Getting an encryption related exception when calling any authentication tree

sarris.overbosch1 · February 13, 2024, 7:10pm

I’ve got a local setup running in docker compose and the used images are based upon the docker examples in the AM/AMSTER/DS/IDM zip files. I also programmed a Consent Server which is use in OIDC flow and which works just fine. Up until now I’ve used the ldapService chain authentication chain but wanted to use an Authentication Tree. So I configured a tree which just does password authentication but when i call this tree I get the following exception:

Caused by: java.lang.IllegalArgumentException: Invalid offset/length combination\n\tat java.base/javax.crypto.spec.SecretKeySpec.(Unknown Source)
at org.forgerock.json.jose.jwe.handlers.encryption.AESCBCHMACSHA2ContentEncryptionHandler.encKey(AESCBCHMACSHA2ContentEncryptionHandler.java:175)
at org.forgerock.json.jose.jwe.handlers.encryption.AESCBCHMACSHA2ContentEncryptionHandler.encrypt(AESCBCHMACSHA2ContentEncryptionHandler.java:65)
at org.forgerock.json.jose.jwe.handlers.encryption.DirectEncryptionHandler.encryptPlaintext(DirectEncryptionHandler.java:58)at org.forgerock.json.jose.jwe.EncryptedJwt.build(EncryptedJwt.java:185)
at org.forgerock.json.jose.jws.SignedJwt.build(SignedJwt.java:173)
at org.forgerock.json.jose.builders.EncryptedThenSignedJwtBuilder.build(EncryptedThenSignedJwtBuilder.java:65)
at org.forgerock.openam.session.stateless.JwtSessionMapper.asJwt(JwtSessionMapper.java:138)\n\tat org.forgerock.openam.session.stateless.StatelessSessionManager.generate(StatelessSessionManager.java:214)
at org.forgerock.openam.session.stateless.StatelessOperations$StatelessSessionBuilder.build(StatelessOperations.java:422)\n\tat org.forgerock.openam.session.authentication.DelegatedAuthenticationOperations$DelegatedAuthenticationSessionBuilder.build(DelegatedAuthenticationOperations.java:345)
at com.iplanet.dpro.session.monitoring.MonitoredBuilder.build(MonitoredBuilder.java:99)
at org.forgerock.openam.core.rest.authn.trees.AuthTrees.constructAuthSession(AuthTrees.java:549)
at org.forgerock.openam.core.rest.authn.trees.AuthTrees.invokeTree(AuthTrees.java:260)
at org.forgerock.openam.core.rest.authn.RestAuthenticationHandler.authenticate(RestAuthenticationHandler.java:257)
at org.forgerock.openam.core.rest.authn.http.AuthenticationServiceV1.authenticate(AuthenticationServiceV1.java:157)

I thought I may be happening because I constructed my own keystore containing custom keys/secrets/certificates but changing the alias for am.authn.trees.transientstate.encryption does change anything to the exception. Also looking in the code of AESCBCHMACSHA2ContentEncryptionHandler doesn’t give a clue (except that the code looks wrong)

private static SecretKey macKey(final Key combinedKey, final EncryptionMethod method) {
    return new SecretKeySpec(combinedKey.getEncoded(), 0, **method.getKeyOffset()**, method.getMacAlgorithm());
}

private static SecretKey encKey(final Key combinedKey, final EncryptionMethod method) {
    return new SecretKeySpec(combinedKey.getEncoded(), **method.getKeyOffset(), method.getKeyOffset()**,
            method.getEncryptionAlgorithm());
}

Is there anyone who has encountered the same and knows how to solve this problem?

Using AM 7.3.0/DS 7.3.3/IDM 7.3.0/Amster 7.3.0 and did play around with the creation of the am-base image as the configuration was missing stuff which was present when

sarris.overbosch1 · February 13, 2024, 8:57pm

When changing the server default value from

org.forgerock.openam.session.stateless.encryption.method=A128CBC-HS256
to
org.forgerock.openam.session.stateless.encryption.method=A256GCM
then it starts working… why is it not working with the “OOTB” configuration? (Weird is that at customers this works with the default…)

japearson · February 13, 2024, 10:57pm

Are you running with default secrets? Or did you generate keys or use the forgerock secret agent to do it?

sarris.overbosch1 · February 14, 2024, 12:19pm

Generated my own secrets, so it could well be that the problems is in there but I just don’t see what exactly is missing/wrong

japearson · February 16, 2024, 3:08am

Sounds like the default is A128CBC-HS256 according to Client-side session security :: AM 7.3.0 and I’m guessing that when you created the secrets you created it with A256GCM instead? Which guide did you follow to create the secrets?

neil.madden.consultant · February 16, 2024, 10:31am

The key for a JOSE standard A128CBC-HS256 encryption method is actually two keys concatenated together. So you need to generate a 256-bit key in this case (and a 512-bit key for A256CBC-HS512, which I don’t think keytool actually supports for AES but you should be able to generate a HMAC key instead). For GCM it’s just a single key, which is why that works with a 128-bit key.

sarris.overbosch1 · February 20, 2024, 9:41am

Basically I looked into a default created keystore and recreated my keystore based upon that.