RFR: 8170762: Document that ISO10126Padding pads with random bytes

Bradford Wetmore wetmore at openjdk.org
Fri Jul 1 23:43:40 UTC 2022


On Fri, 1 Jul 2022 19:17:34 GMT, Kevin Driver <duke at openjdk.org> wrote:

> JDK-8170762 - update Javadoc to indicate ISO10126Padding pads with random bytes, though the spec does not require random bytes

Just a comment, I believe both approaches are ok.  The ISO 10126 spec says:

> When padding with octets...the first subfield (pad fill) shall consist
> of 0 to 7 octets with arbitrary contents. 

Adam's original comment was that because the spec says "arbitrary data," we could potentially just optimize the code a small bit by not having to fill with random data, and rather just leave as an uninitialized field.  But using random data to get some arbitrary data it is possibly a little safer since it will perturb the output a bit vs. an all zero padding.

So, fine to leave has been fixed.  However, I do have further comments on the doc bug.

-------------

PR: https://git.openjdk.org/jdk/pull/9350



More information about the security-dev mailing list