bc-csharp icon indicating copy to clipboard operation
bc-csharp copied to clipboard

Published 20 hours ago verified publisher icon bcgit

System.IndexOutOfRangeException in Bouncy Castle Code

Open github-anurag opened this issue 3 years ago • 2 comments

Hi BC team,

I am a maintainer of the OCI Dotnet SDK project. We use Portable Bouncy Castle v1.9.0 in our project (link). One of our customer is seeing sporadic issues in Bouncy Castle code as mentioned in the log below or here. Can you help us figure out why this is erroring out?

(Index was outside the bounds of the array.)
 ---> System.IndexOutOfRangeException: Index was outside the bounds of the array.
   at Org.BouncyCastle.Crypto.Digests.GeneralDigest.BlockUpdate(Byte[] input, Int32 inOff, Int32 length) in /_/crypto/src/crypto/digests/GeneralDigest.cs:line 58
at Org.BouncyCastle.Crypto.Digests.GeneralDigest.Update(Byte input) in /_/crypto/src/crypto/digests/GeneralDigest.cs:line 42
   at Org.BouncyCastle.Crypto.Digests.GeneralDigest.Finish() in /_/crypto/src/crypto/digests/GeneralDigest.cs:line 105
   at Org.BouncyCastle.Crypto.Digests.Sha256Digest.DoFinal(Byte[] output, Int32 outOff) in /_/crypto/src/crypto/digests/Sha256Digest.cs:line 111
   at Org.BouncyCastle.Crypto.Signers.RsaDigestSigner.GenerateSignature() in /_/crypto/src/crypto/signers/RsaDigestSigner.cs:line 154
   at Oci.Common.Http.Signing.DefaultRequestSigner.SignRequest(HttpRequestMessage requestMessage)
   at Oci.Common.Http.RestClient.RequestReceptor(HttpRequestMessage requestMessage)
   at Oci.Common.Http.RestClientHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at System.Net.Http.HttpMessageInvoker.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.SendAsyncCore(HttpRequestMessage request, HttpCompletionOption completionOption, Boolean async, Boolean emitTelemetryStartStop, CancellationToken cancellationToken)
   at Oci.Common.Http.RestClient.HttpSend(HttpRequestMessage httpRequest, HttpCompletionOption completionOption, CancellationToken cancellationToken)
   at Oci.Common.Retry.GenericRetrier.<>c__DisplayClass4_0.<<MakeRetryingCall>b__4>d.MoveNext()

github-anurag avatar Jul 07 '22 17:07 github-anurag

My guess would be that the same RsaDigestSigner is being used from two separate threads, which will not work properly because signers are stateful across the potentially multiple calls involved in generating a signature.

peterdettman avatar Jul 07 '22 18:07 peterdettman

Thanks for the suggestion @peterdettman. I will try to look into our code a bit more to see if we are doing this on our end or if our customer has tweaked the code somehow on their end.

github-anurag avatar Jul 08 '22 20:07 github-anurag

Reworked our code to make this call thread safe.

github-anurag avatar Aug 30 '22 16:08 github-anurag