Am Thu, 6 Mar 2014 21:14:06 +0100 schrieb Philipp Heckel <philipp.hec...@gmail.com>:
> - Using org.bouncycaslte.crypto.io.CipherInputStream with a cipher in > GCM mode and the BC provider is secure and can be used for large > files. However it does not work exactly like the GCM spec defined; > namely, it returns unauthenticated data before the tag has been > checked. My thinking was, that the "streamed" mode is usefull, but the "secure" mode is also usefull. At least for BC I would recommend to have two different cipher specs. A /GCM/ and a /GCMSTREAM/ mode. The later one would not be enabled in FIPS mode. (Ideally BC uses the same secure semantics with the JCE compatible spec). > Do you think it would be possible to at least mention possible issues > like this in the JavaDoc for CipherInputStream? I think this is very important to be mentioned that it suppresses padding and authentication exceptions in the Javadoc. Greetings Bernd
