web stats
EncryptionException After Upgrade to 3.4.1 - Mirth Community

Go Back   Mirth Community > Mirth Connect > Support

Reply
 
Thread Tools Display Modes
  #1  
Old 08-01-2016, 09:25 AM
moshert moshert is offline
Mirth Newb
 
Join Date: Dec 2015
Location: Syracuse, NY, USA
Posts: 13
moshert is on a distinguished road
Default EncryptionException After Upgrade to 3.4.1

We've recently upgraded from 3.3.2 to 3.4.1 and a channel that previously worked is now throwing the following exception when trying to deploy:

JavaException: com.mirth.commons.encryption.EncryptionException: javax.crypto.BadPaddingException: pad block corrupted

We are using the technique shown by narupley to read encrypted database passwords out from a file as depicted in this post:

http://207.38.40.43/community/forums...0&postcount=18

I have a code template function that I use to get my DB connections where I pass in a string representing which DB I want and the function reads all of the relevant properties out from the config file, builds the connection string, passes it to the DatabaseConnectionFactory and then returns the DB connection itself. We used the method in the above mentioned post to encrypt our database passwords in the file and then decrypt them when we need them to pass into the connection string. It has been working very well for us up to this point.

When I go to deploy the channel now (I'm calling this Code Template function from the channel's deploy script) I'm getting the above mentioned exception. Has something changed between 3.3.2 to 3.4.1 that would cause this? (Perhaps BouncyCastle related from what I could find Googling?)

Thank you ahead of time!
Reply With Quote
  #2  
Old 08-02-2016, 08:39 AM
narupley's Avatar
narupley narupley is online now
Mirth Employee
 
Join Date: Oct 2010
Posts: 7,123
narupley is on a distinguished road
Default

How did you upgrade? Make sure it's using the same keystore.jks file that your old version was using, as that's what houses the encryption key.
__________________
Step 1: JAVA CACHE...DID YOU CLEAR ...wait, ding dong the witch is dead?

Nicholas Rupley
Work: 949-237-6069
Always include what Mirth Connect version you're working with. Also include (if applicable) the code you're using and full stacktraces for errors (use CODE tags). Posting your entire channel is helpful as well; make sure to scrub any PHI/passwords first.


- How do I foo?
- You just bar.
Reply With Quote
  #3  
Old 08-02-2016, 08:48 AM
moshert moshert is offline
Mirth Newb
 
Join Date: Dec 2015
Location: Syracuse, NY, USA
Posts: 13
moshert is on a distinguished road
Default

To perform the upgrade we just ran the new exe installer. Does this blow away the existing keystore.jks file and create a new encryption key as it does during a new install? We only did this on the development machine so far but we are planning to do production soon.
Reply With Quote
  #4  
Old 08-02-2016, 08:49 AM
narupley's Avatar
narupley narupley is online now
Mirth Employee
 
Join Date: Oct 2010
Posts: 7,123
narupley is on a distinguished road
Default

Quote:
Originally Posted by moshert View Post
To perform the upgrade we just ran the new exe installer. Does this blow away the existing keystore.jks file and create a new encryption key as it does during a new install? We only did this on the development machine so far but we are planning to do production soon.
No, it shouldn't. Perhaps there's an issue with the code in the new version, not quite sure.
__________________
Step 1: JAVA CACHE...DID YOU CLEAR ...wait, ding dong the witch is dead?

Nicholas Rupley
Work: 949-237-6069
Always include what Mirth Connect version you're working with. Also include (if applicable) the code you're using and full stacktraces for errors (use CODE tags). Posting your entire channel is helpful as well; make sure to scrub any PHI/passwords first.


- How do I foo?
- You just bar.
Reply With Quote
  #5  
Old 08-02-2016, 09:10 AM
moshert moshert is offline
Mirth Newb
 
Join Date: Dec 2015
Location: Syracuse, NY, USA
Posts: 13
moshert is on a distinguished road
Default

As a workaround to get my channel running again I'm just going to have to use plain text password in that config file until I can get some more time to experiment with it. Thanks!
Reply With Quote
Reply

Tags
donkey, encryption, properties

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -8. The time now is 04:19 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Mirth Corporation