gpt4 book ai didi

java - xws-security(webservices-rt)中的GCM加解密

转载 作者:搜寻专家 更新时间:2023-11-01 03:35:43 25 4
gpt4 key购买 nike

我已经使用 JDK8 在 xws-security (EncryptionProcessor.java) 中成功实现了对 GCM 加密的支持,并针对其他系统进行了测试。但是我有解密问题。第一个问题如下java.security.InvalidAlgorithmParameterException:不支持的参数:javax.crypto.spec.IvParameterSpec。我通过将初始化 vector (iv) 从 IvParameterSpec() 更改为 GCMParameterSpec() 解决了这个问题,如下所示(来自 DecryptionProcessor.java 的代码片段)

          try {
String dataAlgorithm = JCEMapper.translateURItoJCEID(tmp);
decryptor = Cipher.getInstance(dataAlgorithm);

//decryptor = Cipher.getInstance("DESede/CBC/ISO10126Padding");

int ivLen = decryptor.getBlockSize();
byte[] ivBytes = new byte[ivLen];

System.arraycopy(cipherInput, 0, ivBytes, 0, ivLen);
if (dataAlgorithm.matches(".*[gG][cC][mM].*$")) { // TK 03/09/2015 - probably needs more places for decrypting body stuff
GCMParameterSpec iv = new GCMParameterSpec(ivLen * Byte.SIZE, ivBytes);
decryptor.init(Cipher.DECRYPT_MODE, symmetricKey, iv);
}
else {
IvParameterSpec iv = new IvParameterSpec(ivBytes);
decryptor.init(Cipher.DECRYPT_MODE, symmetricKey, iv); <===== old line 761
}

cipherOutput = decryptor.doFinal(cipherInput, ivLen, cipherInput.length-ivLen);
} catch (Exception e) {
log.log(Level.SEVERE, "WSS1232.failedto.decrypt.attachment", e);
throw new XWSSecurityException(e);
}

我现在在调用 doFinal() 时遇到以下错误

    javax.crypto.AEADBadTagException: Tag mismatch!
at com.sun.crypto.provider.GaloisCounterMode.decryptFinal(GaloisCounterMode.java:524)
at com.sun.crypto.provider.CipherCore.finalNoPadding(CipherCore.java:1023)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:960)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:824)
at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:436)
at javax.crypto.Cipher.doFinal(Cipher.java:2223)
at com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor.decryptAttachment(DecryptionProcessor.java:775)

对此有任何意见/建议将不胜感激

最佳答案

修复了解密 SWA 附件 - 感谢 dave_thompson_085 的提示。代码调整如下

        try {
String dataAlgorithm = JCEMapper.translateURItoJCEID(tmp);
decryptor = Cipher.getInstance(dataAlgorithm);

//decryptor = Cipher.getInstance("DESede/CBC/ISO10126Padding");

int ivLen = decryptor.getBlockSize();
byte[] ivBytes = null; // = new byte[ivLen];

if (dataAlgorithm.matches(".*[gG][cC][mM].*$")) { // TK 03/09/2015 - probably needs more places for decrypting body stuff
ivLen = 12; // 12 for GCM - also see wss4j-2.1.2/ws-security-common/src/main/java/org/apache/wss4j/common/util/AttachmentUtils.java
ivBytes = new byte[ivLen];
System.arraycopy(cipherInput, 0, ivBytes, 0, ivLen);
GCMParameterSpec iv = new GCMParameterSpec(16 * Byte.SIZE, ivBytes);
decryptor.init(Cipher.DECRYPT_MODE, symmetricKey, iv);
}
else {
ivBytes = new byte[ivLen];
System.arraycopy(cipherInput, 0, ivBytes, 0, ivLen);
IvParameterSpec iv = new IvParameterSpec(ivBytes);
decryptor.init(Cipher.DECRYPT_MODE, symmetricKey, iv);
}

cipherOutput = decryptor.doFinal(cipherInput, ivLen, cipherInput.length-ivLen);
} catch (Exception e) {
log.log(Level.SEVERE, "WSS1232.failedto.decrypt.attachment", e);
throw new XWSSecurityException(e);
}

现在GCM XML元素解密也有类似的问题。稍后会跟进。

关于java - xws-security(webservices-rt)中的GCM加解密,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/32386142/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com