search

liquidz / clj-jwt

Clojure library for JSON Web Token(JWT)
118 stars 31 forks source link

exception using cipher - please check password and data #15

Closed kennyjwilli closed 9 years ago

kennyjwilli commented 9 years ago

Running the below code causes the following error. The code with the respective keys work perfectly fine on my Linux machine, however, switching to my Mac and running my code causes the error. 

(def rsa-prv-key (private-key (str rsa-path "private.pem") rsa-pass))
Exception in thread "main" org.bouncycastle.openssl.EncryptionException: exception using cipher - please check password and data., compiling:(util.clj:10:18)
    at clojure.lang.Compiler$InvokeExpr.eval(Compiler.java:3558)
    at clojure.lang.Compiler$DefExpr.eval(Compiler.java:417)
    at clojure.lang.Compiler.eval(Compiler.java:6708)
    at clojure.lang.Compiler.load(Compiler.java:7130)
    at clojure.lang.RT.loadResourceScript(RT.java:370)
    at clojure.lang.RT.loadResourceScript(RT.java:361)
    at clojure.lang.RT.load(RT.java:440)
    at clojure.lang.RT.load(RT.java:411)
    at clojure.core$load$fn__5066.invoke(core.clj:5641)
    at clojure.core$load.doInvoke(core.clj:5640)
    at clojure.lang.RestFn.invoke(RestFn.java:408)
    at clojure.core$load_one.invoke(core.clj:5446)
    at clojure.core$load_lib$fn__5015.invoke(core.clj:5486)
    at clojure.core$load_lib.doInvoke(core.clj:5485)
    at clojure.lang.RestFn.applyTo(RestFn.java:142)
    at clojure.core$apply.invoke(core.clj:626)
    at clojure.core$load_libs.doInvoke(core.clj:5524)
    at clojure.lang.RestFn.applyTo(RestFn.java:137)
    at clojure.core$apply.invoke(core.clj:626)
    at clojure.core$require.doInvoke(core.clj:5607)
    at clojure.lang.RestFn.invoke(RestFn.java:436)
    at messenger_server.routes.app_routes$eval8513$loading__4958__auto____8514.invoke(app_routes.clj:1)
    at messenger_server.routes.app_routes$eval8513.invoke(app_routes.clj:1)
    at clojure.lang.Compiler.eval(Compiler.java:6703)
    at clojure.lang.Compiler.eval(Compiler.java:6692)
    at clojure.lang.Compiler.load(Compiler.java:7130)
    at clojure.lang.RT.loadResourceScript(RT.java:370)
    at clojure.lang.RT.loadResourceScript(RT.java:361)
    at clojure.lang.RT.load(RT.java:440)
    at clojure.lang.RT.load(RT.java:411)
    at clojure.core$load$fn__5066.invoke(core.clj:5641)
    at clojure.core$load.doInvoke(core.clj:5640)
    at clojure.lang.RestFn.invoke(RestFn.java:408)
    at clojure.core$load_one.invoke(core.clj:5446)
    at clojure.core$load_lib$fn__5015.invoke(core.clj:5486)
    at clojure.core$load_lib.doInvoke(core.clj:5485)
    at clojure.lang.RestFn.applyTo(RestFn.java:142)
    at clojure.core$apply.invoke(core.clj:626)
    at clojure.core$load_libs.doInvoke(core.clj:5524)
    at clojure.lang.RestFn.applyTo(RestFn.java:137)
    at clojure.core$apply.invoke(core.clj:626)
    at clojure.core$require.doInvoke(core.clj:5607)
    at clojure.lang.RestFn.invoke(RestFn.java:482)
    at messenger_server.routes.master$eval6919$loading__4958__auto____6920.invoke(master.clj:1)
    at messenger_server.routes.master$eval6919.invoke(master.clj:1)
    at clojure.lang.Compiler.eval(Compiler.java:6703)
    at clojure.lang.Compiler.eval(Compiler.java:6692)
    at clojure.lang.Compiler.load(Compiler.java:7130)
    at clojure.lang.RT.loadResourceScript(RT.java:370)
    at clojure.lang.RT.loadResourceScript(RT.java:361)
    at clojure.lang.RT.load(RT.java:440)
    at clojure.lang.RT.load(RT.java:411)
    at clojure.core$load$fn__5066.invoke(core.clj:5641)
    at clojure.core$load.doInvoke(core.clj:5640)
    at clojure.lang.RestFn.invoke(RestFn.java:408)
    at clojure.core$load_one.invoke(core.clj:5446)
    at clojure.core$load_lib$fn__5015.invoke(core.clj:5486)
    at clojure.core$load_lib.doInvoke(core.clj:5485)
    at clojure.lang.RestFn.applyTo(RestFn.java:142)
    at clojure.core$apply.invoke(core.clj:626)
    at clojure.core$load_libs.doInvoke(core.clj:5524)
    at clojure.lang.RestFn.applyTo(RestFn.java:137)
    at clojure.core$apply.invoke(core.clj:626)
    at clojure.core$require.doInvoke(core.clj:5607)
    at clojure.lang.RestFn.invoke(RestFn.java:619)
    at messenger_server.handler$eval169$loading__4958__auto____170.invoke(handler.clj:1)
    at messenger_server.handler$eval169.invoke(handler.clj:1)
    at clojure.lang.Compiler.eval(Compiler.java:6703)
    at clojure.lang.Compiler.eval(Compiler.java:6692)
    at clojure.lang.Compiler.load(Compiler.java:7130)
    at clojure.lang.RT.loadResourceScript(RT.java:370)
    at clojure.lang.RT.loadResourceScript(RT.java:361)
    at clojure.lang.RT.load(RT.java:440)
    at clojure.lang.RT.load(RT.java:411)
    at clojure.core$load$fn__5066.invoke(core.clj:5641)
    at clojure.core$load.doInvoke(core.clj:5640)
    at clojure.lang.RestFn.invoke(RestFn.java:408)
    at clojure.core$load_one.invoke(core.clj:5446)
    at clojure.core$load_lib$fn__5015.invoke(core.clj:5486)
    at clojure.core$load_lib.doInvoke(core.clj:5485)
    at clojure.lang.RestFn.applyTo(RestFn.java:142)
    at clojure.core$apply.invoke(core.clj:626)
    at clojure.core$load_libs.doInvoke(core.clj:5524)
    at clojure.lang.RestFn.applyTo(RestFn.java:137)
    at clojure.core$apply.invoke(core.clj:626)
    at clojure.core$require.doInvoke(core.clj:5607)
    at clojure.lang.RestFn.invoke(RestFn.java:408)
    at messenger_server.core$eval20$loading__4958__auto____21.invoke(core.clj:1)
    at messenger_server.core$eval20.invoke(core.clj:1)
    at clojure.lang.Compiler.eval(Compiler.java:6703)
    at clojure.lang.Compiler.eval(Compiler.java:6692)
    at clojure.lang.Compiler.load(Compiler.java:7130)
    at clojure.lang.RT.loadResourceScript(RT.java:370)
    at clojure.lang.RT.loadResourceScript(RT.java:361)
    at clojure.lang.RT.load(RT.java:440)
    at clojure.lang.RT.load(RT.java:411)
    at clojure.core$load$fn__5066.invoke(core.clj:5641)
    at clojure.core$load.doInvoke(core.clj:5640)
    at clojure.lang.RestFn.invoke(RestFn.java:408)
    at clojure.core$load_one.invoke(core.clj:5446)
    at clojure.core$load_lib$fn__5015.invoke(core.clj:5486)
    at clojure.core$load_lib.doInvoke(core.clj:5485)
    at clojure.lang.RestFn.applyTo(RestFn.java:142)
    at clojure.core$apply.invoke(core.clj:626)
    at clojure.core$load_libs.doInvoke(core.clj:5524)
    at clojure.lang.RestFn.applyTo(RestFn.java:137)
    at clojure.core$apply.invoke(core.clj:626)
    at clojure.core$require.doInvoke(core.clj:5607)
    at clojure.lang.RestFn.invoke(RestFn.java:408)
    at user$eval5$fn__7.invoke(form-init1974931039856357505.clj:1)
    at user$eval5.invoke(form-init1974931039856357505.clj:1)
    at clojure.lang.Compiler.eval(Compiler.java:6703)
    at clojure.lang.Compiler.eval(Compiler.java:6693)
    at clojure.lang.Compiler.load(Compiler.java:7130)
    at clojure.lang.Compiler.loadFile(Compiler.java:7086)
    at clojure.main$load_script.invoke(main.clj:274)
    at clojure.main$init_opt.invoke(main.clj:279)
    at clojure.main$initialize.invoke(main.clj:307)
    at clojure.main$null_opt.invoke(main.clj:342)
    at clojure.main$main.doInvoke(main.clj:420)
    at clojure.lang.RestFn.invoke(RestFn.java:421)
    at clojure.lang.Var.invoke(Var.java:383)
    at clojure.lang.AFn.applyToHelper(AFn.java:156)
    at clojure.lang.Var.applyTo(Var.java:700)
    at clojure.main.main(main.java:37)
Caused by: org.bouncycastle.openssl.EncryptionException: exception using cipher - please check password and data.
    at org.bouncycastle.openssl.PEMUtilities.crypt(Unknown Source)
    at org.bouncycastle.openssl.PEMUtilities.crypt(Unknown Source)
    at org.bouncycastle.openssl.PEMReader$KeyPairParser.readKeyPair(Unknown Source)
    at org.bouncycastle.openssl.PEMReader$RSAKeyPairParser.parseObject(Unknown Source)
    at org.bouncycastle.openssl.PEMReader.readObject(Unknown Source)
    at clj_jwt.key$pem__GT_key.invoke(key.clj:16)
    at clj_jwt.key$private_key.doInvoke(key.clj:23)
    at clojure.lang.RestFn.applyTo(RestFn.java:139)
    at clojure.lang.Compiler$InvokeExpr.eval(Compiler.java:3553)
    ... 124 more
Caused by: javax.crypto.BadPaddingException: pad block corrupted
    at org.bouncycastle.jce.provider.JCEBlockCipher.engineDoFinal(Unknown Source)
    at javax.crypto.Cipher.doFinal(Cipher.java:2121)
    ... 133 more
liquidz commented 9 years ago

@exload I have no idea about BouncyCastle's exception. But clj-jwt uses old version of BouncyCastle, and I update it on new_bc_ver branch (#16).

Could you try new_bc_ver branch?

kennyjwilli commented 9 years ago

Sorry for the delayed response. But I just tried it and I am still getting the same exception. I got it working by generating a new private/public key pair without a password.

liquidz commented 9 years ago

I cannot reproduce the exception. It may be BouncyCastle's problem, so I cannot support it. sorry.

root@my-linux-vm:~# openssl genrsa 1024 > private-key.pem
Generating RSA private key, 1024 bit long modulus
...++++++
............++++++
e is 65537 (0x10001)
root@my-linux-vm:~# openssl rsa -in private-key.pem -pubout -out public-key.pem
writing RSA key
root@my-linux-vm:~# ls
private-key.pem  public-key.pem
user=> (def rsa-prv-key (private-key "private-key.pem"))
#'user/rsa-prv-key
user=> (def rsa-pub-key (public-key  "public-key.pem"))
#'user/rsa-pub-key
user=> (def token (-> claim jwt (sign :RS256 rsa-prv-key) to-str))
#'user/token
user=> token
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIifQ.J5rrTmPf5Bu00F_P4z66s9pCub0I7O3IWY11mxlP4madT9RkMRx3McjO1CzGzfOMfZdrfeCBHIK3sWhXk92IrifPtaLtX_71rFWYCs2EMcszaRBlRnWUS9buh8etPrUzj3YrCNJ94ZdX6RtPM8G3SI4SawQ1ezE0X9yXyis4ZUk"
user=> (-> token str->jwt (verify rsa-pub-key))
true