Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-145

Digest-MD5 - missing rspauth and bad encryption key

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 1.0.0.Alpha1
    • None
    • None
    • None

    Description

      • In Digest-MD5 implementation is missing last step of authetication - generating and checking of rspauth.
      • Keys generated for encrypted communication in auth-conf are different from keys generated by JDK implementation - in their generating is bug. (keys are derivated from H(A1) by RFC, so must be identical in all implementations.)

      Attachments

        Activity

          People

            jkalina@redhat.com Jan Kalina (Inactive)
            jkalina@redhat.com Jan Kalina (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: