> StandardCharsets.UTF_8)) { }}
> to
> {{try (final BufferedReader reader = Files.newBufferedReader(file.toPath(),
> StandardCharsets.US_ASCII)) { }}
> as well as verifying that the file and the password are ASCII:
> {{user@server:/opt/path/secrets# file -i passowrd-file
> passowrd-file: text/plain; charset=us-ascii}}
> **Stack Trace**
> {{org.jasypt.exceptions.EncryptionInitializationException:
> java.security.spec.InvalidKeySpecException: Password is not ASCII at
> org.jasypt.encryption.pbe.StandardPBEByteEncryptor.initialize(StandardPBEByteEncryptor.java:773)
> at
> org.jasypt.encryption.pbe.StandardPBEStringEncryptor.initialize(StandardPBEStringEncryptor.java:566)
> at
> org.apache.sling.commons.crypto.jasypt.internal.JasyptStandardPBEStringCryptoService.setupEncryptor(JasyptStandardPBEStringCryptoService.java:128)
> at
> org.apache.sling.commons.crypto.jasypt.internal.JasyptStandardPBEStringCryptoService.activate(JasyptStandardPBEStringCryptoService.java:83)
> at}}
> **Environment**
> OS: Linux (Ubuntu & Amazon Linux 2)
> JDK: Eclipse OpenJ9 11: Eclipse OpenJ9 VM(build openj9-0.24.0, JRE 11 Linux
> amd64-64-Bit Compressed References 20210120_910 (JIT enabled, AOT enabled)
> OpenJ9 - 345e1b09e OMR - 741e94ea8 JCL - 0a86953833 based on jdk-11.0.10+9)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
