JDK-6207154 : Support for RC4-HMAC-MD5 encryption type in Kerberos
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 5.0
  • Priority: P4
  • Status: Closed
  • Resolution: Duplicate
  • OS: solaris_9
  • CPU: sparc
  • Submitted: 2004-12-10
  • Updated: 2010-04-02
  • Resolved: 2004-12-16
Related Reports
Duplicate :  
JDK-5093560 - Add support for RC4 encryption type
Description
A DESCRIPTION OF THE REQUEST :
SUN's implementation of the GSSContext interface does not (as of J2SE 5.0) support the RC4-HMAC-MD5 encryption type which is used by Microsoft's Active Directory.

This is etype 23 as defined by IANA: http://www.iana.org/assignments/kerberos-parameters

An IETF internet draft describing this encryption type can be found here:
ftp://ftp.saix.net/pub/rfc/ftp.ietf.org/internet-drafts-back/draft-brezak-win2k-krb-rc4-hmac-04.txt

JUSTIFICATION :
Probably the most widely used Kerberos KDC today is Microsfts Active Directory which only has support for DES and RC4-HMAC-MD5 encryption types. The only way to get single sign-on to work from a Java application (against Active Directory) today, is to use DES keys which means much weaker security.

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
AcceptToken should decrypt the token given without an exception being thrown.
ACTUAL -
When given a kerberos ticket encrypted with RC4-HMAC-MD5 (etype 23), acceptSecContext (from org.ietf.jgss.GSSContext) throws a GSSException:

GSSException: Failure unspecified at GSS-API level (Mechanism level: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - RC4 with HMAC)


---------- BEGIN SOURCE ----------
import org.ietf.jgss.*;
import java.io.*;
 
public class AcceptToken
{
        byte[] inToken = new byte[1024];
        int     tokenLen = 0;
 
        public AcceptToken () throws IOException, GSSException {
                // file apreq.bin contains token extracted from HTTP header
                FileInputStream file = new FileInputStream ("apreq.bin");
                tokenLen = file.read (inToken, 0, 1024);
                file.close();
                System.out.println ("Read " + tokenLen + " bytes");
 
                byte outToken[];
                Oid krb5Mechanism = new Oid("1.2.840.113554.1.2.2");
                Oid krb5PrincipalNameType = new Oid("1.2.840.113554.1.2.2.1");
                GSSManager manager = GSSManager.getInstance();
                GSSName serverName = manager.createName(
                        "HTTP/###@###.###",
                        krb5PrincipalNameType);
                GSSCredential serverCreds = manager.createCredential(
                        serverName,
                        GSSCredential.DEFAULT_LIFETIME,
                krb5Mechanism,
                GSSCredential.ACCEPT_ONLY);
                GSSContext ctx = manager.createContext(serverCreds);
 
                outToken = ctx.acceptSecContext (inToken, 0, tokenLen);
        }
 
        public static void main (String[] args) throws IOException, GSSException {
                AcceptToken at = new AcceptToken();
        }
}
---------- END SOURCE ----------

CUSTOMER SUBMITTED WORKAROUND :
Using DES keys - not really an option if you take security seriously.
###@###.### 2004-12-10 16:49:21 GMT
Comments
EVALUATION Currently Windows supports only DES and RC4-HMAC encryption types. Microsoft makes heavy use of RC4-HMAC, which is not an official standard, though there is a draft that describes how they used it. They included it long before AES was approved as the official "next generation" crypto standard. In reference to higher encryption support in Kerberos, J2SE 5.0 does include support for Triple-DES in Kerberos. Support for AES and RC4-HMAC enctypes in Java Kerberos will be available in the next J2SE release. Kerberos clarifications RFC1510bis mandates support for AES, as the recommended encryption type. And support for AES in Kerberos has already been integrated in Mustang. See RFE 5018075 : Add support for AES encryption type. We are actively looking into adding support for RC4-HMAC encryption type in Java Kerberos. Following RFE is already filed: 5093560 : Add support for RC4 encryption type Hence closing this bug as duplicate. ###@###.### 2004-12-16 18:59:04 GMT
16-12-2004