search

bcgit / bc-java

Bouncy Castle Java Distribution (Mirror)
https://www.bouncycastle.org/java.html
MIT License
2.3k stars 1.14k forks source link

ArrayIndexOutOfBounds in CFBBlockCipher #332

Closed geNAZt closed 6 years ago

geNAZt commented 6 years ago

Exception in thread "ProxProx Thread #4154" java.lang.ArrayIndexOutOfBoundsException: 16 at org.bouncycastle.crypto.modes.CFBBlockCipher.encryptByte(Unknown Source) at org.bouncycastle.crypto.modes.CFBBlockCipher.calculateByte(Unknown Source) at org.bouncycastle.crypto.StreamBlockCipher.processBytes(Unknown Source) at org.bouncycastle.crypto.modes.CFBBlockCipher.processBlock(Unknown Source) at org.bouncycastle.crypto.BufferedBlockCipher.processBytes(Unknown Source) at io.gomint.proxprox.network.EncryptionHandler.processCipher(EncryptionHandler.java:321)

We use this 

    private BufferedBlockCipher createCipher( boolean encryptor, byte[] key, byte[] iv ) {
        BufferedBlockCipher cipher = new BufferedBlockCipher( new CFBBlockCipher( new AESEngine(), 8 ) );
        cipher.init( encryptor, new ParametersWithIV( new KeyParameter( key ), iv ) );
        return cipher;
    }

to generate the cipher. We use SHA256 hashes as keys, and use the first 16 bytes as IV. This does not happen all the time but users reported it to us and we think its a issue in bouncycastle since we saw this in 1.54 and in latest release 1.59

bcgit commented 6 years ago

Are you absolutely sure the cipher object is not being used by more than one thread? Ciphers have to carry internal state as they are operating, they cannot be shared between threads.

bcgit commented 6 years ago

Closed as likely to be a usage error.