Uploaded image for project: 'CAS Server'
  1. CAS-1386

Fix IV handling for ClearPass in clustered environments

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 3.5.0
    • Fix Version/s: 4.0, 4.0 RC3
    • Component/s: ClearPass
    • Labels:
      None

      Description

      Required in clustered environments where CAS Server B is unable to decrypt ciphertext generated on CAS Server A where the original Initialization Vector remains in a local ConcurrentHashMap.

      Patch details:

      • Prepends ciphertext with IV (16 bytes); mandatory for proper decryption.
      • Derives IV length from Cipher#getBlockSize
      • Prepends ciphertext (and IV) with IV length to handle dynamic IV length case.

      Affects:

      Fixes:

      • NullPointerException
      • BadPaddingException

      Reference:

      GitHub Pull Request:

        Attachments

          Activity

            People

            • Assignee:
              mmoayyed Misagh Moayyed
              Reporter:
              mborja Matt Borja
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: