Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 1.20.1.Final, 2.0.0.Beta3
Affects Version/s: 1.19.0.Final
Component/s: Passwords
Labels:
- FIPS
- NAPS

Git Pull Request:
https://github.com/wildfly-security/wildfly-elytron/pull/1719

ScramDigestPasswordImpl calls Hmac.init() using the supplied secret without checking its length. The default SunJCE provider automatically pads/truncates the secret to the block length, but the SunPKCS11 provider passes the secret as-is to the underlying NSS provider, which causes a CKR_KEY_SIZE_RANGE in case there is a mismatch with the block-size.

is depended on by

ISPN-14078 Upgrade to Elytron 1.20.1.Final

Closed

is blocked by: JDK-8278640 Loading...

Assignee:: Tristan Tarrant

Reporter:: Tristan Tarrant

Votes:: 1 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2022/06/20 7:56 AM

Updated:: 2022/08/17 5:12 PM

Resolved:: 2022/08/02 1:45 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates