JBoss AS 7.1 Vault: BadPaddingException on startup
gregcharles Feb 14, 2012 3:58 PMFollowing the article at https://community.jboss.org/wiki/JBossAS7SecuringPasswords, I created a vault.keystore, and got a masked password for it. However, as JBoss starts up I get an exception as it is trying to decrypt the masked password. I used the all the same parameters in the article, except for paths since I'm running on Windows, and I got the same masked password shown in the example. I don't know what's going wrong with the decryption:
Listening for transport dt_socket at address: 8787
12:48:58,035 INFO [org.jboss.modules] JBoss Modules version 1.1.0.CR6
12:48:58,347 INFO [org.jboss.msc] JBoss MSC version 1.0.1.GA
12:48:58,394 INFO [org.jboss.as] JBoss AS 7.1.0.CR1b "Flux Capacitor" starting
12:48:59,472 INFO [org.jboss.security.vault.SecurityVaultFactory] Getting Security Vault with implementation of org.pic
ketbox.plugins.vault.PicketBoxSecurityVault
12:48:59,769 ERROR [org.jboss.as.controller.management-operation] JBAS014612: Operation ("add") failed - address: ([("co
re-service" => "vault")]): java.lang.RuntimeException: JBAS015804: Error initializing vault -- org.jboss.as.server.serv
ices.security.VaultReaderException: org.jboss.security.vault.SecurityVaultException: PB00019: Processing Failed:Unable t
o get Keystore:
at org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java:115)
at org.jboss.as.controller.AbstractAddStepHandler$1.execute(AbstractAddStepHandler.java:50) [jboss-as-controller
-7.1.0.CR1b.jar:7.1.0.CR1b]
at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:359) [jboss-as-con
troller-7.1.0.CR1b.jar:7.1.0.CR1b]
at org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.java:254) [jboss-as-
controller-7.1.0.CR1b.jar:7.1.0.CR1b]
at org.jboss.as.controller.AbstractOperationContext.completeStep(AbstractOperationContext.java:190) [jboss-as-co
ntroller-7.1.0.CR1b.jar:7.1.0.CR1b]
at org.jboss.as.controller.ParallelBootOperationStepHandler.execute(ParallelBootOperationStepHandler.java:161) [
jboss-as-controller-7.1.0.CR1b.jar:7.1.0.CR1b]
at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:359) [jboss-as-con
troller-7.1.0.CR1b.jar:7.1.0.CR1b]
at org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.java:254) [jboss-as-
controller-7.1.0.CR1b.jar:7.1.0.CR1b]
at org.jboss.as.controller.AbstractOperationContext.completeStep(AbstractOperationContext.java:190) [jboss-as-co
ntroller-7.1.0.CR1b.jar:7.1.0.CR1b]
at org.jboss.as.controller.ModelControllerImpl.boot(ModelControllerImpl.java:163) [jboss-as-controller-7.1.0.CR1
b.jar:7.1.0.CR1b]
at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:192) [jboss-as-controll
er-7.1.0.CR1b.jar:7.1.0.CR1b]
at org.jboss.as.server.ServerService.boot(ServerService.java:267)
at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:187) [jboss-as-controll
er-7.1.0.CR1b.jar:7.1.0.CR1b]
at org.jboss.as.server.ServerService.boot(ServerService.java:256)
at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:155) [jboss-as-control
ler-7.1.0.CR1b.jar:7.1.0.CR1b]
at java.lang.Thread.run(Thread.java:722) [:1.7.0]
Caused by: org.jboss.as.server.services.security.VaultReaderException: org.jboss.security.vault.SecurityVaultException:
PB00019: Processing Failed:Unable to get Keystore:
at org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:83)
at org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java:113)
... 15 more
Caused by: org.jboss.security.vault.SecurityVaultException: PB00019: Processing Failed:Unable to get Keystore:
at org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:206)
at org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:81)
... 16 more
Caused by: javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:811)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:676)
at com.sun.crypto.provider.PBECipherCore.doFinal(PBECipherCore.java:422)
at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineDoFinal(PBEWithMD5AndDESCipher.java:316)
at javax.crypto.Cipher.doFinal(Cipher.java:2086) [:1.7.0-ea]
at org.jboss.security.plugins.PBEUtils.decode(PBEUtils.java:71)
at org.jboss.security.plugins.PBEUtils.decode64(PBEUtils.java:80)
at org.picketbox.plugins.vault.PicketBoxSecurityVault.decode(PicketBoxSecurityVault.java:409)
at org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:199)
... 17 more