Samrat, Could you please try latest SVN? There has been a lot of refactoring and i wonder if this problem occurs with latest code as well.
thanks, dims On 10/20/05, Samrat Ketu <[EMAIL PROTECTED]> wrote: > Hi > We have a multi-threaded program that uses Axis and WSS4J to send encrypted > messages to a web service and decrypts the contents as they are received. > We intermittently faced the below exception - like 10 out of 5000 requests. > Typical number of threads running are 10, pumping 10 messages per second. As > you can see, the problem is happening while decrypting the response. > > I was looking into the source code of WSS4J and realized that it could be > because of > a. the way session/symmetric key is stored in WSSecEngine > b. the fact that reference to WSSecEngine is actually a static final > variable in WSDoAllReceiver. > > Apparently, all instances of WSDoAllReceiver use the same instance of > WSSecEngine to do encryption and decryption. And within WSSecEngine, the > symmetric key is a global variable, so different method invocations to > decrypt data will overwrite each other's symmetric key. > > > Is this assessment correct? Is this really a bug? > > thanks, > Samrat > > Exception is > org.apache.ws.security.WSSecurityException: Error > Class: org.apache.ws.security.WSSecurityException > Cannot encrypt/decrypt data; nested exception is: > > org.apache.xml.security.encryption.XMLEncryptionException: > pad block corrupted > Original Exception was > javax.crypto.BadPaddingException: pad block corrupted > org.apache.ws.security.WSSecurityException: > Cannot encrypt/decrypt data; nested exception is: > > org.apache.xml.security.encryption.XMLEncryptionException: > pad block corrupted > Original Exception was > javax.crypto.BadPaddingException: pad block corrupted > at > org.apache.ws.security.WSSecurityEngine.decryptDataRef(WSSecurityEngine.java:1226) > at > org.apache.ws.security.WSSecurityEngine.handleEncryptedKey > (WSSecurityEngine.java:1171) > at > org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:926) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java > :349) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:245) > at > org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:156) > at > org.apache.axis.strategies.InvocationStrategy.visit > (InvocationStrategy.java:32) > at > org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) > at > org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) > at org.apache.axis.client.AxisClient.invoke > (AxisClient.java:190) > at > org.apache.axis.client.Call.invokeEngine(Call.java:2765) > at > org.apache.axis.client.Call.invoke(Call.java:2748) > at > org.apache.axis.client.Call.invoke(Call.java:2424) > at > org.apache.axis.client.Call.invoke(Call.java:2347) > at > org.apache.axis.client.Call.invoke(Call.java:1804) > .... > .... > Caused by: > org.apache.xml.security.encryption.XMLEncryptionException > : pad block corrupted > Original Exception was > javax.crypto.BadPaddingException: pad block corrupted > at > org.apache.xml.security.encryption.XMLCipher.decryptToByteArray(Unknown > Source) > at > org.apache.xml.security.encryption.XMLCipher.decryptElement > (Unknown Source) > at > org.apache.xml.security.encryption.XMLCipher.decryptElementContent(Unknown > Source) > at > org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown > Source) > at > org.apache.ws.security.WSSecurityEngine.decryptDataRef > (WSSecurityEngine.java:1224) > ... 17 more > > > > -- Davanum Srinivas : http://wso2.com/blogs/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
