[jira] [Comment Edited] (CODEC-279) Base64.decode fails on Java11 for certain valid base 64 encoded String
[
https://issues.apache.org/jira/browse/CODEC-279?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17023732#comment-17023732
]
Christian Kleinbölting edited comment on CODEC-279 at 1/26/20 8:47 AM:
---
[~aherbert] Thank you for the though investigation and explanation.
I completely agree with you assement and found that replacing the last
character as you have proposed fixed the problem with versions 1.13 and 1.15
for me and also results in the same bytes as returned by the java.util Decoder.
[~michael-o] To answer your question: If I would disclose the String it would
not be a secret anymore and that is why I don't.
was (Author: seakayone):
[~aherbert] Thank you for the though investigation and explanation.
I complete agree with you assement and found that replacing the last character
as you have proposed fixed the problem with versions 1.13 and 1.15 for me and
also results in the same bytes as returned by the java.util Decoder.
[~michael-o] To answer your question: If I would disclose the String it would
not be a secret anymore and that is why I don't.
> Base64.decode fails on Java11 for certain valid base 64 encoded String
> --
>
> Key: CODEC-279
> URL: https://issues.apache.org/jira/browse/CODEC-279
> Project: Commons Codec
> Issue Type: Bug
>Affects Versions: 1.13, 1.14
> Environment: Java 11
>Reporter: Christian Kleinbölting
>Priority: Major
>
> The following lines will fail for a specific String:
> {code:java}
> String sharedSecret =
> "cannot_share_the_affected_string_because_it_is_a_secret";
> byte[] bytes =
> org.apache.commons.codec.binary.Base64.decodeBase64(sharedSecret); {code}
> The exception I get is
> {code:java}
> java.lang.IllegalArgumentException: Last encoded character (before the
> paddings if any) is a valid base 64 alphabet but not a possible value at
> org.apache.commons.codec.binary.Base64.validateCharacter(Base64.java:798)
> at org.apache.commons.codec.binary.Base64.decode(Base64.java:472)
> at
> org.apache.commons.codec.binary.BaseNCodec.decode(BaseNCodec.java:412)
> at
> org.apache.commons.codec.binary.BaseNCodec.decode(BaseNCodec.java:395)
> at org.apache.commons.codec.binary.Base64.decodeBase64(Base64.java:694)
> at
> com.rbmhtechnology.oidc.provider.spi.grants.jwt.thirdparty.rest.FooTest.foo(FooTest.java:17)
> at
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.base/java.lang.reflect.Method.invoke(Method.java:566)
> at
> org.junit.platform.commons.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:675)
> at
> org.junit.jupiter.engine.execution.MethodInvocation.proceed(MethodInvocation.java:60)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain$ValidatingInvocation.proceed(InvocationInterceptorChain.java:125)
> at
> org.junit.jupiter.engine.extension.TimeoutExtension.intercept(TimeoutExtension.java:132)
> at
> org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestableMethod(TimeoutExtension.java:124)
> at
> org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestMethod(TimeoutExtension.java:74)
> at
> org.junit.jupiter.engine.execution.ExecutableInvoker$ReflectiveInterceptorCall.lambda$ofVoidMethod$0(ExecutableInvoker.java:115)
> at
> org.junit.jupiter.engine.execution.ExecutableInvoker.lambda$invoke$0(ExecutableInvoker.java:105)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain$InterceptedInvocation.proceed(InvocationInterceptorChain.java:104)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain.proceed(InvocationInterceptorChain.java:62)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain.chainAndInvoke(InvocationInterceptorChain.java:43)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain.invoke(InvocationInterceptorChain.java:35)
> at
> org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:104)
> at
> org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:98)
> at
> org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.lambda$invokeTestMethod$6(TestMethodTestDescriptor.java:202)
> at
> org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
> at
>
[jira] [Comment Edited] (CODEC-279) Base64.decode fails on Java11 for certain valid base 64 encoded String
[
https://issues.apache.org/jira/browse/CODEC-279?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17020228#comment-17020228
]
Alex Herbert edited comment on CODEC-279 at 1/21/20 1:28 PM:
-
Since the throwing of exceptions when decoding incorrectly encoded data is a
behaviour change this will be made optional. The fix should restore codec to
previous lenient decoding behaviour where trailing bits that should not be
there are just ignored.
See [CODEC-280].
was (Author: alexherbert):
Since the throwing of exceptions when decoding incorrectly encoded data is a
behaviour change this will be made optional. The fix should restore codec to
previous lenient decoding behaviour where trailing bits that should not be
there are just ignored.
See [Codec-280].
> Base64.decode fails on Java11 for certain valid base 64 encoded String
> --
>
> Key: CODEC-279
> URL: https://issues.apache.org/jira/browse/CODEC-279
> Project: Commons Codec
> Issue Type: Bug
>Affects Versions: 1.13, 1.14
> Environment: Java 11
>Reporter: Christian Kleinbölting
>Priority: Major
>
> The following lines will fail for a specific String:
> {code:java}
> String sharedSecret =
> "cannot_share_the_affected_string_because_it_is_a_secret";
> byte[] bytes =
> org.apache.commons.codec.binary.Base64.decodeBase64(sharedSecret); {code}
> The exception I get is
> {code:java}
> java.lang.IllegalArgumentException: Last encoded character (before the
> paddings if any) is a valid base 64 alphabet but not a possible value at
> org.apache.commons.codec.binary.Base64.validateCharacter(Base64.java:798)
> at org.apache.commons.codec.binary.Base64.decode(Base64.java:472)
> at
> org.apache.commons.codec.binary.BaseNCodec.decode(BaseNCodec.java:412)
> at
> org.apache.commons.codec.binary.BaseNCodec.decode(BaseNCodec.java:395)
> at org.apache.commons.codec.binary.Base64.decodeBase64(Base64.java:694)
> at
> com.rbmhtechnology.oidc.provider.spi.grants.jwt.thirdparty.rest.FooTest.foo(FooTest.java:17)
> at
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.base/java.lang.reflect.Method.invoke(Method.java:566)
> at
> org.junit.platform.commons.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:675)
> at
> org.junit.jupiter.engine.execution.MethodInvocation.proceed(MethodInvocation.java:60)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain$ValidatingInvocation.proceed(InvocationInterceptorChain.java:125)
> at
> org.junit.jupiter.engine.extension.TimeoutExtension.intercept(TimeoutExtension.java:132)
> at
> org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestableMethod(TimeoutExtension.java:124)
> at
> org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestMethod(TimeoutExtension.java:74)
> at
> org.junit.jupiter.engine.execution.ExecutableInvoker$ReflectiveInterceptorCall.lambda$ofVoidMethod$0(ExecutableInvoker.java:115)
> at
> org.junit.jupiter.engine.execution.ExecutableInvoker.lambda$invoke$0(ExecutableInvoker.java:105)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain$InterceptedInvocation.proceed(InvocationInterceptorChain.java:104)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain.proceed(InvocationInterceptorChain.java:62)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain.chainAndInvoke(InvocationInterceptorChain.java:43)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain.invoke(InvocationInterceptorChain.java:35)
> at
> org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:104)
> at
> org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:98)
> at
> org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.lambda$invokeTestMethod$6(TestMethodTestDescriptor.java:202)
> at
> org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
> at
> org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.invokeTestMethod(TestMethodTestDescriptor.java:198)
> at
> org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:135)
> at
> org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:69)
> at
>
[jira] [Comment Edited] (CODEC-279) Base64.decode fails on Java11 for certain valid base 64 encoded String
[
https://issues.apache.org/jira/browse/CODEC-279?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17019449#comment-17019449
]
Alex Herbert edited comment on CODEC-279 at 1/20/20 12:51 PM:
--
Hi,
This issue is related to [CODEC-270].
This occurs when there are unused bits left over from the input bytes. In this
case it is unknown if the message has been truncated or badly encoded. The
method requires that there are no unused bits left.
If you cannot share your entire string then can you provide the length of the
string in ascii and the last 4 characters. From that I will be able to decode
the trailing bits.
How did you create your encoded string? Was it using Commons Codec or another
base 64 encoder?
If it is a random string using characters from the base 64 alphabet then this
is not a guarantee that the string will be a valid base64 encoding. Other
libraries may decode this but commons codec now throws an exception.
was (Author: alexherbert):
Hi,
This issue is related to [CODEC-270].
This occurs when there are unused bits left over from the input bytes. In this
case it is unknown if the message has been truncated or badly encoded. The
method requires that there are no unused bits left.
If you cannot share your entire string then can you provide the length of the
string in ascii and the last 4 characters. From that I will be able to decode
the trailing bits.
How did you create your encoded string. Was it using Commons Codec or another
base 64 encoder?
If it is a random string using characters from the base 64 alphabet then this
is not a guarantee that the string will be a valid base64 encoding. Othe
libraries may decode this but commons codec now throws an exception.
> Base64.decode fails on Java11 for certain valid base 64 encoded String
> --
>
> Key: CODEC-279
> URL: https://issues.apache.org/jira/browse/CODEC-279
> Project: Commons Codec
> Issue Type: Bug
>Affects Versions: 1.13, 1.14
> Environment: Java 11
>Reporter: Christian Kleinbölting
>Priority: Major
>
> The following lines will fail for a specific String:
> {code:java}
> String sharedSecret =
> "cannot_share_the_affected_string_because_it_is_a_secret";
> byte[] bytes =
> org.apache.commons.codec.binary.Base64.decodeBase64(sharedSecret); {code}
> The exception I get is
> {code:java}
> java.lang.IllegalArgumentException: Last encoded character (before the
> paddings if any) is a valid base 64 alphabet but not a possible value at
> org.apache.commons.codec.binary.Base64.validateCharacter(Base64.java:798)
> at org.apache.commons.codec.binary.Base64.decode(Base64.java:472)
> at
> org.apache.commons.codec.binary.BaseNCodec.decode(BaseNCodec.java:412)
> at
> org.apache.commons.codec.binary.BaseNCodec.decode(BaseNCodec.java:395)
> at org.apache.commons.codec.binary.Base64.decodeBase64(Base64.java:694)
> at
> com.rbmhtechnology.oidc.provider.spi.grants.jwt.thirdparty.rest.FooTest.foo(FooTest.java:17)
> at
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.base/java.lang.reflect.Method.invoke(Method.java:566)
> at
> org.junit.platform.commons.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:675)
> at
> org.junit.jupiter.engine.execution.MethodInvocation.proceed(MethodInvocation.java:60)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain$ValidatingInvocation.proceed(InvocationInterceptorChain.java:125)
> at
> org.junit.jupiter.engine.extension.TimeoutExtension.intercept(TimeoutExtension.java:132)
> at
> org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestableMethod(TimeoutExtension.java:124)
> at
> org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestMethod(TimeoutExtension.java:74)
> at
> org.junit.jupiter.engine.execution.ExecutableInvoker$ReflectiveInterceptorCall.lambda$ofVoidMethod$0(ExecutableInvoker.java:115)
> at
> org.junit.jupiter.engine.execution.ExecutableInvoker.lambda$invoke$0(ExecutableInvoker.java:105)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain$InterceptedInvocation.proceed(InvocationInterceptorChain.java:104)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain.proceed(InvocationInterceptorChain.java:62)
> at
> org.junit.jupiter.engine.execution.InvocationInterceptorChain.chainAndInvoke(InvocationInterceptorChain.java:43)
> at
>
