具有任意标签长度的 AES-GCM [英] AES-GCM with arbitrary tag length

问题描述

对于算法测试向量评估，我尝试在 GCM 模式下执行 AES 以使用任意标签长度值(例如 32 位)进行加密和解密.

For algorithm test vector evaluation, I am trying to perform an AES in GCM mode for encryption and decryption with arbitrary tag length values such as 32 bits.

当我尝试使用如下任意标签长度初始化我的密码时:

When I try to initialize my cipher with such an arbitrary tag length as follows:

final Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
GCMParameterSpec parameterSpec = new GCMParameterSpec(tagLen, iv);
cipher.init(Cipher.ENCRYPT_MODE, secretKey, parameterSpec);

我遇到了这个错误:

java.security.InvalidAlgorithmParameterException: Unsupported TLen value; must be one of {128, 120, 112, 104, 96}

通常，这是一件好事，因为您不希望标签长度为 32.但是，出于我的目的，我确实需要这个标签长度.

Normally, this would be a good thing, because you don't want a tag length of 32. However, for my purposes I do need this tag length.

有没有办法可以覆盖这些限制以允许任意标签长度?

Is there a way that I can override these restrictions to allow for arbitrary tag lengths?

推荐答案

Bouncy Castle 库的创建是为了支持软件中的许多算法，但需要注意的是，如果您真的愿意，它可以让您自己动手.

The Bouncy Castle library was created to support many algorithms in software, with the caveat that it let's you shoot yourself in the foot if you really want to.

我可以在标签大小为 32 的情况下运行上述代码:

I can run the above code with tag size 32 without issue:

Security.addProvider(new BouncyCastleProvider());

SecretKeySpec secretKey = new SecretKeySpec(new byte[16], "AES");

final Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC");
GCMParameterSpec parameterSpec = new GCMParameterSpec(32, new byte[16]);
cipher.init(Cipher.ENCRYPT_MODE, secretKey, parameterSpec);
cipher.update("Maarten did it".getBytes(StandardCharsets.UTF_8));
byte[] ct = cipher.doFinal();     

请注意，可以看到错误，例如这里.如您所见，这是 provider 中 AES/GCM 的内部实现，而不是例如密码.您可能已经通过查看完整的堆栈跟踪发现了这一点...

Note that the error can be seen e.g. here. As you can see that is the internal implementation of AES/GCM in the provider, not e.g. Cipher. You may have found that out by looking at the full stacktrace...

这篇关于具有任意标签长度的 AES-GCM的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！