Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-45185

Base64 usage in SecretBytes is not correct

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      The documentation for SecretBytes talks about using Base64, however it is not tolerant of valid Base64 input (RFC 2048)

      The RFC says that lines should be a maximum of 76 characters and separated by \r\n
      however when given an input with \r\n the jcifs base64 decoder blows up.

      The class should be tollerant of varying different forms of Base64.

      • ones without line wrapping
      • ones with valid line wrapping
      • ones with line wrapping but using \n (invalid but produced by xstream)

      infact the use of base64 in this plugin is just crazy - 3 different libraries are in use for base64

      1. com.trilead.ssh2.crypto.Base64 (CertificateCredentialsImpl.java)
      2. hudson.remoting.Base64 (SecretBytesTest.java)
      3. jcifs.util.Base64 (SecretBytes.java

        Attachments

          Issue Links

            Activity

            Hide
            teilo James Nord added a comment -

            the JDK base64encoder when using Mime is tollerant of all 3 input types.
            I am going to propse a PR using this and bumping the version of the plugin, and switching the creators to use the basic jdk encoder implementation.

            Show
            teilo James Nord added a comment - the JDK base64encoder when using Mime is tollerant of all 3 input types. I am going to propse a PR using this and bumping the version of the plugin, and switching the creators to use the basic jdk encoder implementation.
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Stephen Connolly
            Path:
            src/main/java/com/cloudbees/plugins/credentials/SecretBytes.java
            src/main/java/com/cloudbees/plugins/credentials/impl/CertificateCredentialsImpl.java
            src/test/java/com/cloudbees/plugins/credentials/SecretBytesTest.java
            http://jenkins-ci.org/commit/credentials-plugin/8d4352e38ff7527a66e7c6adbed946e34eb3cb4d
            Log:
            [FIXED JENKINS-45185] Align all base64 handling on commons-codec to correctly handle chunked and url-safe variants

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Stephen Connolly Path: src/main/java/com/cloudbees/plugins/credentials/SecretBytes.java src/main/java/com/cloudbees/plugins/credentials/impl/CertificateCredentialsImpl.java src/test/java/com/cloudbees/plugins/credentials/SecretBytesTest.java http://jenkins-ci.org/commit/credentials-plugin/8d4352e38ff7527a66e7c6adbed946e34eb3cb4d Log: [FIXED JENKINS-45185] Align all base64 handling on commons-codec to correctly handle chunked and url-safe variants

              People

              Assignee:
              stephenconnolly Stephen Connolly
              Reporter:
              teilo James Nord
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: