[#JRUBY-1100] JOpenSSL - Truncation of OpenSSL Cipher's initialization is not mimic'ed in bouncecastle's JCE

JRuby

JOpenSSL - Truncation of OpenSSL Cipher's initialization is not mimic'ed in bouncecastle's JCE

Created: 03/Jun/07 11:24 PM Updated: 23/Apr/08 10:16 AM

Component/s:

OpenSSL

Affects Version/s:

JRuby 1.1

Fix Version/s:

JRuby 1.1

Time Tracking:

Not Specified

File Attachments:

test_cipher.rb (0.5 kb)

Testcase included:

yes

Description

« Hide

BouncyCastle's Cipher implementation strictly enforces IV specifications, while MRI does not and truncates to the proper length.

Attached failing test case which passes under MRI.
Full code sample listed here: http://www.headius.com/rubyspec/index.php/Openssl

Open Question: Should JRuby workaround this issue, should a bug be filed against Ruby, or is it between the BouncyCastle and SSLeay folks?

All

Comments

Work Log

Change History

Sort Order:

Ascending order - Click to sort in descending order

[ Permlink | « Hide ]

Charles Oliver Nutter - 23/Oct/07 12:51 PM

We'll leave it up to Ola. I don't see "more strictness" as something we should try to break, especially since as you say it could easily be reported as a bug against MRI or OpenSSL (not strict enough).

[ Permlink | « Hide ]

Ola Bini - 11/Feb/08 07:23 AM

Fixed in JOpenSSL trunk by truncating IV if too long.

[ Permlink | « Hide ]

Charles Oliver Nutter - 23/Apr/08 10:12 AM

Marking bugs with invalid "fixed for release" as fixed in 1.1.