You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Peter Rebholz (Jira)" <ji...@apache.org> on 2020/01/09 20:09:00 UTC

[jira] [Commented] (SHIRO-730) Updates the default Cipher mode to GCM in AesCipherService

    [ https://issues.apache.org/jira/browse/SHIRO-730?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17012194#comment-17012194 ] 

Peter Rebholz commented on SHIRO-730:
-------------------------------------

Not sure if this the right protocol, but should this change be considered a breaking change? Or is AesCipherService considered an internal API?

 

If someone uses this service to encrypt and decrypt values that are persisted then existing values will be unreadable (when using the defaults) after upgrading to Shiro 1.4.2. I'm attaching a small program ([^ShiroUpgradeTest.java]) that demonstrates this and produces the following output:

$ SHIRO_VERSION=1.4.1
$ java -cp shiro-core-$SHIRO_VERSION.jar:shiro-crypto-cipher-$SHIRO_VERSION.jar:slf4j-api-1.7.22.jar:slf4j-nop-1.7.22.jar:. ShiroUpgradeTest encrypt
$ java -cp shiro-core-$SHIRO_VERSION.jar:shiro-crypto-cipher-$SHIRO_VERSION.jar:slf4j-api-1.7.22.jar:slf4j-nop-1.7.22.jar:. ShiroUpgradeTest decrypt
Plain Text: Hello World

$ SHIRO_VERSION=1.4.2
$ java -cp shiro-core-$SHIRO_VERSION.jar:shiro-crypto-cipher-$SHIRO_VERSION.jar:slf4j-api-1.7.22.jar:slf4j-nop-1.7.22.jar:. ShiroUpgradeTest decrypt
Exception in thread "main" org.apache.shiro.crypto.CryptoException: Unable to execute 'doFinal' with cipher instance [javax.crypto.Cipher@5a2e4553].
 at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:462)
 at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:445)
 at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:390)
 at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:382)
 at ShiroUpgradeTest.decrypt(ShiroUpgradeTest.java:49)
 at ShiroUpgradeTest.main(ShiroUpgradeTest.java:63)
Caused by: javax.crypto.AEADBadTagException: Tag mismatch!
 at com.sun.crypto.provider.GaloisCounterMode.decryptFinal(GaloisCounterMode.java:592)
 at com.sun.crypto.provider.CipherCore.finalNoPadding(CipherCore.java:1116)
 at com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:1053)
 at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:853)
 at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:446)
 at javax.crypto.Cipher.doFinal(Cipher.java:2164)
 at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:459)
 ... 5 more

 

 

> Updates the default Cipher mode to GCM in AesCipherService
> ----------------------------------------------------------
>
>                 Key: SHIRO-730
>                 URL: https://issues.apache.org/jira/browse/SHIRO-730
>             Project: Shiro
>          Issue Type: Improvement
>            Reporter: Francois Papon
>            Priority: Major
>             Fix For: 1.4.2, 1.5.0
>
>         Attachments: ShiroUpgradeTest.java
>
>




--
This message was sent by Atlassian Jira
(v8.3.4#803005)