tracker issue : CF-4198851

select a category, or use search below
(searches all categories and all time range)
Title:

generatePBKDFKey- PBKDF2WithSHA256 algorithm is not supported by the Security Provider you have chosen.

| View in Tracker

Status/Resolution/Reason: Closed/Fixed/Fixed

Reporter/Name(from Bugbase): Chris Hopkins / Chris Hopkins ()

Created: 06/12/2017

Components: Security

Versions: 2016,11.0,2018

Failure Type: Incorrectly functioning

Found In Build/Fixed In Build: 11 update 12 / CF2016U12,CF2018U5

Priority/Frequency: Normal / Few users will encounter

Locale/System: / Win 2008 Server R2

Vote Count: 0

Problem Description:

Works most of the time but sometimes i get errors stating the above.

The line of code is: generatePBKDFKey("PBKDF2WithSHA256", subjectVariable, over 4000 iterations , 128);

I have attached an error log and realise its all quite vague but happy to help provide any more information possible.

Attachments:

  1. June 12, 2017 00:00:00: generatePBKDFKeyError.txt

Comments:

Hi Chris, Please do provide us with few more details so as to repro the issue. 1.Could you let us know in which scenario this issue seems to occur, details pertaining to the applications/settings/environment as it does not seem to repro. 2.Also, do attach the coldfusion exception logs as well. 3.Also, please do let us know the update level you are on. Could you try this on the latest update(CF11-HF12) and let us know if the issue still exists. Thanks!
Comment by S P.
591 | June 19, 2017 06:26:36 AM GMT
Some more information on CF Versions etc: Server Product ColdFusion Version 11,0,12,302575 Tomcat Version 7.0.75.0 Edition Enterprise Operating System Windows Server 2008 R2 OS Version 6.1 Update Level chf11000012.jar Adobe Driver Version 5.1.3 (Build 000094) Java Version 1.8.0_92 Java Vendor Oracle Corporation The application sits on a fail overed monolith server with a 24gig heap. This part of the application resides within coldbox, but the setup is mixed coldbox non coldbox. - cant thing of anything else specific but i can send application.cfc files etc if this might help. We have fusionreactor on the server so if there are any logs from there that could be of use thats also available. Am going to double check the latest minor jave update and give that a go if we are out of synch. - will report back if it solves the issue
Comment by Chris H.
592 | September 06, 2017 10:30:14 AM GMT
Just had this issue happen constantly for an hour while another script on the same server was performing a lot of SFTP operations. Stopped the other script and the error went away. Happy to provide all logs via email (and some code) as its crazy odd but definitely related as we had this sftp script on a schedule every 3 hours doing a few SFTP operations which could have collided with some logins. Also to note we do not have unlimited strength policies installed.
Comment by Chris H.
593 | September 20, 2017 11:05:43 AM GMT
More information sent to cf.install email address
Comment by Chris H.
594 | September 21, 2017 08:55:32 AM GMT