Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8186831

Kerberos ignores PA-DATA with a non-null s2kparams

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 10
    • Component/s: security-libs
    • Labels:
      None

      Backports

        Description

        When adding a new principal in KDC with a password, keys are generated with a salt and an optional parameter known as s2kparams (string-to-key parameters). s2kparams is defined for AES etypes and is useless for DES, DES3 and RC4. Although Java has supported AES for a long time, it has never supported KDC-provided s2kparams. If the KDC sends out a PA-DATA with a non-null s2kparams, the whole PA-DATA (including the salt) will be ignored.

        In most cases, user would not notice a problem because default salt and s2kparams are used. However, if a KDC decides to create a new principal with a non-default salt or s2kparams, a Java Kerberos client would fail at login, because it cannot generate a correct key to decrypt KDC's response.

        For new aes-sha2 etypes defined in RFC 8009, there will be no default salt value (always has a random part) and the login will always fail. It's better to fix this bug before we support these new etypes.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  weijun Weijun Wang
                  Reporter:
                  weijun Weijun Wang
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: