'[jira] [Commented] (WSS-555) AES-GCM does not work with IBM JCE 1.7'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xmlrpc-user
Subject:    [jira] [Commented] (WSS-555) AES-GCM does not work with IBM JCE 1.7
From:       "Colm O hEigeartaigh (JIRA)" <jira () apache ! org>
Date:       2015-09-30 13:54:04
Message-ID: JIRA.12888569.1442586810000.112880.1443621244408 () Atlassian ! JIRA
[Download RAW message or body]


    [ https://issues.apache.org/jira/browse/WSS-555?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14936857#comment-14936857 \
] 

Colm O hEigeartaigh commented on WSS-555:
-----------------------------------------


Correction. Setting the System property \
"org.apache.xml.security.cipher.gcm.useIvParameterSpec" to "true" works on IBM JDK 7. \
Marking this issue as resolved as a result.

Colm.

> AES-GCM does not work with IBM JCE 1.7
> --------------------------------------
> 
> Key: WSS-555
> URL: https://issues.apache.org/jira/browse/WSS-555
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Core
> Affects Versions: 2.0.1
> Environment: any
> Reporter: Namrata Jaiswal
> Assignee: Colm O hEigeartaigh
> Priority: Critical
> Fix For: 2.0.1
> 
> 
> When using AES 128 GCM for encryption and decryption with IBM JCE,  decryption \
>                 fails with following error:
> org.apache.wss4j.common.ext.WSSecurityException: null
> Original Exception was org.apache.xml.security.encryption.XMLEncryptionException: \
> null Original Exception was javax.crypto.AEADBadTagException
> 	at org.apache.wss4j.dom.processor.ReferenceListProcessor.decryptEncryptedData(ReferenceListProcessor.java:437)
>   at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.decryptDataRef(EncryptedKeyProcessor.java:487)
>   at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.decryptDataRefs(EncryptedKeyProcessor.java:422)
>   at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:211)
>   at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:66)
>   at org.apache.wss4j.dom.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:427)
>   at org.apache.wss4j.dom.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:341)
>   at com.ibm.b2b.enc.EncryptionTest.testEncryptionDecryptionAESGCM(EncryptionTest.java:70)
>   at com.ibm.b2b.enc.EncryptionTest.main(EncryptionTest.java:117)
> Caused by: org.apache.xml.security.encryption.XMLEncryptionException: null
> Original Exception was javax.crypto.AEADBadTagException
> 	at org.apache.xml.security.encryption.XMLCipher.decryptToByteArray(XMLCipher.java:1851)
>   at org.apache.xml.security.encryption.XMLCipher.decryptElement(XMLCipher.java:1706)
>   at org.apache.xml.security.encryption.XMLCipher.decryptElementContent(XMLCipher.java:1744)
>   at org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:1031)
> 	at org.apache.wss4j.dom.processor.ReferenceListProcessor.decryptEncryptedData(ReferenceListProcessor.java:435)
>                 
> 	... 8 more
> Caused by: javax.crypto.AEADBadTagException
> 	at com.ibm.crypto.provider.GCTR.gcm_ad(Unknown Source)
> 	at com.ibm.crypto.provider.AESGCMCrypt.c(Unknown Source)
> 	at com.ibm.crypto.provider.AESGCMCipher.engineDoFinal(Unknown Source)
> 	at com.ibm.crypto.provider.AESGCMCipher.engineDoFinal(Unknown Source)
> 	at javax.crypto.Cipher.doFinal(Unknown Source)
> 	at org.apache.xml.security.encryption.XMLCipher.decryptToByteArray(XMLCipher.java:1847)
>                 
> 	... 12 more



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic