Loading...

XML

Word

Printable

Details

Type: Task
Resolution: Done
Priority: Major
Fix Version/s: JBossAS-3.2.7 Final, JBossAS-4.0.2RC1
Affects Version/s: JBossAS-3.2.6 Final, JBossAS-4.0.1 Final
Component/s: Security
Labels:
None

SFDC Cases Counter:
SFDC Cases Links:

Description

The current mechanism of creating a cipher iv during the request of the SRPParameters from the SRPServerInterface, and trying to initialize the cipher with this regardless of whether the cipher supports an iv cannot be handled consistently across the jce implementations of jdk 1.3, 1.4.x and 1.5.

The creation of the cipher iv needs to be pushed to the SRPVerifierStore and its VerifierInfo data object as this is where the cipher algorithm originates. This is potentially an incompatible change for SRPVerifierStore implementations that are using cipher algorithms that do require a cipher iv. The SRPVerifierStore implementation will need to be updated to populate the VerifierInfo.cipherIV in this situation.

Attachments

Activity

People

Assignee:: Scott Stark (Inactive)

Reporter:: Scott Stark (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 2005/01/23 4:33 PM

Updated:: 2007/01/10 11:59 AM

Resolved:: 2005/01/23 7:07 PM