Request for review: 8025124: InitialToken.useNullKey incorrectly applies NULL_KEY in some cases

Weijun Wang weijun.wang at oracle.com
Sat Oct 12 09:28:52 UTC 2013


Please review the fix at

    http://cr.openjdk.java.net/~weijun/8025124/webrev.00/

This is an interop fix. We used to determine if a NULL key should be 
used based on etype being new or old, now we just look at the etype 
inside the EncryptedData. If it's 0 then there is no need to decrypt it. 
Note that this is not a security issue because the whole KRB-CRED is 
encrypted anyway.

A new regression test added.

Thanks
Max



More information about the security-dev mailing list