MOSIP 1.1.5 CBEFF ciphering AES/GCM/PKCS5Padding


we are trying to implement MOSIP ABIS API and we want to obtain java Cipher
(bouncycastle) in order to decipher CBEFF:
ABIS APIs - MOSIP Docs 1.1.5
Block 2: The 1st part is the Encrypted data, encrypted using AES GCM PKCS5Padding

we have the following exception:
Caused by: Cannot find any provider supporting AES/GCM/PKCS5Padding
at java.base/javax.crypto.Cipher.getInstance( ~[na:na]
at com.thales.ics.bcs.cs.mosip.datashare.service.CbeffCipherer.generatePart2( ~[classes!/:1.0-SNAPSHOT]
… 71 common frames omitted
Caused by: javax.crypto.NoSuchPaddingException: Only NoPadding can be used with AEAD modes.
at org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher.engineSetPadding(Unknown Source) ~[bcprov-jdk15on-1.66.jar!/:1.66.0]
at java.base/javax.crypto.Cipher$Transform.setModePadding( ~[na:na]
at java.base/javax.crypto.Cipher.getInstance( ~[na:na]
… 72 common frames omitted

Based on our investigation it seems, that the correct ciphering should be:
- AES/GCM/NoPadding
Could you please confirm, if AES/GCM/PKCS5Padding is correct?
If yes, which security provider should we use?

best regards
Jan Komrska

hi @jkomrska the exact code that supports this decryption is available here

You can look at the mock-abis project here
Also, look at the POM and DockerFile to get the correct dependencies.

Let me know if you are still facing the issue.