code review request: 7077640: gss wrap for cfx doesn't handle rrc != 0
Weijun Wang
weijun.wang at oracle.com
Tue Sep 20 05:12:09 UTC 2011
Code changes
http://cr.openjdk.java.net/~weijun/7077640/webrev.00
The original handling of rrc != 0 is not correct. We did rotate the
bytes but have not reset the RRC field in the GSS message header before
calculating the checksum. According to RFC 4121 [1]:
4.2.4. Encryption and Checksum Operations
....
In Wrap tokens that do not provide for confidentiality, the checksum
SHALL be calculated first over the to-be-signed plaintext data, and
then over the first 16 octets of the Wrap token (the "header", as
defined in section 4.2.6). Both the EC field and the RRC field in
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
the token header SHALL be filled with zeroes for the purpose of
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
calculating the checksum...
^^^^^^^^^^^^^^^^^^^^^^^^
In the test, the Context.transmit() method is split into 4 basic methods
so that we have a chance to call wrap without confidentiality.
Thanks
Max
[1] http://tools.ietf.org/html/rfc4121#section-4.2.4
On 08/12/2011 09:41 AM, weijun.wang at oracle.com wrote:
> *Change Request ID*: 7077640
>
> *Synopsis*: gss wrap for cfx doesn't handle rrc != 0
>
> Product: java
> Category: jgss
> Subcategory: krb5plugin
>
> === *Description* ============================================================
> FULL PRODUCT VERSION :
> java version "1.6.0_26"
>
> A DESCRIPTION OF THE PROBLEM :
> gss wrap for cfx doesn't handle rrc != 0
>
> Heimdal and mac os x always use an RRC != 0
>
>
>
> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
> git clone git at github.com:heimdal/heimdal.git
> cd heimdal
> sh autogen.sh
> ./configure
> make
> cd tests/java
> make check
>
>
>
> REPRODUCIBILITY :
> This bug can be reproduced always.
More information about the security-dev
mailing list