]
Steven Hawkins resolved TEIID-2952.
-----------------------------------
Resolution: Done
Added a check to see if the secret is less than the expected 1024 bits (which should only
occur when the leading byte is 0).
The logic emulates the Java 7 handling so this change may cause issues for certain working
client/server combinations involving Java 6. As long as both client are patched, then
everything will work as expected.
Crypto exception with client/server running on different java
versions
----------------------------------------------------------------------
Key: TEIID-2952
URL:
https://issues.jboss.org/browse/TEIID-2952
Project: Teiid
Issue Type: Feature Request
Components: JDBC Driver, Server
Affects Versions: 7.7
Reporter: Steven Hawkins
Assignee: Steven Hawkins
Priority: Critical
Fix For: 8.7.1, 8.8
The DiffieHellman key generation logic varies by platform with the handling of leading
0's in the secret. 1.6 seems to strip while most 1.7 vms do not. A related Java bug
is
http://bugs.java.com/bugdatabase/view_bug.do?bug_id=8014618 which indicates
Sun/OpenJDK JRE 7u17 - 8b94 are affected.
If there is conflicting handling between the client/server then approximately 1 out of
256 connection attempts will fail with a bad padding exception, since the client/server
will be operating against different symmetric keys.