[ 
https://issues.apache.org/jira/browse/CRYPTO-60?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15299404#comment-15299404
 ] 

Xianda Ke edited comment on CRYPTO-60 at 10/14/16 8:29 AM:
-----------------------------------------------------------

Here is a sample. The behavior is similar to JCE.

{code:title=GCMSample.java|borderStyle=solid}
    
    final String transform = "AES/GCM/NoPadding";
  
    Random r = new Random();
    int textLength = r.nextInt(1024*1024);
    int ivLength = r.nextInt(60);
    int keyLength = 16;
    int tagLength = 128;  // bits
    int aadLength = r.nextInt(128);

    byte[] keyBytes = new byte[keyLength];
    byte[] plainBytes = new byte[textLength];
    byte[] ivBytes = new byte[ivLength];
    byte[] aadBytes = new byte[aadLength];

    r.nextBytes(keyBytes);
    r.nextBytes(plainBytes);
    r.nextBytes(ivBytes);
    r.nextBytes(aadBytes);

    byte[] encOutput = new byte[plainBytes.length + (tagLength >> 3)];
    byte[] decOutput = new byte[plainBytes.length];

    try {
        CryptoCipher c = Utils.getCipherInstance(transformation);
        Key key = new SecretKeySpec(keyBytes, "AES");

        GCMParameterSpec iv = new GCMParameterSpec(tagLength, ivBytes);
        c.init(CryptoCipher.ENCRYPT_MODE, key, iv);
        c.updateAAD(aadBytes);
        c.doFinal(plainBytes, 0, plainBytes.length, encOutput, 0);
        c.close();
    }
    catch (Exception ex) {
        System.out.println(ex.getMessage());
    }

    // Tamper the encrypted data.
    encOutput[0] = (byte)(encOutput[0] + 1);

    try {
        CryptoCipher c = Utils.getCipherInstance(transformation, props);
        Key key = new SecretKeySpec(keyBytes, "AES");

        GCMParameterSpec iv = new GCMParameterSpec(tagLength, ivBytes);
        c.init(CryptoCipher.DECRYPT_MODE, key, iv);
        c.updateAAD(aadBytes);
        c.doFinal(encOutput, 0, encOutput.length, decOutput, 0);
        c.close();
    }
    catch (AEADBadTagException ex) {
        System.out.println(ex.getMessage());  // "Tag mismatch!"
    }

{code}



was (Author: kexianda):
Here is a sample. The behavior is similar to JCE.

{code:title=GCMSample.java|borderStyle=solid}
    CipherTransformation transformation = 
CipherTransformation.AES_GCM_NOPADDING;
    Properties props = new Properties();
    props.setProperty(ConfigurationKeys.COMMONS_CRYPTO_CIPHER_CLASSES_KEY, 
cipherClass);
    Random r = new Random();
    int textLength = r.nextInt(1024*1024);
    int ivLength = r.nextInt(60);
    int keyLength = 16;
    int tagLength = 128;  // bits
    int aadLength = r.nextInt(128);

    byte[] keyBytes = new byte[keyLength];
    byte[] plainBytes = new byte[textLength];
    byte[] ivBytes = new byte[ivLength];
    byte[] aadBytes = new byte[aadLength];

    r.nextBytes(keyBytes);
    r.nextBytes(plainBytes);
    r.nextBytes(ivBytes);
    r.nextBytes(aadBytes);

    byte[] encOutput = new byte[plainBytes.length + (tagLength >> 3)];
    byte[] decOutput = new byte[plainBytes.length];

    try {
        CryptoCipher c = Utils.getCipherInstance(transformation, props);
        Key key = new SecretKeySpec(keyBytes, "AES");

        GCMParameterSpec iv = new GCMParameterSpec(tagLength, ivBytes);
        c.init(CryptoCipher.ENCRYPT_MODE, key, iv);
        c.updateAAD(aadBytes);
        c.doFinal(plainBytes, 0, plainBytes.length, encOutput, 0);
        c.close();
    }
    catch (Exception ex) {
        System.out.println(ex.getMessage());
    }

    // Tamper the encrypted data.
    encOutput[0] = (byte)(encOutput[0] + 1);

    try {
        CryptoCipher c = Utils.getCipherInstance(transformation, props);
        Key key = new SecretKeySpec(keyBytes, "AES");

        GCMParameterSpec iv = new GCMParameterSpec(tagLength, ivBytes);
        c.init(CryptoCipher.DECRYPT_MODE, key, iv);
        c.updateAAD(aadBytes);
        c.doFinal(encOutput, 0, encOutput.length, decOutput, 0);
        c.close();
    }
    catch (AEADBadTagException ex) {
        System.out.println(ex.getMessage());  // "Tag mismatch!"
    }

{code}


> opensslCipher support GCM mode 
> -------------------------------
>
>                 Key: CRYPTO-60
>                 URL: https://issues.apache.org/jira/browse/CRYPTO-60
>             Project: Commons Crypto
>          Issue Type: Sub-task
>            Reporter: Xianda Ke
>            Assignee: Xianda Ke
>
> The interface would look like JCE. In encryption mode,  the authenticated tag 
> information is appended at the end of output. 
> In decryption mode, the authenticated tag should appended at the end of 
> input. If the encrypted data is tampered, it will throw an 
> AEADBadTagException.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to