-
Bug
-
Resolution: Cannot Reproduce
-
P4
-
None
-
8u66
-
x86_64
-
linux
FULL PRODUCT VERSION :
java version "1.8.0_66"
Java(TM) SE Runtime Environment (build 1.8.0_66-b17)
Java HotSpot(TM) 64-Bit Server VM (build 25.66-b17, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]
Linux <hostname> 2.6.32-504.8.1.el6.x86_64 #1 SMP Fri Dec 19 12:09:25 EST 2014 x86_64 x86_64 x86_64 GNU/Linux
A DESCRIPTION OF THE PROBLEM :
When using ARCFOUR as encryption method, the encryption and decryption works without problems on Windows. However, if the same program is used with the same text-to-be-encrypted and password on our linux servers, the output is completely different and not related to a correct output in any way.
Also, it is not possible to decrypt the encrypted text and outputs only a messy String of chars.
Enforcing a charset by using .toBytes(input, "UTF-8") and new String(bytes[], "UTF-8") did not help.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Create a Java class and implement a basic cryptographic method (Key generation, encrypting, decrypting) using arcfour. Build the jar-file and run on Windows, should be working correctly. Run the same jar-file on Linux and the output of encrypt (and therefore the output of decrypt) should not be correct.
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
public void main(String[] args){
String text = args[0];
String key = args[1];
System.out.println("Pre:" + text);
System.out.println("Enc:" + encrypt(text, key));
System.out.println("Dec:" + decrypt(text, key));
System.exit(0);
}
private Key rc4Key(String key){
try {
Key rc4Key;
rc4Key = new SecretKeySpec(key.getBytes(), "ARCFOUR");
return(rc4Key);
} catch (Exception e) {
e.printStackTrace();
}
return(null);
}
public String encrypt(String text, String key){
try {
Cipher cipher = Cipher.getInstance("ARCFOUR");
cipher.init(Cipher.ENCRYPT_MODE, rc4Key(key));
byte[] encrypted = cipher.doFinal(text.getBytes());
return(new String(encrypted));
}catch(Exception e) {
e.printStackTrace();
}
return(null);
}
public String decrypt(String text, String key){
if(text == null || text == ""){
return(null);
}
try {
Cipher cipher = Cipher.getInstance("ARCFOUR");
cipher.init(Cipher.DECRYPT_MODE, rc4Key(key));
String decrypted = new String(cipher.doFinal(text.getBytes()));
return(decrypted);
}catch(Exception e) {
e.printStackTrace();
}
return(null);
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Just used another encryption method
java version "1.8.0_66"
Java(TM) SE Runtime Environment (build 1.8.0_66-b17)
Java HotSpot(TM) 64-Bit Server VM (build 25.66-b17, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]
Linux <hostname> 2.6.32-504.8.1.el6.x86_64 #1 SMP Fri Dec 19 12:09:25 EST 2014 x86_64 x86_64 x86_64 GNU/Linux
A DESCRIPTION OF THE PROBLEM :
When using ARCFOUR as encryption method, the encryption and decryption works without problems on Windows. However, if the same program is used with the same text-to-be-encrypted and password on our linux servers, the output is completely different and not related to a correct output in any way.
Also, it is not possible to decrypt the encrypted text and outputs only a messy String of chars.
Enforcing a charset by using .toBytes(input, "UTF-8") and new String(bytes[], "UTF-8") did not help.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Create a Java class and implement a basic cryptographic method (Key generation, encrypting, decrypting) using arcfour. Build the jar-file and run on Windows, should be working correctly. Run the same jar-file on Linux and the output of encrypt (and therefore the output of decrypt) should not be correct.
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
public void main(String[] args){
String text = args[0];
String key = args[1];
System.out.println("Pre:" + text);
System.out.println("Enc:" + encrypt(text, key));
System.out.println("Dec:" + decrypt(text, key));
System.exit(0);
}
private Key rc4Key(String key){
try {
Key rc4Key;
rc4Key = new SecretKeySpec(key.getBytes(), "ARCFOUR");
return(rc4Key);
} catch (Exception e) {
e.printStackTrace();
}
return(null);
}
public String encrypt(String text, String key){
try {
Cipher cipher = Cipher.getInstance("ARCFOUR");
cipher.init(Cipher.ENCRYPT_MODE, rc4Key(key));
byte[] encrypted = cipher.doFinal(text.getBytes());
return(new String(encrypted));
}catch(Exception e) {
e.printStackTrace();
}
return(null);
}
public String decrypt(String text, String key){
if(text == null || text == ""){
return(null);
}
try {
Cipher cipher = Cipher.getInstance("ARCFOUR");
cipher.init(Cipher.DECRYPT_MODE, rc4Key(key));
String decrypted = new String(cipher.doFinal(text.getBytes()));
return(decrypted);
}catch(Exception e) {
e.printStackTrace();
}
return(null);
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Just used another encryption method