aes-gcm

问题 I have the following code in Java: public static void deriveKeyAndIV(String password) throws Exception { SecureRandom random = new SecureRandom(); if (salt == null) { salt = new byte[HASH_BYTE_SIZE / 8]; // use salt size at least as long as hash random.nextBytes(salt); } if (ivBytes == null) { ivBytes = new byte[HASH_BYTE_SIZE / 8]; random.nextBytes(ivBytes); } PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, PBKDF2_ITERATIONS, HASH_BYTE_SIZE); SecretKeyFactory skf =

问题 I'm currently working on a Java TLS server. (I posted here a few days ago regarding KeyExchange signature) I'm now trying to decrypt TLS message encoded using AES-GCM. The server already handles CBC but since it's vulnerable to POODLE we'd like to do GCM instead. I'll try to explain as best as I can :) For this code we are using Java 8u91, Netty 3.9.0. We do not use BouncyCastle and we don't intend to, we would like to stick with the JDK. The code ! /** * Deciphers the fragment and returns

问题 I'm using AES to encrypt/decrypt some files in GCM mode using BouncyCastle. While I'm proving wrong key for decryption there is no exception. How should I check that the key is incorrect? my code is this: SecretKeySpec incorrectKey = new SecretKeySpec(keyBytes, "AES"); IvParameterSpec ivSpec = new IvParameterSpec(ivBytes); Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC"); byte[] block = new byte[1048576]; int i; cipher.init(Cipher.DECRYPT_MODE, incorrectKey, ivSpec);

问题 I'm trying to do a TLS connection using any of the AES GCM variants and from what I understand in the docs this should be possible but I get this error: Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1989) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java

问题 I am using OpenSSL's EVP interfaces to implement AES encryption using GCM mode. Now GCM, being one of the authentication modes, provides cipher text integrity. Meaning it generates a tag (MAC - message authentication code) on the cipher text (and additional data, if provided). This tag can later be checked before decryption, to ensure that the cipher text has not been modified. I have implemented the encryption as per this blog post: http://incog-izick.blogspot.in/2011/08/using-openssl-aes

问题 While trying to implement AES-GCM for the first time, we are facing issue in generating AuthenticationTag, Encrypted cipher & GCM mac check fails in the end. For out current implementation tag[] is being populated but byte[] encrypted remains empty. And because of this cipher.doFinal(data1, offset) gives ' mac check in GCM failed '. It appears to be some issue around the size of byte arrays, can someone please share on what basis should the output buffer size be determined? Should this be

问题 I've managed to encrypt some data with AES-GCM using IE 11 on Windows 10 but I can't get decryption to work. Example encryption JS code: let plainText = new Uint8Array([1]); let key; let keyBuf = window.msCrypto.getRandomValues(new Uint8Array(32)); let iv = window.msCrypto.getRandomValues(new Uint8Array(12)); let additionalData = window.msCrypto.getRandomValues(new Uint8Array(16)); let encResult; let importOp = window.msCrypto.subtle.importKey('raw', keyBuf, { name: 'AES-GCM' }, false, [

问题 There is a very good example for random access AES CTR mode and it works: Random access InputStream using AES CTR mode in android private static final int AES_BLOCK_SIZE = 16; private static IvParameterSpec calculateIVForOffset(final IvParameterSpec iv, final long blockOffset) { final BigInteger ivBI = new BigInteger(1, iv.getIV()); final BigInteger ivForOffsetBI = ivBI.add(BigInteger.valueOf(blockOffset / AES_BLOCK_SIZE)); final byte[] ivForOffsetBA = ivForOffsetBI.toByteArray(); final

问题 There is a very good example for random access AES CTR mode and it works: Random access InputStream using AES CTR mode in android private static final int AES_BLOCK_SIZE = 16; private static IvParameterSpec calculateIVForOffset(final IvParameterSpec iv, final long blockOffset) { final BigInteger ivBI = new BigInteger(1, iv.getIV()); final BigInteger ivForOffsetBI = ivBI.add(BigInteger.valueOf(blockOffset / AES_BLOCK_SIZE)); final byte[] ivForOffsetBA = ivForOffsetBI.toByteArray(); final

问题 This question already has answers here : Is it possible to use AES128 with GCM mode on iOS? (3 answers) Closed 3 years ago . Currently the encryption mode supported with AES 256 is CBC . But I want to use AES 256 encryption with GCM mode along with PKCS5Padding / PKCS7Padding . Do let me know how it can be done ? 回答1: Common Crypto does not support GCM. But there is an implementation of AES GCM in the Security.framework, and you can add your own header file to use it. However associated data