Java 1.5 is not encoding integers properly
Seema Malkani
Seema.Malkani at sun.com
Wed Jun 21 19:12:08 EDT 2006
Sun's implementation of Java GSS/Kerberos implementation is fully
interoperable with MIT/Solaris/Linux/Windows GSS/Kerberos
implementations. Tokens generated by Java are accepted by all other
GSS/Kerberos implementations.
I'll look into this, and get back to you.
Seema
Salil Dangi wrote:
> I am using java 1.5 to generate a service ticket token (AP Request) for a
> service running on Unisys machines.
> This token can not be parsed properly due to ASN encoding errors.
>
> There is an Authenticator in this AP request.
> Within the authenticator, there is an optional field for seq-number of type
> integer.
> The seq-number is a unsigned integer that can go from 0 to 2**32 -1 with a
> random initial value.
>
> During my sample runs, I saw that Java 1.5 implementation is either sending
> an integer encoded in 2 bytes or an integer encoded in 4 bytes. When this is
> encoded in 2 bytes, there is no issue. When this is encoded in 4 bytes, the
> encoding is not correct. The value looks something like FFFFXXXX (A706 0204
> FFFFXXXX).
>
> As per ASN encoding, this should be encoded as 00FFFFXXXX (A707 0205
> 00FFFFXXXX) since ASN encoding does not allow top 9 bit to be either all
> ones or all zeroes.
>
> Has anyone seen this problem?
>
> sample Hex dump of the seq-number field from the Authenticator
>
> A70402020398 Works
> A704020207CB Works
> A7060204FFFFF77F Fails
> A7060204FFFFFA59 Fails
> A7060204FFFFF96D Fails
> A7060204FFFFF3F8 Fails
>
>
More information about the Kerberos
mailing list