Uploaded image for project: 'Santuario'
  1. Santuario
  2. SANTUARIO-392

In XMLCipher support use of GCMParameterSpec for AES GCM modes



    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: Java 2.0.0, Java 1.5.6
    • Fix Version/s: Java 1.5.7, Java 2.0.1
    • Component/s: Java
    • Labels:


      XMLCipher currently unconditionally uses an IvParameterSpec to initialize the Java Cipher instance for data encryption and decryption.

      In Java 1.7 a new AlgorithmParameterSpec was introduced to support GCM modes, GCMParameterSpec. This is intended to be the way that GCM mode ciphers are initialized, as it allows supplying both the IV and the authentication tag length.

      In particular the security provider supplied with Oracle's Java 1.8 seems to require its use. When handed an IvParameterSpec per the current XMLCipher behavior, it fails with:

      java.security.InvalidAlgorithmParameterException: Unsupported parameter: javax.crypto.spec.IvParameterSpec@15bbf42f
          at com.sun.crypto.provider.CipherCore.init(CipherCore.java:509)
          at com.sun.crypto.provider.AESCipher.engineInit(AESCipher.java:339)
          at javax.crypto.Cipher.implInit(Cipher.java:801)
          at javax.crypto.Cipher.chooseProvider(Cipher.java:859)
          at javax.crypto.Cipher.init(Cipher.java:1370)
          at javax.crypto.Cipher.init(Cipher.java:1301)
          at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1129)
          at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1081)
          at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1012)

      The BouncyCastle security provider on the other hand works fine with IvParameterSpec and current XMLCipher. They did however add support for GCMParameterSpec in their 1.50 release (although due to an semi-related bug, it won't work properly with XMLCipher until their v1.51, which is not yet released. See: http://www.bouncycastle.org/jira/browse/BJA-473)

      XMLCipher should ideally detect AES GCM mode algorithms and attempt to use GCMParameterSpec where possible, falling back to IvParameterSpec where it is not.

      Patch to follow shortly.


          Issue Links



              • Assignee:
                coheigea Colm O hEigeartaigh
                putmanb@georgetown.edu Brent Putman
              • Votes:
                0 Vote for this issue
                4 Start watching this issue


                • Created: