CVE-2016-1000340
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000340
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-1000340.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-1000340
- Aliases
- Downstream
- Related
- Published
- 2018-06-04T13:29:00Z
- Modified
- 2025-08-09T20:01:26Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed (org.bouncycastle.math.raw.Nat???). These classes are used by our custom elliptic curve implementations (org.bouncycastle.math.ec.custom.**), so there was the possibility of rare (in general usage) spurious calculations for elliptic curve scalar multiplications. Such errors would have been detected with high probability by the output validation for our scalar multipliers.
- References
-
- https://access.redhat.com/errata/RHSA-2018:2669
- https://access.redhat.com/errata/RHSA-2018:2927
- https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00#diff-e5934feac8203ca0104ab291a3560a31
- https://security.netapp.com/advisory/ntap-20181127-0004/
- https://www.oracle.com/security-alerts/cpuoct2020.html
Affected packages
Debian:11 / bouncycastle
Package
- Name
- bouncycastle
- Purl
- pkg:deb/debian/bouncycastle?arch=source
Debian:12 / bouncycastle
Package
- Name
- bouncycastle
- Purl
- pkg:deb/debian/bouncycastle?arch=source
Debian:13 / bouncycastle
Package
- Name
- bouncycastle
- Purl
- pkg:deb/debian/bouncycastle?arch=source
Debian:14 / bouncycastle
Package
- Name
- bouncycastle
- Purl
- pkg:deb/debian/bouncycastle?arch=source
Git / github.com/bcgit/bc-java
Affected ranges
- Type
- GIT
- Repo
- https://github.com/bcgit/bc-java
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
{
"vanir_signatures": [
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat160.java",
"function": "square"
},
"digest": {
"length": 2000.0,
"function_hash": "94488520555349931873853949182459710249"
},
"signature_version": "v1",
"id": "CVE-2016-1000340-1adfd433",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat160.java",
"function": "square"
},
"digest": {
"length": 2236.0,
"function_hash": "58994922172034438237012863531284423503"
},
"signature_version": "v1",
"id": "CVE-2016-1000340-2697d742",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat160.java"
},
"digest": {
"line_hashes": [
"60388865091532489829183506249428233079",
"225052258672677441149922973801279870427",
"86521731562283326084166736055965107423",
"155766582746768132208336962369484543853",
"311540302120270784412481404782396631347",
"336034308736571311453457599491795836173",
"202912565637422964581709255663136102169",
"324096374174214470504751945136935895095",
"272493136239170152953323751184335906247",
"294696352135758872242310347607747886838",
"125536096527976832715516369460930714699",
"169133074809917392931783230309769669091",
"197156913925098695657692725422086733730",
"187613208362056969464640828801603084752",
"162667495626254651280174896699259063318",
"122864626385147078753325960174521250501",
"94072399684595854390902470139384682492",
"219420053986978758947456837390501079269",
"157676268948825083973750652217917932078",
"31315042331388932325569841356357973786",
"73826029496535282225636684403394566596",
"317851165121185994999352010752112504545",
"280447133684787578601288952888160750428",
"87868340647533249615589167794004575900",
"278186649565135102517567839578617450242",
"262550646066059723418460562478420035904",
"241911040186394957382287325930959296146",
"83917443869216155878807693616245438194"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2016-1000340-5417bca7",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Line",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat128.java",
"function": "square"
},
"digest": {
"length": 1766.0,
"function_hash": "173379956562823633444655387748379146061"
},
"signature_version": "v1",
"id": "CVE-2016-1000340-56119a58",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat256.java",
"function": "square"
},
"digest": {
"length": 3593.0,
"function_hash": "123035307202263373677071430153773530585"
},
"signature_version": "v1",
"id": "CVE-2016-1000340-662c8bc7",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat256.java"
},
"digest": {
"line_hashes": [
"60388865091532489829183506249428233079",
"225052258672677441149922973801279870427",
"86521731562283326084166736055965107423",
"155766582746768132208336962369484543853",
"311540302120270784412481404782396631347",
"336034308736571311453457599491795836173",
"202912565637422964581709255663136102169",
"324096374174214470504751945136935895095",
"272493136239170152953323751184335906247",
"294696352135758872242310347607747886838",
"177635921750121206154853382412026426690",
"91798997907312641684922814972101817828",
"273725588425818673966158860792223645696",
"310225683941063096924764594564288080307",
"60816861878561549950364269800922963152",
"136246684283852792549403330331329486560",
"233825561704286927700283043505857991091",
"60622096130863707203614444989203714756",
"89507710646720818848907880433662838147",
"183056463848592615830227064784400762621",
"120761915172614118151795018519548595706",
"122359505531001776004048171874201495261",
"290377355501936912367018414905313197930",
"7151524741679006882223721260474739527",
"319135912602310847980273850629375886661",
"62092213643660737243112828471637867829",
"16197856522433730614083649158090611544",
"45334683845071122973905542756200607128",
"11152548005697389192459986222601015234",
"162667495626254651280174896699259063318",
"122864626385147078753325960174521250501",
"94072399684595854390902470139384682492",
"219420053986978758947456837390501079269",
"157676268948825083973750652217917932078",
"31315042331388932325569841356357973786",
"73826029496535282225636684403394566596",
"317851165121185994999352010752112504545",
"280447133684787578601288952888160750428",
"87868340647533249615589167794004575900",
"89220783497296564282045523877975210443",
"313798379155309655364947511935214253123",
"127846708069382065269399088776927842970",
"244257973317682214301140624924155413184",
"322509429957104310146160877103271152919",
"272755484027131273821234260331008089443",
"235975321796533952388465255253955238528",
"165408685110490002139208062713729674845",
"330214408880320252209270065047835390292",
"33486906602432933631979267125509806788",
"100590642154296398832743260260099669033",
"223965006118558577177386860892110725895",
"171816187472939114357375886883458630179",
"226339363231510652795047173167638381117",
"300781723136108659487177067110612509140",
"40700022427605555509895476995536225615",
"43353789184201644185336683736488235768",
"57712240481963747677442275307539778039",
"83882645519138407048232497301087523951"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2016-1000340-8ca18221",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Line",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat128.java"
},
"digest": {
"line_hashes": [
"60388865091532489829183506249428233079",
"225052258672677441149922973801279870427",
"86521731562283326084166736055965107423",
"155766582746768132208336962369484543853",
"311540302120270784412481404782396631347",
"317419010837840989217732729399968327299",
"283700139519965654794444167918008400957",
"24335359771185436790215443420286736356",
"169168549738874309167534213291547453411",
"162667495626254651280174896699259063318",
"122864626385147078753325960174521250501",
"94072399684595854390902470139384682492",
"219420053986978758947456837390501079269",
"157676268948825083973750652217917932078",
"175244057951877094457069663936607455500",
"124442519375174944576839939348433100937",
"136204028811298158226575836385288729844",
"235013955171226304998785066277695661145"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2016-1000340-9496e1bd",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Line",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat128.java",
"function": "square"
},
"digest": {
"length": 1581.0,
"function_hash": "41118428257651833403339054913346920041"
},
"signature_version": "v1",
"id": "CVE-2016-1000340-a72f1538",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat224.java",
"function": "square"
},
"digest": {
"length": 3329.0,
"function_hash": "27633383338768068759198032262969848403"
},
"signature_version": "v1",
"id": "CVE-2016-1000340-a9b14c1d",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat256.java",
"function": "square"
},
"digest": {
"length": 3949.0,
"function_hash": "11208599187153895243431836854275631771"
},
"signature_version": "v1",
"id": "CVE-2016-1000340-b38c4890",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat192.java",
"function": "square"
},
"digest": {
"length": 2758.0,
"function_hash": "224944844376450971286851170398594754537"
},
"signature_version": "v1",
"id": "CVE-2016-1000340-b516e6ff",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat224.java"
},
"digest": {
"line_hashes": [
"60388865091532489829183506249428233079",
"225052258672677441149922973801279870427",
"86521731562283326084166736055965107423",
"155766582746768132208336962369484543853",
"311540302120270784412481404782396631347",
"336034308736571311453457599491795836173",
"202912565637422964581709255663136102169",
"324096374174214470504751945136935895095",
"272493136239170152953323751184335906247",
"294696352135758872242310347607747886838",
"177635921750121206154853382412026426690",
"91798997907312641684922814972101817828",
"273725588425818673966158860792223645696",
"310225683941063096924764594564288080307",
"60816861878561549950364269800922963152",
"136246684283852792549403330331329486560",
"233825561704286927700283043505857991091",
"60622096130863707203614444989203714756",
"89507710646720818848907880433662838147",
"183056463848592615830227064784400762621",
"37032823149179990219764173479047108069",
"10865134604814395359319153236400328415",
"96240582998809830320711048044159642892",
"41235219836132499647262837206343032992",
"162667495626254651280174896699259063318",
"122864626385147078753325960174521250501",
"94072399684595854390902470139384682492",
"219420053986978758947456837390501079269",
"157676268948825083973750652217917932078",
"31315042331388932325569841356357973786",
"73826029496535282225636684403394566596",
"317851165121185994999352010752112504545",
"280447133684787578601288952888160750428",
"87868340647533249615589167794004575900",
"89220783497296564282045523877975210443",
"313798379155309655364947511935214253123",
"127846708069382065269399088776927842970",
"244257973317682214301140624924155413184",
"322509429957104310146160877103271152919",
"272755484027131273821234260331008089443",
"235975321796533952388465255253955238528",
"165408685110490002139208062713729674845",
"330214408880320252209270065047835390292",
"33486906602432933631979267125509806788",
"275433587818463500158127026831999657040",
"81100350673861287175118580746397192666",
"84067708798551410653791131787376026085",
"20684624959455093661789437034560730801"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2016-1000340-baad2244",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Line",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat224.java",
"function": "square"
},
"digest": {
"length": 3013.0,
"function_hash": "131405578449455604786363803559589886625"
},
"signature_version": "v1",
"id": "CVE-2016-1000340-d5d150b0",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat192.java"
},
"digest": {
"line_hashes": [
"60388865091532489829183506249428233079",
"225052258672677441149922973801279870427",
"86521731562283326084166736055965107423",
"155766582746768132208336962369484543853",
"311540302120270784412481404782396631347",
"336034308736571311453457599491795836173",
"202912565637422964581709255663136102169",
"324096374174214470504751945136935895095",
"272493136239170152953323751184335906247",
"294696352135758872242310347607747886838",
"177635921750121206154853382412026426690",
"91798997907312641684922814972101817828",
"273725588425818673966158860792223645696",
"310225683941063096924764594564288080307",
"60816861878561549950364269800922963152",
"296396644064472152673234004630782321629",
"162512062411799818829158101385209894944",
"193271716654370831284868326473822425848",
"248371627599185794120245610479884347909",
"162667495626254651280174896699259063318",
"122864626385147078753325960174521250501",
"94072399684595854390902470139384682492",
"219420053986978758947456837390501079269",
"157676268948825083973750652217917932078",
"31315042331388932325569841356357973786",
"73826029496535282225636684403394566596",
"317851165121185994999352010752112504545",
"280447133684787578601288952888160750428",
"87868340647533249615589167794004575900",
"89220783497296564282045523877975210443",
"313798379155309655364947511935214253123",
"127846708069382065269399088776927842970",
"244257973317682214301140624924155413184",
"322509429957104310146160877103271152919",
"324087641726546848324422446741312173649",
"130326624690536280672023723885641123164",
"116724889620870553742195914450537129361",
"91470542085241819001156106990998498482"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2016-1000340-e426ea75",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Line",
"deprecated": false
},
{
"target": {
"file": "core/src/main/java/org/bouncycastle/math/raw/Nat192.java",
"function": "square"
},
"digest": {
"length": 2482.0,
"function_hash": "30631725459665882023055276089462194093"
},
"signature_version": "v1",
"id": "CVE-2016-1000340-ed6a6307",
"source": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00",
"signature_type": "Function",
"deprecated": false
}
]
}