Java Token

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Java Token

Mike
There is no server response after PIN input when creating a new domain.

Java token error:

javax.crypto.BadPaddingException: unknown block type
        at org.bouncycastle.jce.provider.JCERSACipher.engineDoFinal(Unknown Source)
        at javax.crypto.Cipher.doFinal(DashoA13*..)
        at com.wikidsystems.crypto.wJceEncKeys.convertBlocks(wJceEncKeys.java:164)
        at com.wikidsystems.crypto.wJceEncKeys.unpackagePayload(wJceEncKeys.java:182)
        at com.wikidsystems.client.wCommsBase.setPIN(wCommsBase.java:144)
        at com.wikidsystems.client.WiKIDToken.setDomainPIN(WiKIDToken.java:231)
        at com.wikidsystems.jw.controller.NewDomainDialog$ConnectionThreader.run
(NewDomainDialog.java:399)
        at java.lang.Thread.run(Unknown Source)
com.wikidsystems.crypto.wCryptoException: javax.crypto.BadPaddingException: unknown block type
        at com.wikidsystems.crypto.wJceEncKeys.unpackagePayload(wJceEncKeys.java:186)
        at com.wikidsystems.client.wCommsBase.setPIN(wCommsBase.java:144)
        at com.wikidsystems.client.WiKIDToken.setDomainPIN(WiKIDToken.java:231)
        at com.wikidsystems.jw.controller.NewDomainDialog$ConnectionThreader.run
(NewDomainDialog.java:399)
        at java.lang.Thread.run(Unknown Source)
Caused by: javax.crypto.BadPaddingException: unknown block type
        at org.bouncycastle.jce.provider.JCERSACipher.engineDoFinal(Unknown Source)
        at javax.crypto.Cipher.doFinal(DashoA13*..)
        at com.wikidsystems.crypto.wJceEncKeys.convertBlocks(wJceEncKeys.java:164)

Thanks. Mike
Reply | Threaded
Open this post in threaded view
|

Re: Java Token

Nick Owen
Administrator
Check your java.security: ie: diff:

/opt/WiKID/conf/templates/java.security
/usr/java/whateveryourdire/jre/lib/security/java.security

It should be:

# List of providers and their preference orders (see above):
#
security.provider.1=sun.security.provider.Sun
security.provider.6=com.sun.net.ssl.internal.ssl.Provider
security.provider.3=com.sun.rsajca.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider
security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider

though this could be some BC error on BSD...

Mike (via Nabble) - No Reply wrote:

> There is no server response after PIN input when creating a new domain.
>
> Java token error:
>
> javax.crypto.BadPaddingException: unknown block type
>         at
> org.bouncycastle.jce.provider.JCERSACipher.engineDoFinal(Unknown Source)
>         at javax.crypto.Cipher.doFinal(DashoA13*..)
>         at
> com.wikidsystems.crypto.wJceEncKeys.convertBlocks(wJceEncKeys.java:164)
>         at
> com.wikidsystems.crypto.wJceEncKeys.unpackagePayload(wJceEncKeys.java:182)
>         at com.wikidsystems.client.wCommsBase.setPIN(wCommsBase.java:144)
>         at
> com.wikidsystems.client.WiKIDToken.setDomainPIN(WiKIDToken.java:231)
>         at
> com.wikidsystems.jw.controller.NewDomainDialog$ConnectionThreader.run
> (NewDomainDialog.java:399)
>         at java.lang.Thread.run(Unknown Source)
> com.wikidsystems.crypto.wCryptoException:
> javax.crypto.BadPaddingException: unknown block type
>         at
> com.wikidsystems.crypto.wJceEncKeys.unpackagePayload(wJceEncKeys.java:186)
>         at com.wikidsystems.client.wCommsBase.setPIN(wCommsBase.java:144)
>         at
> com.wikidsystems.client.WiKIDToken.setDomainPIN(WiKIDToken.java:231)
>         at
> com.wikidsystems.jw.controller.NewDomainDialog$ConnectionThreader.run
> (NewDomainDialog.java:399)
>         at java.lang.Thread.run(Unknown Source)
> Caused by: javax.crypto.BadPaddingException: unknown block type
>         at
> org.bouncycastle.jce.provider.JCERSACipher.engineDoFinal(Unknown Source)
>         at javax.crypto.Cipher.doFinal(DashoA13*..)
>         at
> com.wikidsystems.crypto.wJceEncKeys.convertBlocks(wJceEncKeys.java:164)
>
> Thanks. Mike
>
>
> ------------------------------------------------------------------------
> View message @ http://n2.nabble.com/Java-Token-tp2315238p2315238.html
> To unsubscribe from WiKID Strong Authentication Forums, click here
> <http://n2.nabble.com/subscriptions/Unsubscribe.jtp?code=bm93ZW5Ad2lraWRzeXN0ZW1zLmNvbXwxNDkxNTIyfC05OTU0NDk1ODA=>.
>
>

--
Nick Owen
WiKID Systems, Inc.
404-962-8983 (desk)
http://www.wikidsystems.com
Commercial/Open-source Two-Factor Authentication
Reply | Threaded
Open this post in threaded view
|

Re: Java Token

Mike
This is how I have by java.security file set:

#
# List of providers and their preference orders (see above):
#
security.provider.1=sun.security.provider.Sun
security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider
#security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=com.sun.net.ssl.internal.ssl.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider
security.provider.6=com.sun.security.sasl.Provider
security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI
security.provider.8=sun.security.smartcardio.SunPCSC


I am very close but  two problems remain:

Java token will not complete. The database has the device entry but nothing shows in the user list. Maybe because it did not complete....no database errors n the pgsql log.
Reply | Threaded
Open this post in threaded view
|

Re: Java Token

Nick Owen
Administrator
Is there anything under 'manually validate a user' or in the WiKIDAdmin
logs?

Mike (via Nabble) - No Reply wrote:

> This is how I have by java.security file set:
>
> #
> # List of providers and their preference orders (see above):
> #
> security.provider.1=sun.security.provider.Sun
> security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider
> #security.provider.2=sun.security.rsa.SunRsaSign
> security.provider.3=com.sun.net.ssl.internal.ssl.Provider
> security.provider.4=com.sun.crypto.provider.SunJCE
> security.provider.5=sun.security.jgss.SunProvider
> security.provider.6=com.sun.security.sasl.Provider
> security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI
> security.provider.8=sun.security.smartcardio.SunPCSC
>
>
> I am very close but  two problems remain:
>
> Java token will not complete. The database has the device entry but
> nothing shows in the user list. Maybe because it did not complete....no
> database errors n the pgsql log.
>
> ------------------------------------------------------------------------
> View message @ http://n2.nabble.com/Java-Token-tp2315238p2317021.html
> To unsubscribe from WiKID Strong Authentication Forums, click here
> <http://n2.nabble.com/subscriptions/Unsubscribe.jtp?code=bm93ZW5Ad2lraWRzeXN0ZW1zLmNvbXwxNDkxNTIyfC05OTU0NDk1ODA=>.
>
>

--
Nick Owen
WiKID Systems, Inc.
404-962-8983 (desk)
http://www.wikidsystems.com
Commercial/Open-source Two-Factor Authentication
Reply | Threaded
Open this post in threaded view
|

Re: Java Token

Mike
No nothing shows under the manually validate user too.
The logs are not functional, when I enable them the web page does not show up.
Though they do log ....

Thanks., Mike
Reply | Threaded
Open this post in threaded view
|

Re: Java Token

Nick Owen
Administrator
Can you downgrade to tomcat 5?

Mike (via Nabble) - No Reply wrote:

> No nothing shows under the manually validate user too.
> The logs are not functional, when I enable them the web page does not
> show up.
> Though they do log ....
>
> Thanks., Mike
>
> ------------------------------------------------------------------------
> View message @ http://n2.nabble.com/Java-Token-tp2315238p2317220.html
> To unsubscribe from WiKID Strong Authentication Forums, click here
> <http://n2.nabble.com/subscriptions/Unsubscribe.jtp?code=bm93ZW5Ad2lraWRzeXN0ZW1zLmNvbXwxNDkxNTIyfC05OTU0NDk1ODA=>.
>
>

--
Nick Owen
WiKID Systems, Inc.
404-962-8983 (desk)
http://www.wikidsystems.com
Commercial/Open-source Two-Factor Authentication