[jboss-jira] [JBoss JIRA] (ELY-145) Digest-MD5 - missing rspauth and bad encryption key
Darran Lofthouse (JIRA)
issues at jboss.org
Wed Oct 21 07:56:00 EDT 2015
[ https://issues.jboss.org/browse/ELY-145?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated ELY-145:
---------------------------------
Fix Version/s: 1.0.0.Alpha1
> Digest-MD5 - missing rspauth and bad encryption key
> ---------------------------------------------------
>
> Key: ELY-145
> URL: https://issues.jboss.org/browse/ELY-145
> Project: WildFly Elytron
> Issue Type: Bug
> Reporter: Jan Kalina
> Assignee: Jan Kalina
> Fix For: 1.0.0.Alpha1
>
>
> * In Digest-MD5 implementation is missing last step of authetication - generating and checking of rspauth.
> * Keys generated for encrypted communication in auth-conf are different from keys generated by JDK implementation - in their generating is bug. (keys are derivated from H(A1) by RFC, so must be identical in all implementations.)
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list