AES与PKCS#5填充
[英]AES with PKCS#5 padding
问题描述
In quite a few places, I see Java code that uses AES with PKCS#5 padding. 
在很多地方,我看到使用AES和PKCS#5填充的Java代码。 I do not understand how this could possible work. 我不明白这是如何做到的。
PKCS#5 padding is meant to be used with ciphers that have a block size of <= 8 bytes. PKCS#5填充旨在与块大小<= 8字节的密码一起使用。 The block size for AES is 16 bytes. AES的块大小为16个字节。 Is all the code that is out there that uses AES with PKCS#5 wrong? 是否所有使用AES和PKCS#5的代码都错了? Or does the framework internally use PKCS#7 instead? 或者框架内部是否使用PKCS#7? The frameworks in question would be Sun provide in Java, JCE and BouncyCastle. 有问题的框架将是Sun在Java,JCE和BouncyCastle中提供的。
1 个解决方案
解决方案1
2 已采纳 2015-06-16 00:26:51
The code is indeed using PKCS#7 instead. 代码确实使用了PKCS#7。 The reason that "PKCS5Padding" is specified is very likely due to compatibility with the older DES and 3DES ciphers. 指定"PKCS5Padding"的原因很可能是由于与旧的DES和3DES密码的兼容性。 Note that PKCS#5 padding is exactly 8 bytes, not less. 请注意,PKCS#5填充正好是8个字节,而不是更少。 Bouncy Castle usually follows the Sun/Oracle providers for the sake of compatibilty, although you can also use the more correct "PKCS7Padding" for the Bouncy Castle provider. 为了兼容性,Bouncy Castle通常遵循Sun / Oracle提供商,尽管您也可以为Bouncy Castle提供商使用更正确的"PKCS7Padding" 。
More information on the crypto site (disclaimer: pointing to my own popular Q/A). 有关加密网站的更多信息(免责声明:指向我自己的热门Q / A)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.