Description of problem: org.bouncycastle.crypto.io.CipherInputStream in bouncycastle-1.50 is broken. When plaintext with >4079 bytes is encrypted, the decryption fails with an ArrayIndexOutOfBoundsException. A description of the problem[1] and test code[2] is available. [1]: http://blog.philippheckel.com/2014/03/01/cipherinputstream-for-aead-modes-is-broken-in-jdk7-gcm/#Decrypting-with-org-bouncycastle-crypto-io-CipherInputStream-broken-in-1-50-fixed-in-future-versions [2]: https://github.com/binwiederhier/cipherinputstream-aes-gcm Version-Release number of selected component (if applicable): bouncycastle-1.50-6.fc22 How reproducible: Always Steps to Reproduce: 1. Install bouncycastle-1.50 2. Build and run test code Actual results: It fails to decrypt after encrypting with an ArrayIndexOutOfBoundsException error. Expected results: Encrypt and decrypt successfully Additional info: This issue is fixed in bouncycastle-1.51 and newer.
Upstream patch: https://github.com/bcgit/bc-java/commit/933119114c96f703d1303a3c77d9ac405091270d
bouncycastle-1.50-7.fc22 has been submitted as an update for Fedora 22. https://admin.fedoraproject.org/updates/bouncycastle-1.50-7.fc22
bouncycastle-1.50-5.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/bouncycastle-1.50-5.fc21
Package bouncycastle-1.50-7.fc22: * should fix your issue, * was pushed to the Fedora 22 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing bouncycastle-1.50-7.fc22' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2015-7619/bouncycastle-1.50-7.fc22 then log in and leave karma (feedback).
bouncycastle-1.50-7.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
bouncycastle-1.50-5.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.