ENCRYPT puts 'illegal' chars into UTF-8 String
----------------------------------------------
Key: JGRP-1321
URL:
https://issues.jboss.org/browse/JGRP-1321
Project: JGroups
Issue Type: Bug
Affects Versions: 2.12, 2.11, 2.10, 2.9, 2.8, 2.7, 2.6
Environment: Sun JVM and IBM JVM are currently incompatible. IBM is fixing, but
still this is a problem since it weakens the strength of the key
Reporter: Ken Michie
Assignee: Bela Ban
Priority: Minor
Storing any random byte array into a UTF-8 string causes invalid characters to be replaced
with hex value FFFD. Since the IBM JVM currently does this incorrectly (differently from
the Sun JVM), 2 nodes on different JVMs (IBM and SUN) using ENCRYPT will not be able to
communicate because they calculate different MD5 digest values.
Main thread:
http://old.nabble.com/ENCRYPT-puts-illegal-chars-into-UTF-8-String-seems-...
More description of why UTF-8 does this recplacement:
http://en.wikipedia.org/wiki/UTF-8
The fix will possibly make older versions of ENCRYPT incompatible since it will change the
calculated MD5 digest value.
To fix it, ENCRYPT should be changed from this:
private void initSymCiphers(String algorithm, SecretKey secret) throws Exception {
...
symVersion=new String(digest.digest(), "UTF-8");
...
}
To something like this (byteArrayToHexString() copied from
http://jkmessenger.googlecode.com/svn-history/r8/trunk/CryptoUtils.java):
private void initSymCiphers(String algorithm, SecretKey secret) throws Exception {
...
symVersion = byteArrayToHexString(digest.digest())
...
public static String byteArrayToHexString(byte[] b){
StringBuffer sb = new StringBuffer(b.length * 2);
for (int i = 0; i < b.length; i++){
int v = b[i] & 0xff;
if (v < 16) {
sb.append('0');
}
sb.append(Integer.toHexString(v));
}
return sb.toString().toUpperCase();
}
--
This message is automatically generated by JIRA.
For more information on JIRA, see:
http://www.atlassian.com/software/jira