--- a/src/java.security.jgss/share/classes/sun/security/krb5/internal/PAData.java Thu Sep 21 16:29:34 2017 +0800
+++ b/src/java.security.jgss/share/classes/sun/security/krb5/internal/PAData.java Thu Sep 21 16:29:45 2017 +0800
@@ -1,4 +1,5 @@
/*
+ * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -30,7 +31,7 @@
package sun.security.krb5.internal;
-import sun.security.krb5.KrbException;
+import sun.security.krb5.internal.crypto.EType;
import sun.security.util.*;
import sun.security.krb5.Asn1Exception;
import java.io.IOException;
@@ -172,8 +173,8 @@
while (d2.data.available() > 0) {
DerValue value = d2.data.getDerValue();
ETypeInfo2 tmp = new ETypeInfo2(value);
- if (tmp.getParams() == null) {
- // we don't support non-null s2kparams
+ if (EType.isNewer(tmp.getEType()) || tmp.getParams() == null) {
+ // we don't support non-null s2kparams for old etypes
return tmp.getEType();
}
}
@@ -239,8 +240,9 @@
while (d2.data.available() > 0) {
DerValue value = d2.data.getDerValue();
ETypeInfo2 tmp = new ETypeInfo2(value);
- if (tmp.getParams() == null && tmp.getEType() == eType) {
- // we don't support non-null s2kparams
+ if (tmp.getEType() == eType &&
+ (EType.isNewer(eType) || tmp.getParams() == null)) {
+ // we don't support non-null s2kparams for old etypes
return new SaltAndParams(tmp.getSalt(), tmp.getParams());
}
}