gitlab.com/quite/humla-spongycastle.git - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2014-03-10	Fix buffer underflows in cipher light weight API input/output streams and ↵	Tim Whittington
	beef up testing. Buffer underflows could occur when: - decrypting data > internal buffer size in output stream (input stream was fixed in prior commit) - packet mode AE cipher (e.g. CCM) is used with a data size > internal buffer size (since all output is buffered) Buffer is now sized appropriately to every cipher operation immediately prior to it (using getUpdateOutputSize/getOutputSize as appropriate) in both streams. Tests now run over boundaries of various block/buffer sizes to try to expose issues (0, 64 bit block, 128 bit block, 1K, 2K, 4K).
2013-11-01	GitHub #32 stream updates	David Hook

2013-10-10	Improved Cipher input/output streams.	Tim Whittington
	Rewrites of JCE javax.crypto.CipherInputStream and CipherOutputStream that don't silently eat invalid ciphertext exceptions and don't call doFinal() twice (i.e. can be used and used safely with AEAD ciphers). Improvement to LW API CipherInputStream and CipherOutputStream to support AEADBlockCiphers and simplify internal logic. Full testing of JCE and LW Cipher streams with common ciphers, including tampering of AEAD ciphertexts. Oracle bug refs for broken Cipher stream behaviour: - http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8016171 (CipherInputStream masks ciphertext tampering with AEAD ciphers in decrypt mode) - http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8016249 (CipherInputStream in decrypt mode fails on close with AEAD ciphers) - http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8012900 (CICO ignores AAD in GCM mode)