code review request: 7077640: gss wrap for cfx doesn't handle rrc != 0

Weijun Wang weijun.wang at oracle.com
Mon Sep 19 22:12:09 PDT 2011


Code changes

    http://cr.openjdk.java.net/~weijun/7077640/webrev.00

The original handling of rrc != 0 is not correct. We did rotate the 
bytes but have not reset the RRC field in the GSS message header before 
calculating the checksum. According to RFC 4121 [1]:

4.2.4.  Encryption and Checksum Operations

....

    In Wrap tokens that do not provide for confidentiality, the checksum
    SHALL be calculated first over the to-be-signed plaintext data, and
    then over the first 16 octets of the Wrap token (the "header", as
    defined in section 4.2.6).  Both the EC field and the RRC field in
                                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    the token header SHALL be filled with zeroes for the purpose of
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    calculating the checksum...
    ^^^^^^^^^^^^^^^^^^^^^^^^

In the test, the Context.transmit() method is split into 4 basic methods 
so that we have a chance to call wrap without confidentiality.

Thanks
Max

[1] http://tools.ietf.org/html/rfc4121#section-4.2.4


On 08/12/2011 09:41 AM, weijun.wang at oracle.com wrote:
> *Change Request ID*: 7077640
>
> *Synopsis*: gss wrap for cfx doesn't handle rrc != 0
>
>    Product: java
>    Category: jgss
>    Subcategory: krb5plugin
>
> === *Description* ============================================================
> FULL PRODUCT VERSION :
> java version "1.6.0_26"
>
> A DESCRIPTION OF THE PROBLEM :
> gss wrap for cfx doesn't handle rrc != 0
>
> Heimdal and mac os x always use an RRC != 0
>
>
>
> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
> git clone git at github.com:heimdal/heimdal.git
> cd heimdal
> sh autogen.sh
> ./configure
> make
> cd tests/java
> make check
>
>
>
> REPRODUCIBILITY :
> This bug can be reproduced always.



More information about the security-dev mailing list