john roney wrote:I found that this line makes the exception (closing CipherInputStream for decryption phase):
That is what the stack trace tells you!
Without it there is no exception and decryption output is correct. but as I know removing this line should make CipherInputStream don't call doFinal on the Cipher!
I don't know is it safe to remove it?
You might get away with not calling the close() but I'm quite uncomfortable with the concept since in general one does not know what else is being done by the close(). I would still present this to the BC mailing list for comment since closing a stream should not throw an exception if there is nothing wrong.
Edit:
By changing the decrypt to use a CipherOutputStream I don't get any exception :-
There still looks to be a bug in BC .