RFR 8014628: Support AES Encryption with HMAC-SHA2 for Kerberos 5
Weijun Wang
weijun.wang at oracle.com
Wed Dec 20 01:39:48 UTC 2017
> On Dec 20, 2017, at 5:02 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
>
> On 12/19/17 10:52 AM, Weijun Wang wrote:
>>> * AesSha2DkCrypto.java
>>>
>>> - why does stringToKey(char[] password, String salt, byte[] s2kparams) swallow exceptions but stringToKey(char[] secret, byte[] salt, byte[] params) does not?
>> I simply copy the behavior of the same methods for other etypes. Looks like the later is always private and called by the former. The former is called by EncryptionKey::acquireSecretKey and this method was designed to accept a null value instead of handle an exception.
>
> Ok, I suggest logging the exception if debug is enabled.
The debug flag inside AesDkCrypto and AesSha2DkCrypto are hardcoded to false and not customizable by any system property (and turning it on shows a lot of sensitive things). I can reuse the Krb5.DEBUG flag (controlled by -Dsun.security.krb5.debug=true) but it has never been used inside this level.
Also, the only reason for exception I can see is that a user managed to pack a non-positive iteration count into the s2kparams. This should be quite rare.
If you think this is worth doing, I can modify Krb5.DEBUG to support levels or categories and reuse it inside classes in crypto/dk.
Thanks
Max
>
> --Sean
More information about the security-dev
mailing list