ISO10126PADDING, minor optimizations and random question
Bernd Eckenfels
ecki at zusammenkunft.net
Tue May 10 22:00:37 UTC 2016
Hello,
while looking at ISO10126Padding I noticed a few minor optimizations
are possible:
http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/8u40-b25/com/sun/crypto/provider/ISO10126Padding.java?av=f
unpad() - there is already a int cast done to this value:
104 int start = off + len - ((int)lastByte & 0x0ff);
can be changed into "int start = off + len - padValue;"
padWithLen() - we can request one byte less from PRNG and copy one less:
71 byte[] padding = new byte[len];
72 SunJCE.getRandom().nextBytes(padding);
73 padding[len-1] = paddingOctet;
74 System.arraycopy(padding, 0, in, off, len);
byte[] padding = new byte[len-1];
SunJCE.getRandom().nextBytes(padding);
System.arraycopy(padding, 0, in, off, len-1);
in[off+len-1] = paddingOctet;
BTW: the JCA Standards Names documentation refer to W3C XML Encryption
Standard 5.2 which does not mandate or suggest to use random padding.
It allows any value. So a possible optimization would be to not use
random bytes. If you think random bytes (and therefore non
deterministic padding) is a desireable property I would suggest to
actually document it in the SunJCE documentation. "This implements
padding as defined by the JCA Standard Names using random padding bytes.
Greetings
Bernd
More information about the security-dev
mailing list