IBM Support

IJ10491: AES/GCM CIPHER - AAD NOT RESET TO UN-INIT STATE AFTER DOFINAL( ) AND INIT( )

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

APAR status

  • Closed as program error.

Error description

  • Error Message: N/A
    .
    Stack Trace: N/A
    .
    When the same AES/GCM cipher object is used to perform both the
    encryption and the decryption of a piece of data, the customer
    observed that if an AAD value with length=0 is supplied for
    decryption, then the decryption operation would unexpectedly
    succeed.
    

Local fix

Problem summary

  • The IBMJCE provider code was failing to reset the AAD value to
    its uninitialized state within the AES/GCM cipher object state
    during init( ) processing and doFinal( ) processing, as dictated
    by the Cipher javadocs.
    The Cipher framework updateAAD( ) method discards any AAD values
    with length=0.  Therefore, the AAD value supplied to the AES/GCM
    cipher object for decryption was being discarded, and the AAD
    value that had been supplied for encryption was retained and was
    reused for decryption.
    

Problem conclusion

  • The AES/GCM cipher code of the IBMPKCS11Impl provider has been
    modified to set the AAD value within the cipher object to its
    uninitialized state during init( ) and doFinal( ) processing.
    The GIT issue associated with this change is #1.
    The RTC Problem report associated with this change is 139433.
    The affected IBM JVM's are:  70sr10fp35, 7.1sr4fp35, and
    80sr5fp25
    The affected jar file is ibmjceprovider.jar.
    The build level of the updated IBMJCE70 jar file is:  build-169
    The build level of the updated IBMJCE80 jar file is:  build-170
    .
    This APAR will be fixed in the following Java Releases:
       8    SR5 FP25  (8.0.5.25)
       7    SR10 FP35 (7.0.10.35)
       7 R1 SR4 FP35  (7.1.4.35)
    .
    Contact your IBM Product's Service Team for these Service
    Refreshes and Fix Packs.
    For those running stand-alone, information about the available
    Service Refreshes and Fix Packs can be found at:
               https://www.ibm.com/developerworks/java/jdk/
    

Temporary fix

Comments

APAR Information

  • APAR number

    IJ10491

  • Reported component name

    SECURITY

  • Reported component ID

    620700125

  • Reported release

    270

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2018-10-11

  • Closed date

    2018-10-15

  • Last modified date

    2018-10-15

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    SECURITY

  • Fixed component ID

    620700125

Applicable component levels



Document information

More support for: Runtimes for Java Technology
Security

Software version: 270

Reference #: IJ10491

Modified date: 15 October 2018