United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-6946669 SSL/Krb5 should not call EncryptedData.reset(data, false)
JDK-6946669 : SSL/Krb5 should not call EncryptedData.reset(data, false)

Details
Type:
Bug
Submit Date:
2010-04-23
Status:
Closed
Updated Date:
2011-03-07
Project Name:
JDK
Resolved Date:
2011-03-07
Component:
security-libs
OS:
generic
Sub-Component:
org.ietf.jgss:krb5
CPU:
generic
Priority:
P4
Resolution:
Fixed
Affected Versions:
7
Fixed Versions:

Related Reports

Sub Tasks

Description
EncryptedData.reset(data, false) is not implemented correct. It always tries to remove last byte number of padding bytes at the end. In fact, even in Java, only DES-related etypes append paddings that way, while 3DES uses all zero, and others does not pad at all.

The method is called in TLS's Kerberos ciphersuite after decrypting pre-master secret. The default etype now is DES-related. However, since DES is now abandoned by most vendors, the bug is likely to show up soon.

Furthermore, it's not interopable with other Kerberos implementations. At least Windows uses all zero for DES-related etypes.

                                    

Comments
EVALUATION

EncryptedData.reset() seems unfixable. Fix KerberosPreMasterSecret in the JSSE side: Truncate decrypted data to 48-byte long.
                                     
2010-04-23
EVALUATION

Final fix: only remove padding in two cases:

1. etype is des-cbc-crc, and padding is 4 bytes of 0x04 or 0x00
2. etype is des-cbc-md5, and padding is 8 bytes of 0x08
                                     
2010-06-24
EVALUATION

http://hg.openjdk.java.net/jdk7/tl/jdk/rev/9c0f542c8b37
                                     
2010-06-24



Hardware and Software, Engineered to Work Together