Opened 7 years ago

Last modified 7 months ago

#833 assigned defect

Fix documentation of AES padding

Reported by: zzz Owned by: slumlord
Priority: minor Milestone:
Component: www/i2p Version:
Keywords: docs, easy Cc:
Parent Tickets: Sensitive: no

Description

Subtickets

Change History (7)

comment:1 Changed 6 years ago by str4d

Keywords: docs added

comment:2 Changed 4 years ago by str4d

Keywords: easy added
Status: newopen

comment:3 Changed 2 years ago by slumlord

This ticket's quite old, I just wanted to add the following comment:

The link referred to earlier http://www.i2p2.i2p/how_cryptography seems to be outdated, http://i2p-projekt.i2p/en/how_cryptography has a newer version.

comment:4 Changed 17 months ago by slumlord

Link is now http://i2p-projekt.i2p/spec/cryptography

PKCS is mentioned in reference to AES here:

...
We use AES with 256 bit keys and 128 bit blocks in CBC mode. 
The padding used is specified in IETF [RFC-2313] (PKCS#5 1.5, section 8.1 (for block type 02)). 
In this case, padding exists of pseudorandomly generated octets to match 16 byte blocks.
Specifically, see the CBC code [CryptixAESEngine] and the Cryptix AES implementation
[CryptixRijndael_Algorithm], as well as the padding, found in the 
ElGamalAESEngine.getPadding function [ElGamalAESEngine].
...

comment:5 Changed 14 months ago by zzz

Owner: set to slumlord
Status: openassigned

comment:6 Changed 14 months ago by slumlord

What should that be changed to? Should I remove the (PKCS#5 1.5, section 8.1 (for block type 02)) portion?

comment:7 Changed 7 months ago by zzz

I think the ticket came about because somebody complained to me that we don't do PKCS padding. But I think that one of the PKCS flavors is just adding random stuff at the end. If that's the case, we do it. Maybe that's what PKCS#5 1.5 means. That's jrandom text in there. So the mission is to research PKCS padding, figure out if we do it, and if the text in our specs is correct or not, if not, fix it.

Note: See TracTickets for help on using tickets.