Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
Java 2.0.0, Java 1.5.6
-
None
Description
XMLCipher currently unconditionally uses an IvParameterSpec to initialize the Java Cipher instance for data encryption and decryption.
In Java 1.7 a new AlgorithmParameterSpec was introduced to support GCM modes, GCMParameterSpec. This is intended to be the way that GCM mode ciphers are initialized, as it allows supplying both the IV and the authentication tag length.
In particular the security provider supplied with Oracle's Java 1.8 seems to require its use. When handed an IvParameterSpec per the current XMLCipher behavior, it fails with:
java.security.InvalidAlgorithmParameterException: Unsupported parameter: javax.crypto.spec.IvParameterSpec@15bbf42f at com.sun.crypto.provider.CipherCore.init(CipherCore.java:509) at com.sun.crypto.provider.AESCipher.engineInit(AESCipher.java:339) at javax.crypto.Cipher.implInit(Cipher.java:801) at javax.crypto.Cipher.chooseProvider(Cipher.java:859) at javax.crypto.Cipher.init(Cipher.java:1370) at javax.crypto.Cipher.init(Cipher.java:1301) at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1129) at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1081) at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1012)
The BouncyCastle security provider on the other hand works fine with IvParameterSpec and current XMLCipher. They did however add support for GCMParameterSpec in their 1.50 release (although due to an semi-related bug, it won't work properly with XMLCipher until their v1.51, which is not yet released. See: http://www.bouncycastle.org/jira/browse/BJA-473)
XMLCipher should ideally detect AES GCM mode algorithms and attempt to use GCMParameterSpec where possible, falling back to IvParameterSpec where it is not.
Patch to follow shortly.
Attachments
Attachments
Issue Links
- relates to
-
SANTUARIO-420 In IVSplittingOutputStream support use of GCMParameterSpec for AES GCM modes
- Closed