PQ67483: PROBLEM USING KEYGENERATOR TO CREATE KEYS OF 128 BYTES OR 64 BYTES. BOTH ATTEMPT ENDUP WITH KEY SIZE OF 6.

 A fix is available

4.0.6: WebSphere Application Server Version 4.0 Fix Pack 6



APAR status
Closed as program error.

Error description
Using java script to create a 128byte key file, there are no
exceptions generated but the resulting key file lenght is 6
bytes.
.
KeyGenerator keygen = KeyGenerator.getInstance("RC4");
   keygen.init(1024);
   SecretKey secretKey =  keygen.generateKey()
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All WebSphere Application Server users       *
*                 who are using JCE API directly and           *
*                 generating a key.                            *
****************************************************************
* PROBLEM DESCRIPTION: When a user is generating a keyfile     *
*                      of certain length, say 128 bytes or     *
*                      64 bytes long, the key being returned   *
*                      is always 6 bytes long. No exceptions   *
*                      are generated.                          *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
When trying to create a 128 byte key using the RC4 algorithim,
no exceptions are thrown but the size of the resulting key is
only 6 bytes.
Problem conclusion
JCE was corrected to return the correct size key.
Temporary fix
None available.
web site. The version of JCE 1.2.2 refreshed on October
17th, 2002 has the required fix.
Comments
APAR information
APAR number PQ67483
Reported component name WEBSPHERE AE NT
Reported component ID 5630A2201
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2002-10-22
Closed date 2002-12-12
Last modified date 2002-12-12

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
SECURITY          

SRLS

Fix information
Fixed component name WEBSPHERE AE NT
Fixed component ID 5630A2201

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ67483
IBM Group: Software Group
Modified date: Dec 12, 2002