Opened 6 years ago

Last modified 4 months ago

#833 assigned defect

Fix documentation of AES padding

Reported by: zzz Owned by: slumlord
Priority: minor Milestone:
Component: www/i2p Version:
Keywords: docs, easy Cc:
Parent Tickets:


Subtickets (add)

Change History (7)

comment:1 Changed 6 years ago by str4d

  • Keywords docs added

comment:2 Changed 3 years ago by str4d

  • Keywords easy added
  • Status changed from new to open

comment:3 Changed 2 years ago by slumlord

This ticket's quite old, I just wanted to add the following comment:

The link referred to earlier http://www.i2p2.i2p/how_cryptography seems to be outdated, http://i2p-projekt.i2p/en/how_cryptography has a newer version.

comment:4 Changed 14 months ago by slumlord

Link is now http://i2p-projekt.i2p/spec/cryptography

PKCS is mentioned in reference to AES here:

We use AES with 256 bit keys and 128 bit blocks in CBC mode. 
The padding used is specified in IETF [RFC-2313] (PKCS#5 1.5, section 8.1 (for block type 02)). 
In this case, padding exists of pseudorandomly generated octets to match 16 byte blocks.
Specifically, see the CBC code [CryptixAESEngine] and the Cryptix AES implementation
[CryptixRijndael_Algorithm], as well as the padding, found in the 
ElGamalAESEngine.getPadding function [ElGamalAESEngine].

comment:5 Changed 11 months ago by zzz

  • Owner set to slumlord
  • Status changed from open to assigned

comment:6 Changed 11 months ago by slumlord

What should that be changed to? Should I remove the (PKCS#5 1.5, section 8.1 (for block type 02)) portion?

comment:7 Changed 4 months ago by zzz

I think the ticket came about because somebody complained to me that we don't do PKCS padding. But I think that one of the PKCS flavors is just adding random stuff at the end. If that's the case, we do it. Maybe that's what PKCS#5 1.5 means. That's jrandom text in there. So the mission is to research PKCS padding, figure out if we do it, and if the text in our specs is correct or not, if not, fix it.

Note: See TracTickets for help on using tickets.