[
https://issues.apache.org/jira/browse/CRYPTO-157?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hendrik Saly updated CRYPTO-157:
--------------------------------
Summary: Authentication tag length cannot be specified for
CryptoInputStream (was: Authentication tag length cannot be specified for
CryptoInputStream.java)
> Authentication tag length cannot be specified for CryptoInputStream
> -------------------------------------------------------------------
>
> Key: CRYPTO-157
> URL: https://issues.apache.org/jira/browse/CRYPTO-157
> Project: Commons Crypto
> Issue Type: Bug
> Components: Stream
> Reporter: Hendrik Saly
> Priority: Major
>
> CryptoInputStream and CryptoOutputStream are not allowing other
> AlgorithmParameterSpec than IvParameterSpec. B they both claim to support any
> mode of operations, but without submitting a GCMParameterSpec its not
> possible to define a authentication tag length in GCM mode. Despite of that I
> am not sure if cipher in GCM is ever properly initialized without a
> GCMParameterSpec (if there is a default for tLen and its not 128 than the
> cipher is IMHO not properly initialized).
> The other thing is that modes which do not need an AlgorithmParameterSpec
> (like ECB) are also maybe not peroperly initialized. Not sure if ECB just
> ignores the given IvParameterSpec. I suggest to just allow null here and if
> null is given call the cipher.init(mode, key) method without
> AlgorithmParameterSpec.
> [https://github.com/apache/commons-crypto/blob/6b1a6968c68930e970ab4a9c21885e4872318bab/src/main/java/org/apache/commons/crypto/stream/CryptoInputStream.java#L198]
>
> [https://github.com/apache/commons-crypto/blob/6b1a6968c68930e970ab4a9c21885e4872318bab/src/main/java/org/apache/commons/crypto/stream/CryptoOutputStream.java#L184]
>
> Happy to create a PR if bug is confirmed.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
