Scott, I just commited a patch similar to the one you suggested. Please
give this a try against the trunk and let us know how it goes.
-Ben
Scott Van Wart wrote:
> IBM's implementation of javax.crypto.Cipher in Java6 seems to throw an
> IllegalArgumentException when you pass an empty array into it for
> encryption:
>
> net.sourceforge.stripes.exception.StripesRuntimeException: Could not encrypt
> value.
> net.sourceforge.stripes.util.CryptoUtil.encrypt(CryptoUtil.java:146)
>
> net.sourceforge.stripes.tag.FormTag.writeFieldsPresentHiddenField(FormTag.java:314)
> net.sourceforge.stripes.tag.FormTag.doEndTag(FormTag.java:238)
> org.apache.jsp.index_jsp._jspService(index_jsp.java:282)
> org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
> ...
> java.lang.IllegalArgumentException: Bad arguments
> javax.crypto.Cipher.doFinal(Unknown Source)
> net.sourceforge.stripes.util.CryptoUtil.encrypt(CryptoUtil.java:140)
>
> net.sourceforge.stripes.tag.FormTag.writeFieldsPresentHiddenField(FormTag.java:314)
> net.sourceforge.stripes.tag.FormTag.doEndTag(FormTag.java:238)
> org.apache.jsp.index_jsp._jspService(index_jsp.java:282)
>
>
>
> I added a check for an empty array and it seems to fix it--I'm not sure
> if doFinal() is really necessary though.
>
> - Scott
>
> Index: stripes/src/net/sourceforge/stripes/util/CryptoUtil.java
> ===================================================================
> --- stripes/src/net/sourceforge/stripes/util/CryptoUtil.java (revision 885)
> +++ stripes/src/net/sourceforge/stripes/util/CryptoUtil.java (working copy)
> @@ -137,7 +137,14 @@
> byte[] hash = generateHashCode(nonce, inbytes);
> int index = cipher.update(hash, 0, HASH_CODE_SIZE, output, 0);
> index = cipher.update(nonce, 0, NONCE_SIZE, output, index);
> - cipher.doFinal(inbytes, 0, inbytes.length, output, index);
> + if ( inbytes.length == 0 )
> + {
> + cipher.doFinal();
> + }
> + else
> + {
> + cipher.doFinal(inbytes, 0, inbytes.length, output, index);
> + }
>
> // Then base64 encode the bytes
> return Base64.encodeBytes(output, BASE64_OPTIONS);
>
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
> Don't miss this year's exciting event. There's still time to save $100.
> Use priority code J8TL2D2.
> http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
> _______________________________________________
> Stripes-development mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/stripes-development
>
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
Stripes-development mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/stripes-development
