knjensen
commented
5 years ago Last commit fixed the issue. The error was a wrong flag in the Data Entity, which prevented updating the IV. Why the internal testing didn't catch this issue is left as a problem between H2/Hibernate, since the flag was ignored. The external testing demonstrated the problem, and the cleaner code made it easier to fix.
During the implementation of a system using CWS to store data, a bug was discovered. It seems that when the content of an existing object is replaced, there is a problem with the padding, during decryption.
It should be noted, that the code has been tested quite thoroughly, so the discovery of the bug is surprising! As it is concsidered a critical (show-stopper) bug, it will also be made in the 1.1 branch and will result in a new 1.1.1 release.