opendj 5 sync password to opendim 4: javax.crypto.BadPaddingException

This topic has 1 reply, 1 voice, and was last updated 4 years, 4 months ago by cristianoburgo.

  • Author
    Posts
  • #18257
     cristianoburgo
    Participant

    I’m trying to configure the password synchronization from opendj 5 to openidm 4.
    I’m using a attribute on openidm called passwordldap .

    If I change the password on opendj this error is shown on openidm log:

    AM org.forgerock.openidm.servlet.internal.ServletConnectionFactory$4 handleException
    AVVERTENZA: Resource exception: 500 Internal Server Error: “Wrapped org.forgerock.json.JsonException: org.forgerock.json.crypto.JsonCryptoException: javax.crypto.BadPaddingException: Given final block not properly padded (/home/openidm/openidm/bin/defaults/script/policy.js#745) in /home/openidm/openidm/bin/defaults/script/policy.js at line number 745 at column number 0”
    org.forgerock.json.resource.InternalServerErrorException: Wrapped org.forgerock.json.JsonException: org.forgerock.json.crypto.JsonCryptoException: javax.crypto.BadPaddingException: Given final block not properly padded (/home/openidm/openidm/bin/defaults/script/policy.js#745) in /home/openidm/openidm/bin/defaults/script/policy.js at line number 745 at column number 0
    at org.forgerock.json.resource.ResourceException.newResourceException(ResourceException.java:239)
    at org.forgerock.json.resource.ResourceException.getException(ResourceException.java:330)
    at org.forgerock.script.exception.ScriptThrownException.toResourceException(ScriptThrownException.java:138)
    at org.forgerock.openidm.script.ScriptedRequestHandler.convertScrip

    #18258
     cristianoburgo
    Participant

    Enabling the debug on openidm side, i see the request correctly executed:

    Request: { “method”: “action”, “resourcePath”: “policy/managed/user/f9fb2d63-e494-4ab3-906f-ffc592bc3e3b”, “action”: “validateProperty”, “additionalParameters”: { “external”: “true” }, “fields”: [ ], “content”: { “passwordldap”: { “$crypto”: { “type”: “x-simple-encryption”, “value”: { “cipher”: “AES/CBC/PKCS5Padding”, “salt”: “giClTpiFUMiaaWLdg1wwPA==”, “data”: “7f292Vj5adNMwQVwbqTqmQ==”, “iv”: “lvrotrl01UC+G6JNR+cRkw==”, “key”: { “cipher”: “RSA/ECB/OAEPWithSHA1AndMGF1Padding”, “data”: “uRAeZAr2V4wWU87rVAudxhEvQ9ep/1OxUW51zchbdFFoDDSWdmhsaTmubXldWvQsM6ZWUOmEhxX/fLE34FvuNbmzgZJDxNWNst1nG717Mu4nFW+6enl8wxJY0B/aH3QsGl96t0rtSIuWm1glWj03sX8GD1Cmy3XhmSH61vN3RfZmKU1lLqNNo5521tdLtdyNckK4db6DAKOSFN5HaGoxNPxE2B27kyPD2+hYi1jatRALiXY8Z/gjhLNfAZtrPdQSTWgbMObXp6vmj4zPiWQu1myAK/WVv7lFi4iUi2onsJl00eKUfBdCdfW2O0RF7YQRAOlb+V83RZA61/KVcdFyGg==”, “key”: “openidm-localhost” }, “mac”: “c+ATTbO+SnAwdrr9j/+QUA==” } } } } }

    but the error remain on:

    Resource exception: 500 Internal Server Error: “Wrapped org.forgerock.json.JsonException: org.forgerock.json.crypto.JsonCryptoException: javax.crypto.BadPaddingException: Given final block not properly padded (/home/openidm/openidm/bin/defaults/script/policy.js#745) in /home/openidm/openidm/bin/defaults/script/policy.js at line number 745 at column number 0”
    org.forgerock.json.resource.InternalServerErrorException: Wrapped org.forgerock.json.JsonException: org.forgerock.json.crypto.JsonCryptoException: javax.crypto.BadPaddingException: Given final block not properly padded (/home/openidm/openidm/bin/defaults/script/policy.js#745) in /home/openidm/openidm/bin/defaults/script/policy.js at line number 745 at column number 0

    so when the policy.js is called and the decryption executed, it fails executing this line:

    propValueContainer[j] = openidm.decrypt(propValueContainer[j]);

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?