IZ65196: RSA OAEP PADDING DOESN'T DEAL WITH ZEROES CORRECTLY

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Error Message: java
    x.crypto.IllegalBlockSizeException: lHash mismatch
            at com.ibm.crypto.provider.RSA.a(Unknown Source)
            at com.ibm.crypto.provider.RSA.engineDoFinal(Unknown
    Source)
            at javax.crypto.Cipher.doFinal(Unknown Source)
            at Test.main(Test.java:76)
    .
    Stack Trace: java
    x.crypto.IllegalBlockSizeException: lHash mismatch
            at com.ibm.crypto.provider.RSA.a(Unknown Source)
            at com.ibm.crypto.provider.RSA.engineDoFinal(Unknown
    Source)
            at javax.crypto.Cipher.doFinal(Unknown Source)
            at Test.main(Test.java:76)
    .
    

Local fix

Problem summary

  • There are 3 scenarios,  when the BigIntegers's toByteArray()
    method is called, that result in the problem:
    1) The resulting ByteArray does not have a byte corresponding to
    one leading zero in BigInteger.
    2) The resulting ByteArray does not have bytes corresponding to
    many leading zeroes in BigInteger
    3) One or more extra leading zero is introduced in the resulting
    ByteArray, though there are no leading zeroes in the BigInteger.
    The old code addresses only scenario 1. We addressed scenario 2
    and 3 to fix this problem.
    

Problem conclusion

  • This defect will be fixed in:
    6.0.0 SR7
    5.0.0 SR12
    .
    RFC clearly says the following:
       4. Convert the message representative m to an encoded message
    EM of
       length k-1 octets: EM = I2OSP (m, k-1)
    We now deal with all three cases listed in the problem
    description.
    .
    To obtain the fix:
    Install build 20091205 or later
    

Temporary fix

Comments

APAR Information

  • APAR number

    IZ65196

  • Reported component name

    SECURITY

  • Reported component ID

    620700125

  • Reported release

    600

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2009-11-16

  • Closed date

    2009-12-31

  • Last modified date

    2009-12-31

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    IZ65240

Fix information

  • Fixed component name

    SECURITY

  • Fixed component ID

    620700125

Applicable component levels

  • R600 PSN

       UP



Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Runtimes for Java Technology
Security

Software version:

6.0

Reference #:

IZ65196

Modified date:

2009-12-31

Translate my page

Machine Translation

Content navigation