Reputation:
BouncyCastle and AES-GCM
I'd like to use AES-GCM with BouncyCastle as the provider in order to avail myself of integrity checks using decryption. I'm curious about the kind of exception raised when the integrity check fails. Is it InvalidCipherTextException?
Also are there any other exceptions I should be handling in the context of decrypting an AES-GCM encrypted blob?
I see that there are a few more exceptions listed out at http://www.cs.berkeley.edu/~jonah/bc/org/bouncycastle/crypto/package-tree.html
Upvotes: 1
Views: 2361
Answers (1)
Reputation: 93948
For the lightweight API, the resulting exception is indeed the InvalidCipherTextException. This answer has been extracted from the Bouncy Castle source code, which is openly available (e.g. using anonymous access to the source repository).
if (!Arrays.constantTimeAreEqual(this.macBlock, msgMac))
{
throw new InvalidCipherTextException("mac check in GCM failed");
}
This seems identical in the 1.13 to 1.18 version of this file in the repository, please check again for later versions.
Upvotes: 1
Related Questions
- AES-GCM with BouncyCastle throws "mac check in GCM failed" when used with IV
- trying to encrypt with bouncycastle throw error
- Java Bouncy Castle Cryptography - Encrypt with AES
- AES decryption with bouncy castle
- Bouncy Castle AES-GCM mode vs OpenSSL AES-GCM?
- Reading AES/GCM encoded data in chunks with BouncyCastle in Java
- AES Encryption with Bouncy Castle in Java
- implementing bouncy castle aes 256
- AES Encryption/Decryption with Bouncycastle Example in J2ME
- AES-256 encryption with BouncyCastle Lightweight API