APAR status
Closed as program error.
Error description
Error Message: N/A . Stack Trace: javax.crypto.ShortBufferException: Output buffer must be (at least) n bytes long javax.crypto.ShortBufferException: Output buffer must be (at least) n bytes long at com.ibm.crypto.plus.provider.AESCipher.engineUpdate(AESCipher.ja va:145) at javax.crypto.Cipher.update(Unknown Source) . The exception is not thrown with IBMJCE as the provider.
Local fix
Place IBMJCE ahead of IBMJCEPlus in java.security file.
Problem summary
An incorrect ShortBufferException is thrown by IBMJCEPlus, IBMJCEPlusFIPS during cipher update operation. The cause was due to cipher update operation incorrectly requiring more buffer than necessary when PKCS5Padding is specified. The exception occurs during encryption while using cipher algorithm "AES/<mode>/PKCS5Padding where mode is an AES mode.
Problem conclusion
The JVM has been updated so that update operation does not require extra buffer and does not throw the exception. The associated Hursley RTC Problem Report is 147944 The associated Austin GIT defect in IBMJCEPlus is 464. The associated Austin APAR is IJ41132 JVMs affected: Java 8.0 The fix was delivered for Java 8 sr7 fp20 The affected jar is ibmjceplus.jar The build level of this jar for the affected releases is Build-Date: 20220809 . This APAR will be fixed in the following Releases: . IBM SDK, Java Technology Edition 8 SR7 FP20 (8.0.7.20) . Contact your IBM Product's Service Team for these Service Refreshes and Fix Packs. For those running stand-alone, information about the available maintenance can be found at: https://www.ibm.com/support/pages/java-sdk
Temporary fix
Comments
APAR Information
APAR number
IJ41816
Reported component name
SECURITY
Reported component ID
620700125
Reported release
270
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-08-16
Closed date
2022-08-16
Last modified date
2022-08-16
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SECURITY
Fixed component ID
620700125
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
Document Information
Modified date:
16 August 2022