VDB
KO
CRITICAL

GHSA-574f-3g2m-x479

Bouncy Castle for Java GOST 28147 CTR mode reuses keystream after 255 blocks

Details

The GOST 28147-2015 CTR mode implementation (`G3413CTRBlockCipher`) in the Legion of the Bouncy Castle BC-JAVA `bcprov` core module only increments the final byte of the counter, so the counter wraps after 255 blocks and the keystream is reused. Reusing CTR keystream allows an attacker who can observe two ciphertexts produced with the same key/IV to recover the XOR of the plaintexts, breaking confidentiality. Affects BC-JAVA from 1.59 before 1.84 (with backported fixes in 1.80.2 and 1.81.1).

Are you affected?

Enter the version of the package you're using.

Affected packages

Maven / org.bouncycastle:bcprov-jdk14
Introduced in: 1.59

No fixed version published yet for org.bouncycastle:bcprov-jdk14 (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-jdk15to18
Introduced in: 1.59

No fixed version published yet for org.bouncycastle:bcprov-jdk15to18 (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-jdk18on
Introduced in: 1.59 Fixed in: 1.80.2
Fix # pom.xml: bump <version>1.80.2</version> for org.bouncycastle:bcprov-jdk18on
Maven / org.bouncycastle:bcprov-debug-jdk14
Introduced in: 1.59

No fixed version published yet for org.bouncycastle:bcprov-debug-jdk14 (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-debug-jdk15to18
Introduced in: 1.59

No fixed version published yet for org.bouncycastle:bcprov-debug-jdk15to18 (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-debug-jdk18on
Introduced in: 1.59

No fixed version published yet for org.bouncycastle:bcprov-debug-jdk18on (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-ext-jdk14
Introduced in: 1.59

No fixed version published yet for org.bouncycastle:bcprov-ext-jdk14 (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-ext-jdk15to18
Introduced in: 1.59

No fixed version published yet for org.bouncycastle:bcprov-ext-jdk15to18 (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-ext-jdk18on
Introduced in: 1.59

No fixed version published yet for org.bouncycastle:bcprov-ext-jdk18on (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-ext-debug-jdk14
Introduced in: 1.59

No fixed version published yet for org.bouncycastle:bcprov-ext-debug-jdk14 (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-ext-debug-jdk15to18
Introduced in: 1.59

No fixed version published yet for org.bouncycastle:bcprov-ext-debug-jdk15to18 (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-ext-debug-jdk18on
Introduced in: 1.59

No fixed version published yet for org.bouncycastle:bcprov-ext-debug-jdk18on (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-jdk14

No fixed version published yet for org.bouncycastle:bcprov-jdk14 (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-jdk15to18

No fixed version published yet for org.bouncycastle:bcprov-jdk15to18 (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-jdk18on
Introduced in: 1.81.0 Fixed in: 1.81.1
Fix # pom.xml: bump <version>1.81.1</version> for org.bouncycastle:bcprov-jdk18on
Maven / org.bouncycastle:bcprov-debug-jdk14

No fixed version published yet for org.bouncycastle:bcprov-debug-jdk14 (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-debug-jdk15to18

No fixed version published yet for org.bouncycastle:bcprov-debug-jdk15to18 (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-debug-jdk18on

No fixed version published yet for org.bouncycastle:bcprov-debug-jdk18on (maven). Pin to a known-safe version or switch to an alternative.

Maven / org.bouncycastle:bcprov-jdk14
Introduced in: 1.82 Fixed in: 1.84
Fix # pom.xml: bump <version>1.84</version> for org.bouncycastle:bcprov-jdk14
Maven / org.bouncycastle:bcprov-jdk15to18
Introduced in: 1.82 Fixed in: 1.84
Fix # pom.xml: bump <version>1.84</version> for org.bouncycastle:bcprov-jdk15to18
Maven / org.bouncycastle:bcprov-jdk18on
Introduced in: 1.82 Fixed in: 1.84
Fix # pom.xml: bump <version>1.84</version> for org.bouncycastle:bcprov-jdk18on
Maven / org.bouncycastle:bcprov-debug-jdk14
Introduced in: 1.82 Fixed in: 1.84
Fix # pom.xml: bump <version>1.84</version> for org.bouncycastle:bcprov-debug-jdk14
Maven / org.bouncycastle:bcprov-debug-jdk15to18
Introduced in: 1.82 Fixed in: 1.84
Fix # pom.xml: bump <version>1.84</version> for org.bouncycastle:bcprov-debug-jdk15to18
Maven / org.bouncycastle:bcprov-debug-jdk18on
Introduced in: 1.82 Fixed in: 1.84
Fix # pom.xml: bump <version>1.84</version> for org.bouncycastle:bcprov-debug-jdk18on

References