Hendrik Saly created CRYPTO-157:
-----------------------------------
Summary: Authentication tag length cannot be specified for
CryptoInputStream.java
Key: CRYPTO-157
URL: https://issues.apache.org/jira/browse/CRYPTO-157
Project: Commons Crypto
Issue Type: Bug
Components: Stream
Reporter: Hendrik Saly
CryptoInputStream and CryptoOutputStream are not allowing other
AlgorithmParameterSpec than IvParameterSpec. B they both claim to support any
mode of operations, but without submitting a GCMParameterSpec its not possible
to define a authentication tag length in GCM mode. Despite of that I am not
sure if cipher in GCM is ever properly initialized without a GCMParameterSpec
(if there is a default for tLen and its not 128 than the cipher is IMHO not
properly initialized).
The other thing is that modes which do not need an AlgorithmParameterSpec (like
ECB) are also maybe not peroperly initialized. Not sure if ECB just ignores the
given IvParameterSpec. I suggest to just allow null here and if null is given
call the cipher.init(mode, key) method without AlgorithmParameterSpec.
[https://github.com/apache/commons-crypto/blob/6b1a6968c68930e970ab4a9c21885e4872318bab/src/main/java/org/apache/commons/crypto/stream/CryptoInputStream.java#L198]
[https://github.com/apache/commons-crypto/blob/6b1a6968c68930e970ab4a9c21885e4872318bab/src/main/java/org/apache/commons/crypto/stream/CryptoOutputStream.java#L184]
Happy to create a PR if bug is confirmed.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
