org.bouncycastle.crypto.fips.FipsSelfTestFailedError: Exception on self test: Array index out of range: 32: EC

[nmanda23]

getting the following stacktrace when upgraded bc-fips-1.0.2.3.jar to bc-fips-1.0.2.4.jar. No issues when bc-fips-1.0.2.3.jar is used.
This is with IBM Java 8.

ERROR c.s.s.p.SecurityProperties - org.bouncycastle.crypto.fips.FipsSelfTestFailedError: Exception on self test: Array index out of range: 32: EC

          at org.bouncycastle.crypto.fips.SelfTestExecutor.validate(Unknown Source)

          at org.bouncycastle.crypto.fips.FipsEC.f2mDsaTest(Unknown Source)

          at org.bouncycastle.crypto.fips.FipsEC.<clinit>(Unknown Source)

          at java.lang.Class.forNameImpl(Native Method)

          at java.lang.Class.forName(Class.java:340)

          at org.bouncycastle.crypto.fips.FipsStatus.loadClass(Unknown Source)

          at org.bouncycastle.crypto.fips.FipsStatus.access$200(Unknown Source)

          at org.bouncycastle.crypto.fips.FipsStatus$Loader.run(Unknown Source)

          at org.bouncycastle.crypto.fips.FipsStatus.isReady(Unknown Source)

          at org.bouncycastle.crypto.CryptoServicesRegistrar.getDefaultMode(Unknown Source)

          at org.bouncycastle.crypto.CryptoServicesRegistrar.<clinit>(Unknown Source)

          at org.bouncycastle.jcajce.provider.ProvSecureHash$MD5.configure(Unknown Source)

          at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.<init>(Unknown Source)

          at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.<init>(Unknown Source)

          at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.<init>(Unknown Source)

          at com.sterlingcommerce.hadrian.common.util.BCSecurityFipsUtilsImpl.<clinit>(BCSecurityFipsUtilsImpl.java:126)

          at java.lang.Class.forNameImpl(Native Method)

          at java.lang.Class.forName(Class.java:340)

          at com.sterlingcommerce.security.provider.SecurityProperties.getBCSecurityUtils(SecurityProperties.java:465)

          at com.sterlingcommerce.security.provider.SecurityProperties.initialize(SecurityProperties.java:705)

          at com.sterlingcommerce.security.provider.SecurityProperties.load(SecurityProperties.java:224)

          at com.sterlingcommerce.security.provider.SecurityProperties.load(SecurityProperties.java:158)

          at com.sterlingcommerce.hadrian.Main.isBootStrapEnabled(Main.java:762)

          at com.sterlingcommerce.hadrian.Main.main(Main.java:279)

[nmanda23]

Including email from David Hook on this issue:

From: David Hook Sent: Wednesday, November 1, 2023 8:03 PM To: Subject: Re: [dev-crypto] Issue after FIPS upgrade from

Okay, I've been able to reproduce it.

The IBM BigInteger class uses a different method to the regular BigInteger class for building a BigInteger from a SecureRandom. Unfortunately it appears the new KAT from EC f2m results in the BigInteger constructor reading off the end of the fixed "random" data provided. This is something we can fix, but it would require updating the module's certificate which makes it unlikely for now.

Apologies, David

[dghgit]

This is now fixed in the early access version. Still in negotiations about organizing a release date.

[nmanda23]

Thank you David.

Naru

From: David Hook @.> Sent: Monday, November 13, 2023 1:07 AM To: bcgit/bc-java @.> Cc: Manda, Naru @.>; Author @.> Subject: Re: [bcgit/bc-java] org.bouncycastle.crypto.fips.FipsSelfTestFailedError: Exception on self test: Array index out of range: 32: EC (Issue #1532)

This mail has been sent from an external source. Do not reply to it, or open any links/attachments unless you are sure of the sender's identity.

This is now fixed in the early access version. Still in negotiations about organizing a release date.

— Reply to this email directly, view it on GitHubhttps://github.com/bcgit/bc-java/issues/1532#issuecomment-1807574757, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BD5KY5HJ3YCBRQLZU7RG47LYEHBJVAVCNFSM6AAAAAA7ISVNHSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMBXGU3TINZVG4. You are receiving this because you authored the thread.Message ID: @.**@.>> This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.

[smartycardpants]

Dear David Hook, I am also running into this error using bc-fips-1.0.2.4.jar.

The error is: org.bouncycastle.crypto.fips.FipsSelfTestFailedError: Exception on self test: Array index out of range: 32: EC

Can you give me a fix?

Thanks, smartycardpants

[dghgit]

If you've got a support contract 1.0.2.5 is now in early access, otherwise you'll need to role back to 1.0.2.3.

[smartycardpants]

I downloaded 1.0.2.3 and I no longer get the FipsSelfTestFailedError. However, I noticed that there is a vulnerability in that jar: CVE-2022-45146. Has this vulnerability been fixed?

Thanks, smartycardpants

[dghgit]

Yes, in 1.0.2.4 - note the CVE only applies if you are running Java 17.

[smartycardpants]

Yes, I guessed it was fixed in 1.0.2.4, but that's where I ran into the FipsSelfTestFailedError which I cannot get around.

[smartycardpants]

Thank you, David.

Another question - 1.0.2.4 has the FipsSelfTestFailedError that you mentioned is fixed in the early access version (1.0.2.5). When will 1.0.2.5 be publicly available without a support contract? Also, what does a support contract entail - cost? duration? etc. (Thanks again.)

[smartycardpants]

Hi David - I think my question above got lost in the posts:

When will the bc-fips-1.0.2.5.jar be publicly available? If we were to get it sooner, what is the cost of a support contract?

Thanks.

[dghgit]

Details about support and early access are available here https://www.keyfactor.com/open-source/bouncy-castle-support/ Contracts start at 25K USD. I'd guess we're currently looking at about 6 months for public release - the changes we are making are small so we're not anticipating any issues there, however the CMVP is under a lot of strain at the moment.