SAP Knowledge Base Article - Preview

2029709 - Transparent Attribute Encryption - javax.crypto.BadPaddingException

Symptom

A javax.crypto.BadPaddingException is thrown when an encrypted attribute is read from the database:

ERROR [000001JK-ImpEx-Import::de.hybris.platform.impex.jalo.cronjob.ImpExImportJob] (000001JK-ImpEx-Import) [EncryptionUtil] line 287 at main script:
pad block corrupted
javax.crypto.BadPaddingException: pad block corrupted
        at org.bouncycastle.jce.provider.JCEBlockCipher.engineDoFinal(Unknown Source)
        at javax.crypto.Cipher.doFinal(DashoA13*..)
        at de.hybris.platform.util.encryption.EncryptionUtil.loadKey(EncryptionUtil.java:528)
        at de.hybris.platform.util.encryption.EncryptionUtil.loadKey(EncryptionUtil.java:485)
        at de.hybris.platform.util.encryption.EncryptionUtil.loadKey(EncryptionUtil.java:430)
        at de.hybris.platform.core.MasterTenant.readKeyFiles(MasterTenant.java:199)
        at de.hybris.platform.core.MasterTenant.getValueEncryptor(MasterTenant.java:112)
        at de.hybris.platform.persistence.ExtensibleItemEJB.setProperty(ExtensibleItemEJB.java:375)
        at sun.reflect.GeneratedMethodAccessor285.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)

The stacktrace shows that the exception is thrown when EncryptionUtil tries to load the defined keys for the first time. Configuration of this platform looks like this:

symmetric.key.file.1=default-128-bit-aes-key.hybris
symmetric.key.file.2=Generated-192-Bit-AES-Key.hybris
symmetric.key.file.default=2
symmetric.key.master.password=w427tg3u4535huhf0dsfju4hu32i4h23uih48gfd

Key number 1 was the one shipped with the hybris Platform by default. It has never been used to encrypt data.


Read more...

Environment

Does not apply.

Product

SAP Commerce Cloud 1808 ; SAP Commerce Cloud 1811 ; SAP Commerce Cloud 1905 ; SAP Commerce Cloud 2005 ; SAP Commerce Cloud 2011 ; SAP Commerce Cloud 2105 ; SAP Commerce Cloud 2205 ; SAP Commerce Cloud 2211 ; SAP Commerce Cloud 2211 for JDK21 ; SAP Commerce Cloud 6.7

Keywords

KBA , hybris encryption tae , CEC-SCC-CLA-ENV-EMG , Environment Management , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.