Problem with RFC5649WrapEngine

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
Report Content as Inappropriate

Problem with RFC5649WrapEngine

Erdem Memisyazici
org.bouncycastle.crypto.engines.RFC3394WrapEngine has a broken
implementation for RFC3394WrapEngine, where it doesn't simply check to
see if A[0] as per the RFC and the NIST documentation simply equals the
IV in the RFC 0xA6A6A6A6A6A6A6A6.  Funny thing is, there IS a comment
there saying don't do this, but the code does it anyways.  I went ahead
and posted the issue here 
however I'm not sure if that's the right place to correct this or not so
I figured I'll post here.  Please let me know how I may go about fixing
this issue.


--Erdem "Adam" Memisyazici
-Java EE Developer
SIS @ Middleware @ Virginia Tech