aes-gcm

Support of AES 256 with GCM not possible in iOS? [duplicate]

梦想与她 提交于 2019-12-20 07:35:06
问题 This question already has answers here : Is it possible to use AES128 with GCM mode on iOS? (3 answers) Closed 3 years ago . Currently the encryption mode supported with AES 256 is CBC . But I want to use AES 256 encryption with GCM mode along with PKCS5Padding / PKCS7Padding . Do let me know how it can be done ? 回答1: Common Crypto does not support GCM. But there is an implementation of AES GCM in the Security.framework, and you can add your own header file to use it. However associated data

How come putting the GCM authentication tag at the end of a cipher stream require internal buffering during decryption?

可紊 提交于 2019-12-18 17:26:13
问题 In Java, the "default" AES/GCM provider SunJCE will - during the decryption process - internally buffer 1) encrypted bytes used as input or 2) decrypted bytes produced as result . Application code doing decryption will notice that Cipher.update(byte[]) return an empty byte array and Cipher.update(ByteBuffer, ByteBuffer) return written length 0. Then when the process completes, Cipher.doFinal() will return all decoded bytes. First question is: Which bytes is it that are being buffered, number

Reusing PBKDF2 salt for AES/GCM as IV: dangerous?

心已入冬 提交于 2019-12-14 02:17:23
问题 I'm developing an encryption utility class to be reused for common operations. A very common case is to encrypt a plaintext with a user-provided password. In this case, I'm using PBKDF2 to derive a valid AES key, then use it in GCM mode to encrypt the plaintext. Some code: // IV_LEN = 96 // ITERATIONS = 1000 ~ 4000 // KEY_LEN = 128 ~ 256 // TAG_LEN = 128 public static String encrypt(byte[] plain, char[] password) throws GeneralSecurityException { SecureRandom rng = SecureRandom

AES 128 GCM objective C osx

一世执手 提交于 2019-12-13 12:23:49
问题 I am trying to encrypt/decrypt a string in an AES-128 GCM format in objective c. I have looked everywhere but can't seem to find a working solution. 回答1: Not so long ago I had a similar problem and the best answer I could find was this one. To sum up, iOS has some functions to do what you want but they are private. So, until Apple decides to release these functions, I opted for developing my own library, currently stored in GitHub and available in CocoaPods. The case you describe could be

How to make GCM Encrypt with authentication tag for Android

旧时模样 提交于 2019-12-13 11:51:32
问题 I want to make a function encrypt data by GCM mode with authentication tag for Android. This is my source code: public static byte[] GCMEncrypt(String hexKey, String hexIV, byte[] aad) throws Exception { byte[] aKey = hexStringToByteArray(hexKey); byte[] aIV = hexStringToByteArray(hexIV); Key key = new SecretKeySpec(aKey, "AES"); Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); cipher.init(Cipher.ENCRYPT_MODE, key, new GCMParameterSpec(16 * Byte.SIZE, aIV)); cipher.updateAAD(aad);

Python Pycryptodome AES-GCM encryption code performance improvement

杀马特。学长 韩版系。学妹 提交于 2019-12-13 03:46:30
问题 I am having around 19G of data which I am doing tar and then encrypt. I use below code to do the job. from subprocess import call from Crypto.Cipher import AES from Crypto.Random import get_random_bytes import sys cmd = ["tar","--acls","--selinux","-czPf","./out.tar.gz","./src"] proc = call(cmd) data = open("./out.tar.gz", "rb").read() key = get_random_bytes(32) cipher = AES.new(key, AES.MODE_GCM) ciphertext, tag = cipher.encrypt_and_digest(data) out = open("./out.bin", "wb") [out.write(x)

AES GCM implementation with authentication Tag in Java

橙三吉。 提交于 2019-12-12 07:12:53
问题 I'm using AES GCM authentication in my android project and it works fine. But getting some issues with authentication tag when it compare with openssl API generate tag. Please find the java code below: SecretKeySpec skeySpec = new SecretKeySpec(key, "AES"); byte[] iv = generateRandomIV(); IvParameterSpec ivspec = new IvParameterSpec(iv); Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); cipher.init(Cipher.ENCRYPT_MODE, skeySpec, ivspec); int outputLength = cipher.getOutputSize(data

correct nonce/iv size for AES-GCM mode

天大地大妈咪最大 提交于 2019-12-11 06:14:53
问题 EDIT: The issue can be simplified to this : The following Node.js code give an "Invalid IV length" Error. Why? What should the IV be? const crypto = require('crypto') const decipher = crypto.createDecipheriv('aes-128-gcm', crypto.randomBytes(16), crypto.randomBytes(16)) I'm using AES in GCM mode to encrypt some data, but I'm using two different languages and libraries for encryption and decryption and they seem to have different vocabularies about what I need. I'm encrypting with a Python

How do I use AES-GMAC with a secret in BCrypt?

我是研究僧i 提交于 2019-12-11 03:45:16
问题 I am trying to use AES-GMAC with BCrypt (Microsoft CNG if that helps) but the documentation seems contradictory to what I would expect. RFC 4543 states that AES-GMAC requires a secret key (which I was expecting), but BCryptCreateHash function states that pbSecret is not used unless the BCRYPT_ALG_HANDLE_HMAC is provided. I've tried using the BCRYPT_ALG_HANDLE_HMAC on BcryptOpenAlgorithmProvider and as I expected, I get a NOT_SUPPORTED when using BCRYPT_AES_GMAC_ALGORITHM with BCRYPT_ALG

Difference between IvParameterSpec and GCMParameterSpec with AES/GCM/NoPadding

被刻印的时光 ゝ 提交于 2019-12-10 13:47:49
问题 I am using AES/GCM/NoPadding algorithm to encrypt some data on Android (API 19 and onwards) and then later decrypt it back. The key size I use is 32 bytes and is provided to me In addition to the encryption, I also want to know when I try to decrypt and use a wrong key . Which is why I prefer to use GCM as my mode to get the benefits of verifying integrity (I believe its safe to assume whether the ciphertext or the key whichever is faulty would result in a bad decrypt exception rather than