This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Java in General and the fly likes GCM & CCM example for BouncyCastle Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "GCM & CCM example for BouncyCastle" Watch "GCM & CCM example for BouncyCastle" New topic
Author

GCM & CCM example for BouncyCastle

john roney
Greenhorn

Joined: Jun 19, 2012
Posts: 13
Hi
can you give me an example for using GCM and/or CCM modes with AES in BouncyCastle?
My code is this:


but it throws this exception when decrypting in GCM mode:

And this Exception when encrypting in CCM mode:


Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1035
    
  10

JDK1.7.04 with BC 147 on Ubuntu 11.4 . Running your code I get a different but seemingly related exception -

Suspecting that it was a problem caused by using NoPadding I tried PKCS5Padding but I was informed that NoPadding is the only possibility. Ignoring the exception and comparing the input and output files I find that they are identical even when the file size is not a multiple of 16 so some form of padding is implicit when using GCM.

I don't normally jump in and assume a bug but I suspect you have found a bug in the BC library. In your position I would post it to the BC 'dev-crypto' mailing list. I would turn the code into an SSCCE ( http://sscce.org/ ) and remove the redundant code (the buffered streams do nothing for you) before posting.
john roney
Greenhorn

Joined: Jun 19, 2012
Posts: 13
I found that this line makes the exception (closing CipherInputStream for decryption phase):

Without it there is no exception and decryption output is correct. but as I know removing this line should make CipherInputStream don't call doFinal on the Cipher!
I don't know is it safe to remove it?
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1035
    
  10

john roney wrote:I found that this line makes the exception (closing CipherInputStream for decryption phase):


That is what the stack trace tells you!

Without it there is no exception and decryption output is correct. but as I know removing this line should make CipherInputStream don't call doFinal on the Cipher!
I don't know is it safe to remove it?

You might get away with not calling the close() but I'm quite uncomfortable with the concept since in general one does not know what else is being done by the close(). I would still present this to the BC mailing list for comment since closing a stream should not throw an exception if there is nothing wrong.


Edit:
By changing the decrypt to use a CipherOutputStream I don't get any exception :-


There still looks to be a bug in BC .
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: GCM & CCM example for BouncyCastle
 
Similar Threads
Cannot find any provider supporting AES
already written java code for encryption and decryption
AES Encryption/Decrypton
AES Encryption .BadPaddingException: Given final block not properly padded