View Issue Details

IDProjectCategoryView StatusLast Update
0004410SymmetricDS ProBugpublic2020-07-20 09:09
ReporterpmarzulloAssigned To 
Prioritynormal 
Status newResolutionopen 
Product Version3.12.0 
Target Version3.12.3Fixed in Version 
Summary0004410: "Reconnect" to database for SymmetricDS installation fails with security exception
DescriptionWhen reconnecting a new node to an old SymmetricDS installation in a database, there is a security exception.

2020-06-01 09:17:35,535 ERROR [server] [AbstractSymmetricEngine] [qtp238357312-18] An error occurred while starting SymmetricDS StackTraceKey.init [RuntimeException:957202463]
java.lang.RuntimeException: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.

The sym_node_security table has encrypted node_password entries, and it is unable to decrypt them because it has a different encryption key than the old node.

Possible solutions: If registration node, then re-open registration for all nodes, re-generating a new password for them. If not registration node, then remove identity to request registration again.
Steps To Reproduce1. Install version 3.12
2. Create a node against a database
3. Remove 3.12 installation from disk only, and install again (or, just delete security/keystore and engines/*)
4. Create a node against same database
5. Choose to reconnect the installation.
Additional Information2020-06-01 09:17:35,535 ERROR [server] [AbstractSymmetricEngine] [qtp238357312-18] An error occurred while starting SymmetricDS StackTraceKey.init [RuntimeException:957202463]
java.lang.RuntimeException: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
        at org.jumpmind.security.SecurityService.decrypt(SecurityService.java:168) ~[symmetric-util-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at com.jumpmind.symmetric.security.NodePasswordFilter.onNodeSecurityRender(NodePasswordFilter.java:22) ~[symmetric-pro-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.service.impl.NodeService.filterPasswordOnRenderIfNeeded(NodeService.java:769) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.service.impl.NodeService.access$000(NodeService.java:60) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.service.impl.NodeService$NodeSecurityRowMapper.mapRow(NodeService.java:903) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.service.impl.NodeService$NodeSecurityRowMapper.mapRow(NodeService.java:899) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.db.sql.JdbcSqlReadCursor.next(JdbcSqlReadCursor.java:139) ~[symmetric-jdbc-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.db.sql.AbstractSqlTemplate.query(AbstractSqlTemplate.java:209) ~[symmetric-db-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.db.sql.AbstractSqlTemplate.query(AbstractSqlTemplate.java:199) ~[symmetric-db-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.db.sql.AbstractSqlTemplate.query(AbstractSqlTemplate.java:189) ~[symmetric-db-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.service.impl.NodeService.findNodeSecurity(NodeService.java:474) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.service.impl.NodeService.findNodeSecurity(NodeService.java:466) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.service.impl.TriggerRouterService.syncTriggers(TriggerRouterService.java:1257) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.service.impl.TriggerRouterService.syncTriggers(TriggerRouterService.java:1226) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.service.impl.TriggerRouterService.syncTriggers(TriggerRouterService.java:1222) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.db.DatabaseUpgradeListener.afterUpgrade(DatabaseUpgradeListener.java:231) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.db.AbstractSymmetricDialect.createOrAlterTablesIfNecessary(AbstractSymmetricDialect.java:523) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.db.AbstractSymmetricDialect.initTablesAndDatabaseObjects(AbstractSymmetricDialect.java:160) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.AbstractSymmetricEngine.setupDatabase(AbstractSymmetricEngine.java:513) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.AbstractSymmetricEngine.setup(AbstractSymmetricEngine.java:487) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.AbstractSymmetricEngine.start(AbstractSymmetricEngine.java:657) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.AbstractSymmetricEngine.start(AbstractSymmetricEngine.java:646) ~[symmetric-core-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.ClientSymmetricEngine.start(ClientSymmetricEngine.java:277) ~[symmetric-client-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at org.jumpmind.symmetric.web.SymmetricEngineHolder.install(SymmetricEngineHolder.java:435) ~[symmetric-server-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at com.jumpmind.symmetric.console.impl.dM.q(SymmetricDetectedScreen.java:144) ~[symmetric-pro-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at com.jumpmind.symmetric.console.impl.dH.c(NodeSetupWizard.java:285) ~[symmetric-pro-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at com.jumpmind.symmetric.console.impl.dM$2.buttonClick(SymmetricDetectedScreen.java:59) ~[symmetric-pro-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_232]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_232]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_232]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_232]
        at com.vaadin.event.ListenerMethod.receiveEvent(ListenerMethod.java:499) ~[vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.event.EventRouter.fireEvent(EventRouter.java:273) ~[vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.event.EventRouter.fireEvent(EventRouter.java:237) ~[vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.server.AbstractClientConnector.fireEvent(AbstractClientConnector.java:1014) ~[vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.ui.Button.fireClick(Button.java:384) ~[vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.ui.Button$1.click(Button.java:57) ~[vaadin-server-8.10.0.jar:8.10.0]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_232]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_232]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_232]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_232]
        at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:155) ~[vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:116) ~[vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.server.communication.ServerRpcHandler.handleInvocation(ServerRpcHandler.java:445) ~[vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.server.communication.ServerRpcHandler.handleInvocations(ServerRpcHandler.java:410) ~[vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.server.communication.ServerRpcHandler.handleRpc(ServerRpcHandler.java:274) ~[vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.server.communication.PushHandler.lambda$new$1(PushHandler.java:148) ~[vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.server.communication.PushHandler.callWithUi(PushHandler.java:248) [vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.server.communication.PushHandler.onMessage(PushHandler.java:534) [vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.server.communication.PushAtmosphereHandler.onMessage(PushAtmosphereHandler.java:87) [vaadin-server-8.10.0.jar:8.10.0]
        at com.vaadin.server.communication.PushAtmosphereHandler.onRequest(PushAtmosphereHandler.java:77) [vaadin-server-8.10.0.jar:8.10.0]
        at org.atmosphere.cpr.AsynchronousProcessor.action(AsynchronousProcessor.java:225) [atmosphere-runtime-2.4.30.vaadin1.jar:2.4.30.vaadin1]
        at org.atmosphere.cpr.AsynchronousProcessor.suspended(AsynchronousProcessor.java:114) [atmosphere-runtime-2.4.30.vaadin1.jar:2.4.30.vaadin1]
        at org.atmosphere.container.Servlet30CometSupport.service(Servlet30CometSupport.java:67) [atmosphere-runtime-2.4.30.vaadin1.jar:2.4.30.vaadin1]
        at org.atmosphere.cpr.AtmosphereFramework.doCometSupport(AtmosphereFramework.java:2297) [atmosphere-runtime-2.4.30.vaadin1.jar:2.4.30.vaadin1]
        at org.atmosphere.websocket.DefaultWebSocketProcessor.dispatch(DefaultWebSocketProcessor.java:594) [atmosphere-runtime-2.4.30.vaadin1.jar:2.4.30.vaadin1]
        at org.atmosphere.websocket.DefaultWebSocketProcessor$3.run(DefaultWebSocketProcessor.java:345) [atmosphere-runtime-2.4.30.vaadin1.jar:2.4.30.vaadin1]
        at org.atmosphere.util.VoidExecutorService.execute(VoidExecutorService.java:101) [atmosphere-runtime-2.4.30.vaadin1.jar:2.4.30.vaadin1]
        at org.atmosphere.websocket.DefaultWebSocketProcessor.dispatch(DefaultWebSocketProcessor.java:340) [atmosphere-runtime-2.4.30.vaadin1.jar:2.4.30.vaadin1]
        at org.atmosphere.websocket.DefaultWebSocketProcessor.invokeWebSocketProtocol(DefaultWebSocketProcessor.java:448) [atmosphere-runtime-2.4.30.vaadin1.jar:2.4.30.vaadin1]
        at org.atmosphere.container.JSR356Endpoint$3.onMessage(JSR356Endpoint.java:272) [atmosphere-runtime-2.4.30.vaadin1.jar:2.4.30.vaadin1]
        at org.atmosphere.container.JSR356Endpoint$3.onMessage(JSR356Endpoint.java:269) [atmosphere-runtime-2.4.30.vaadin1.jar:2.4.30.vaadin1]
        at org.eclipse.jetty.websocket.jsr356.messages.TextWholeMessage.messageComplete(TextWholeMessage.java:59) [javax-websocket-client-impl-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.websocket.jsr356.messages.TextWholeMessage.messageComplete(TextWholeMessage.java:59) [javax-websocket-client-impl-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.websocket.jsr356.endpoints.JsrEndpointEventDriver.onTextFrame(JsrEndpointEventDriver.java:227) [javax-websocket-client-impl-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.websocket.common.events.AbstractEventDriver.incomingFrame(AbstractEventDriver.java:150) [websocket-common-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.websocket.common.WebSocketSession.incomingFrame(WebSocketSession.java:326) [websocket-common-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.websocket.common.extensions.AbstractExtension.nextIncomingFrame(AbstractExtension.java:147) [websocket-common-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.websocket.common.extensions.compress.PerMessageDeflateExtension.nextIncomingFrame(PerMessageDeflateExtension.java:112) [websocket-common-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.websocket.common.extensions.compress.CompressExtension.forwardIncoming(CompressExtension.java:168) [websocket-common-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.websocket.common.extensions.compress.PerMessageDeflateExtension.incomingFrame(PerMessageDeflateExtension.java:92) [websocket-common-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.websocket.common.extensions.ExtensionStack.incomingFrame(ExtensionStack.java:202) [websocket-common-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.websocket.common.Parser.notifyFrame(Parser.java:225) [websocket-common-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.websocket.common.Parser.parseSingleFrame(Parser.java:259) [websocket-common-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.websocket.common.io.AbstractWebSocketConnection.onFillable(AbstractWebSocketConnection.java:460) [websocket-common-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.websocket.common.io.AbstractWebSocketConnection.onFillable(AbstractWebSocketConnection.java:441) [websocket-common-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) [jetty-io-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) [jetty-io-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117) [jetty-io-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336) [jetty-util-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313) [jetty-util-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171) [jetty-util-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129) [jetty-util-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:375) [jetty-util-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:806) [jetty-util-9.4.28.v20200408.jar:9.4.28.v20200408]
        at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:938) [jetty-util-9.4.28.v20200408.jar:9.4.28.v20200408]
        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_232]
Caused by: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
        at com.sun.crypto.provider.CipherCore.unpad(CipherCore.java:975) ~[sunjce_provider.jar:1.8.0_232]
        at com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:1056) ~[sunjce_provider.jar:1.8.0_232]
        at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:853) ~[sunjce_provider.jar:1.8.0_232]
        at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:446) ~[sunjce_provider.jar:1.8.0_232]
        at javax.crypto.Cipher.doFinal(Cipher.java:2164) ~[?:1.8.0_232]
        at org.jumpmind.security.SecurityService.decrypt(SecurityService.java:163) ~[symmetric-util-3.12.x-SNAPSHOT.jar:3.12.x-SNAPSHOT]
        ... 85 more
Tagsinstall

Activities

josh-a-hicks

2020-06-18 12:24

developer   ~0001726

Also with "Replace" option

2020-06-18 12:22:00,752 ERROR [SymmetricDS] [NodeSetupWizard] [qtp44278425-27] javax.crypto.BadPaddingException: Given final block not properly padded
java.lang.RuntimeException: javax.crypto.BadPaddingException: Given final block not properly padded
    at org.jumpmind.security.SecurityService.decrypt(SecurityService.java:168) ~[main/:?]
    at com.jumpmind.symmetric.security.NodePasswordFilter.onNodeSecurityRender(NodePasswordFilter.java:22) ~[main/:?]
    at org.jumpmind.symmetric.service.impl.NodeService.filterPasswordOnRenderIfNeeded(NodeService.java:769) ~[main/:?]
    at org.jumpmind.symmetric.service.impl.NodeService.access$0(NodeService.java:766) ~[main/:?]
    at org.jumpmind.symmetric.service.impl.NodeService$NodeSecurityRowMapper.mapRow(NodeService.java:903) ~[main/:?]
    at org.jumpmind.symmetric.service.impl.NodeService$NodeSecurityRowMapper.mapRow(NodeService.java:1) ~[main/:?]
    at org.jumpmind.db.sql.JdbcSqlReadCursor.next(JdbcSqlReadCursor.java:139) ~[main/:?]
    at org.jumpmind.db.sql.AbstractSqlTemplate.query(AbstractSqlTemplate.java:209) ~[main/:?]
    at org.jumpmind.db.sql.AbstractSqlTemplate.query(AbstractSqlTemplate.java:199) ~[main/:?]
    at org.jumpmind.db.sql.AbstractSqlTemplate.query(AbstractSqlTemplate.java:189) ~[main/:?]
    at org.jumpmind.symmetric.service.impl.NodeService.findNodeSecurity(NodeService.java:474) ~[main/:?]
    at org.jumpmind.symmetric.service.impl.NodeService.findNodeSecurity(NodeService.java:466) ~[main/:?]
    at org.jumpmind.symmetric.service.impl.TriggerRouterService.syncTriggers(TriggerRouterService.java:1257) ~[main/:?]
    at org.jumpmind.symmetric.service.impl.TriggerRouterService.syncTriggers(TriggerRouterService.java:1226) ~[main/:?]
    at org.jumpmind.symmetric.service.impl.TriggerRouterService.syncTriggers(TriggerRouterService.java:1222) ~[main/:?]
    at org.jumpmind.symmetric.AbstractSymmetricEngine.uninstall(AbstractSymmetricEngine.java:831) ~[main/:?]
    at com.jumpmind.symmetric.console.ui.wizard.setup.SymmetricDetectedScreen.next(SymmetricDetectedScreen.java:116) ~[main/:?]
    at com.jumpmind.symmetric.console.ui.wizard.setup.NodeSetupWizard.nextScreen(NodeSetupWizard.java:285) ~[main/:?]
    at com.jumpmind.symmetric.console.ui.wizard.setup.SymmetricDetectedScreen$1.buttonClick(SymmetricDetectedScreen.java:47

Issue History

Date Modified Username Field Change
2020-06-01 09:21 pmarzullo New Issue
2020-06-01 09:23 pmarzullo Description Updated View Revisions
2020-06-12 08:31 elong Summary "Replace" symmetric installation fails with security exception => "Reconnect" to database for SymmetricDS installation fails with security exception
2020-06-12 08:31 elong Description Updated View Revisions
2020-06-12 08:31 elong Steps to Reproduce Updated View Revisions
2020-06-12 08:31 elong Additional Information Updated View Revisions
2020-06-12 08:32 elong Tag Attached: install
2020-06-18 12:24 josh-a-hicks Note Added: 0001726
2020-06-18 12:24 elong Target Version => 3.12.1
2020-06-24 16:19 elong Target Version 3.12.1 => 3.12.2
2020-07-20 09:09 elong Target Version 3.12.2 => 3.12.3