APAR status
Closed as program error.
Error description
Error Message: Test Cipher.transformation (Blowfish/CBC/PKCS5Padding): javax.crypto.NoSuchPaddingException: Padding: PKCS5Padding can not be verified for use. Use Pad instead. at com.ibm.crypto.pkcs11impl.provider.MechanismBuilderImpl.setPaddi ng(MechanismBuilder.java:159) at com.ibm.crypto.pkcs11impl.provider.GeneralPKCS11Cipher.engineSet Padding(GeneralPKCS11Cipher.java:126) at javax.crypto.Cipher$a_.a(Unknown Source) at javax.crypto.Cipher.getInstance(Unknown Source) at javax.crypto.Cipher.getInstance(Unknown Source) at blowfish_bala.test(blowfish_bala.java:61) at blowfish_bala.main(blowfish_bala.java:175) The exception messages should state: No such algorithm Blowfish/CBC/PKCS5Padding Test Cipher.transformation (Blowfish/CBC/NoPadding): com.ibm.pkcs11.PKCS11Exception: Mechanism parameter is invalid at com.ibm.pkcs11.nat.NativePKCS11Session.encryptInit(Native Method) at com.ibm.crypto.pkcs11impl.provider.Session.encryptInit(Session.j ava:290) at com.ibm.crypto.pkcs11impl.provider.PKCS11Cipher.engineInit(PKCS1 1Cipher.java:149) at com.ibm.crypto.pkcs11impl.provider.GeneralPKCS11Cipher.engineIni t(GeneralPKCS11Cipher.java:423) at com.ibm.crypto.pkcs11impl.provider.GeneralPKCS11Cipher.engineIni t(GeneralPKCS11Cipher.java:460) at javax.crypto.Cipher.init(Unknown Source) at javax.crypto.Cipher.init(Unknown Source) at blowfish_bala.test(blowfish_bala.java:71) at blowfish_bala.main(blowfish_bala.java:175) . Stack Trace: N/A .
Local fix
Mode and padding specifications are not applicable to "stream" ciphers and should not be used.
Problem summary
The customer was experiencing several unusual errors while attempting to supply the IBMPKCS11Impl security provider with a cipher transformation string which included a "stream" cipher, and a mode and padding specification.
Problem conclusion
This defect will be fixed in: 5.0.0 SR14 6.0.0 SR11 7.0.0 SR2 . Mode and padding specifications are not applicable to "stream" ciphers and should not be used. Defensive logic has been added to the IBMPKCS11Impl provider to report this user error more clearly.
Temporary fix
Comments
APAR Information
APAR number
IV25919
Reported component name
JAVA 5 SECURITY
Reported component ID
620500125
Reported release
500
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2012-08-09
Closed date
2012-08-09
Last modified date
2012-08-09
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
JAVA 5 SECURITY
Fixed component ID
620500125
Applicable component levels
R500 PSY
UP
Rate this page:
Average rating
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.