openjdk · alexeybakhtin · Jan 11, 2024
diff --git a/jdk/src/share/classes/sun/security/krb5/KrbApReq.java b/jdk/src/share/classes/sun/security/krb5/KrbApReq.java
@@ -301,12 +301,13 @@ private void authenticate(Krb5AcceptCredential cred, InetAddress initiator)
         if (!authenticator.ctime.inClockSkew())
             throw new KrbApErrException(Krb5.KRB_AP_ERR_SKEW);
 
+        String alg = AuthTimeWithHash.DEFAULT_HASH_ALG;
         byte[] hash;
         try {
-            hash = MessageDigest.getInstance("MD5")
+            hash = MessageDigest.getInstance(AuthTimeWithHash.realAlg(alg))
                     .digest(apReqMessg.authenticator.cipher);
         } catch (NoSuchAlgorithmException ex) {
-            throw new AssertionError("Impossible");
+            throw new AssertionError("Impossible " + alg);
         }
 
         char[] h = new char[hash.length * 2];
@@ -319,6 +320,7 @@ private void authenticate(Krb5AcceptCredential cred, InetAddress initiator)
                 apReqMessg.ticket.sname.toString(),
                 authenticator.ctime.getSeconds(),
                 authenticator.cusec,
+                alg,
                 new String(h));
         rcache.checkAndStore(KerberosTime.now(), time);
 

diff --git a/jdk/src/share/classes/sun/security/krb5/internal/rcache/AuthTime.java b/jdk/src/share/classes/sun/security/krb5/internal/rcache/AuthTime.java
@@ -116,14 +116,14 @@ public static AuthTime readFrom(SeekableByteChannel chan)
             if (st.countTokens() != 6) {
                 throw new IOException("Incorrect rcache style");
             }
-            st.nextToken();
+            String hashAlg = st.nextToken();
             String hash = st.nextToken();
             st.nextToken();
             client = st.nextToken();
             st.nextToken();
             server = st.nextToken();
             return new AuthTimeWithHash(
-                    client, server, ctime, cusec, hash);
+                    client, server, ctime, cusec, hashAlg, hash);
         } else {
             return new AuthTime(
                     client, server, ctime, cusec);

diff --git a/jdk/src/share/classes/sun/security/krb5/internal/rcache/AuthTimeWithHash.java b/jdk/src/share/classes/sun/security/krb5/internal/rcache/AuthTimeWithHash.java
@@ -25,6 +25,8 @@
 
 package sun.security.krb5.internal.rcache;
 
+import sun.security.action.GetPropertyAction;
+
 import java.util.Objects;
 
 /**
@@ -34,14 +36,39 @@
 public class AuthTimeWithHash extends AuthTime
         implements Comparable<AuthTimeWithHash> {
 
+    // The hash algorithm can be "HASH" or "SHA256".
+    public static final String DEFAULT_HASH_ALG;
+
+    static {
+        if (GetPropertyAction.privilegedGetProperty(
+                "jdk.krb5.rcache.useMD5", "false").equals("true")) {
+            DEFAULT_HASH_ALG = "HASH";
+        } else {
+            DEFAULT_HASH_ALG = "SHA256";
+        }
+    }
+
+    public static String realAlg(String alg) {
+        switch (alg) {
+            case "HASH":
+                return "MD5";
+            case "SHA256":
+                return "SHA-256";
+            default:
+                throw new AssertionError(alg + " is not HASH or SHA256");
+        }
+    }
+
+    final String hashAlg;
     final String hash;
 
     /**
      * Constructs a new <code>AuthTimeWithHash</code>.
      */
     public AuthTimeWithHash(String client, String server,
-            int ctime, int cusec, String hash) {
+            int ctime, int cusec, String hashAlg, String hash) {
         super(client, server, ctime, cusec);
+        this.hashAlg = hashAlg;
         this.hash = hash;
     }
 
@@ -56,6 +83,7 @@ public boolean equals(Object o) {
         if (!(o instanceof AuthTimeWithHash)) return false;
         AuthTimeWithHash that = (AuthTimeWithHash)o;
         return Objects.equals(hash, that.hash)
+                && Objects.equals(hashAlg, that.hashAlg)
                 && Objects.equals(client, that.client)
                 && Objects.equals(server, that.server)
                 && ctime == that.ctime
@@ -88,6 +116,19 @@ public int compareTo(AuthTimeWithHash other) {
         return cmp;
     }
 
+    /**
+     * Compares with a possibly old style object. Used
+     * in DflCache$Storage#loadAndCheck.
+     * @return true if all AuthTime fields are the same but different hash
+     */
+    public boolean sameTimeDiffHash(AuthTimeWithHash old) {
+        if (!this.isSameIgnoresHash(old)) {
+            return false;
+        }
+        return this.hashAlg.equals(old.hashAlg) &&
+                !this.hash.equals(old.hash);
+    }
+
     /**
      * Compares with a possibly old style object. Used
      * in DflCache$Storage#loadAndCheck.
@@ -112,7 +153,7 @@ public byte[] encode(boolean withHash) {
         String sstring;
         if (withHash) {
             cstring = "";
-            sstring = String.format("HASH:%s %d:%s %d:%s", hash,
+            sstring = String.format("%s:%s %d:%s %d:%s", hashAlg, hash,
                     client.length(), client,
                     server.length(), server);
         } else {

diff --git a/jdk/src/share/classes/sun/security/krb5/internal/rcache/DflCache.java b/jdk/src/share/classes/sun/security/krb5/internal/rcache/DflCache.java
@@ -97,6 +97,8 @@
  * Java also does this way.
  *
  * See src/lib/krb5/rcache/rc_io.c and src/lib/krb5/rcache/rc_dfl.c.
+ *
+ * Update: New version can use other hash algorithms.
  */
 public class DflCache extends ReplayCache {
 
@@ -307,7 +309,7 @@ private int loadAndCheck(Path p, AuthTimeWithHash time,
                         if (time.equals(a)) {
                             // Exact match, must be a replay
                             throw new KrbApErrException(Krb5.KRB_AP_ERR_REPEAT);
-                        } else if (time.isSameIgnoresHash(a)) {
+                        } else if (time.sameTimeDiffHash((AuthTimeWithHash)a)) {
                             // Two different authenticators in the same second.
                             // Remember it
                             seeNewButNotSame = true;

diff --git a/jdk/test/sun/security/krb5/auto/ReplayCacheExpunge.java b/jdk/test/sun/security/krb5/auto/ReplayCacheExpunge.java
@@ -47,15 +47,15 @@ public static void main(String[] args) throws Exception {
         int count = Integer.parseInt(args[0]);
         ReplayCache cache = ReplayCache.getInstance("dfl:./");
         AuthTimeWithHash a1 =
-                new AuthTimeWithHash(client, server, time(-400), 0, hash("1"));
+                new AuthTimeWithHash(client, server, time(-400), 0, "HASH", hash("1"));
         AuthTimeWithHash a2 =
-                new AuthTimeWithHash(client, server, time(0), 0, hash("4"));
+                new AuthTimeWithHash(client, server, time(0), 0, "HASH", hash("4"));
         KerberosTime now = new KerberosTime(time(0)*1000L);
         KerberosTime then = new KerberosTime(time(-300)*1000L);
 
         // Once upon a time, we added a lot of events
         for (int i=0; i<count; i++) {
-            a1 = new AuthTimeWithHash(client, server, time(-400), 0, hash(""));
+            a1 = new AuthTimeWithHash(client, server, time(-400), 0, "HASH", hash(""));
             cache.checkAndStore(then, a1);
         }
 

diff --git a/jdk/test/sun/security/krb5/auto/ReplayCachePrecise.java b/jdk/test/sun/security/krb5/auto/ReplayCachePrecise.java
@@ -48,9 +48,9 @@ public class ReplayCachePrecise {
     public static void main(String[] args) throws Exception {
 
         AuthTimeWithHash a1 = new AuthTimeWithHash(client, server, time(0), 0,
-                "1111111111111111");
+                "HASH", "1111111111111111");
         AuthTimeWithHash a2 = new AuthTimeWithHash(client, server, time(0), 0,
-                "2222222222222222");
+                "HASH", "2222222222222222");
         KerberosTime now = new KerberosTime(time(0)*1000L);
 
         // When all new styles, must exact match