Request for review: 8025124: InitialToken.useNullKey incorrectly applies NULL_KEY in some cases

Xuelei Fan xuelei.fan at oracle.com
Mon Oct 14 06:06:00 PDT 2013


Looks fine to me.

Xuelei

On 10/12/2013 5:28 PM, Weijun Wang wrote:
> Please review the fix at
> 
>    http://cr.openjdk.java.net/~weijun/8025124/webrev.00/
> 
> This is an interop fix. We used to determine if a NULL key should be
> used based on etype being new or old, now we just look at the etype
> inside the EncryptedData. If it's 0 then there is no need to decrypt it.
> Note that this is not a security issue because the whole KRB-CRED is
> encrypted anyway.
> 
> A new regression test added.
> 
> Thanks
> Max



More information about the security-dev mailing list