Cipher.init(...) does not check if the passed parameters are valid or not. For example: int blocksize = 8; byte[] iv = new byte[blocksize -1]; encrypt = Cipher.getInstance("DES/CBC/PKCS5Padding", "GNU-CRYPTO"); encrypt.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv)); According to the javadocs, a InvalidAlgorithmParameterException should be thrown as the IV is too short. This is also the behaviour of BouncyCastle.
Created attachment 11719 [details] Mauve test case to check if passed IV are valid or not Adds a testInitWithIVParameterSpec test to the mauve TestOfCipherEngineInit test. This test checks to make sure that only valid IV are being accepted.
Created attachment 11720 [details] Checks that the IvParameterSpec contains a valid length IV Adds a simple test to the CipherAdapter that will throw a InvalidAlgorithmParameterException if the IV size does not match the block size of the cipher.
hello Matt, does your following patch fixes this PR? 2006-07-14 Matt Wringe <mwringe@redhat.com> * gnu/javax/crypto/jce/cipher/CipherAdapter.java (engineInit): Throw InvalidAlgorithmParameterException for invalid IVParameterSpec IV length. if yes i'd like to close this PR. cheers; rsn
A patch for this bug has already been committed. If there are no objections, this bug should now be closed.
i'm closing this PR. it was fixed as of this ChangeLog entry: 2006-07-14 Matt Wringe <mwringe@redhat.com>