4d2b94f53786ebb984fe4567036432e07ea7562f |
|
24-Jun-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
OPENIDM-1960 (CR-3847)
Used debugger to diagnose differences in encrypted password storage in JDK6 vs JDK7. Found that in JDK6, the encrpyted password is stored as
{"$crypto":{"value":{"data":"p2tiUCLFv71KNiEuRJQtyg==","cipher":"AES/CBC/PKCS5Padding","iv":"U0fF/6kKYfjtQQC8/l1c4Q==","key":"openidm-sym-default"},"type":"x-simple-encryption"}}
whist in JDK7 it is stored as
{"$crypto":{"type":"x-simple-encryption","value":{"data":"p2tiUCLFv71KNiEuRJQtyg==","cipher":"AES/CBC/PKCS5Padding","iv":"U0fF/6kKYfjtQQC8/l1c4Q==","key":"openidm-sym-default"}}}
Because key ordering is not predictable, we cannot use endsWith("\"}}") as part of the test. Changed to }} as this matches the "{\"$crypto\":{" startsWith test. |