Fix documentation of AES padding

[zzz]

We don't really use PKCS.

Ref:

​http://www.i2p2.i2p/how_cryptography
​http://zzz.i2p/topics/1318

[slumlord]

This ticket's quite old, I just wanted to add the following comment:

The link referred to earlier ​http://www.i2p2.i2p/how_cryptography seems to be outdated, ​http://i2p-projekt.i2p/en/how_cryptography has a newer version.

[slumlord]

Link is now ​http://i2p-projekt.i2p/spec/cryptography

PKCS is mentioned in reference to AES here:

...
We use AES with 256 bit keys and 128 bit blocks in CBC mode. 
The padding used is specified in IETF [RFC-2313] (PKCS#5 1.5, section 8.1 (for block type 02)). 
In this case, padding exists of pseudorandomly generated octets to match 16 byte blocks.
Specifically, see the CBC code [CryptixAESEngine] and the Cryptix AES implementation
[CryptixRijndael_Algorithm], as well as the padding, found in the 
ElGamalAESEngine.getPadding function [ElGamalAESEngine].
...

[slumlord]

What should that be changed to? Should I remove the (PKCS#5 1.5, section 8.1 (for block type 02)) portion?

[zzz]

I think the ticket came about because somebody complained to me that we don't do PKCS padding. But I think that one of the PKCS flavors is just adding random stuff at the end. If that's the case, we do it. Maybe that's what PKCS#5 1.5 means. That's jrandom text in there. So the mission is to research PKCS padding, figure out if we do it, and if the text in our specs is correct or not, if not, fix it.