[CXF-8816] Deflater and Inflater initialized with different 'nowrap' value - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 3.4.10, 3.5.5, 4.0.0
Fix Version/s: 3.6.0, 4.0.1, 3.5.6, 3.4.11
Component/s: None
Labels:
None

Estimated Complexity:
Unknown

Description

As for now Deflater and Inflater initialized with different 'nowrap' value. As result we are getting the folowing Exeption:
```
java.lang.SecurityException: java.util.zip.DataFormatException: invalid stored block lengths
at org.apache.cxf.rt.security.crypto.CryptoUtils.processBytes(CryptoUtils.java:587)
at org.apache.cxf.rt.security.crypto.CryptoUtils.decryptBytes(CryptoUtils.java:483)
at org.apache.cxf.rs.security.jose.jwe.AbstractJweDecryption.doDecrypt(AbstractJweDecryption.java:72)
at org.apache.cxf.rs.security.jose.jwe.AbstractJweDecryption.decrypt(AbstractJweDecryption.java:57)
at org.apache.cxf.rs.security.jose.jwe.JweJsonConsumer.decryptWith(JweJsonConsumer.java:64)

```

This PR will fix the Jwe Compression by setting the 'nowrap' parameter for both Deflater and Inflater to 'true' (RAW DEF) as specified in the RFC1951.

Attachments

Issue Links

links to

GitHub Pull Request #1106

Activity

People

Assignee:: Unassigned

Reporter:: Andriy Redko

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 05/Feb/23 02:06

Updated:: 18/Sep/23 18:48

Resolved:: 06/Feb/23 03:45