AES with PKCS # 5 add-on

Question

AES with PKCS # 5 add-on

In several places, I see Java code that uses AES with the PKCS # 5 add-on. I don’t understand how this is possible.

PKCS # 5 padding is intended for use with ciphers whose block size is <= 8 bytes. The block size for AES is 16 bytes. Is all the code that exists that uses AES with PKCS # 5 wrong? Or is the internal structure using PKCS # 7? The structures in question will be provided by Sun in Java, JCE, and BouncyCastle.

+4

java encryption aes bouncycastle jce

user277465 Jun 12 '15 at 18:16

source share

1 answer

Maarten bodewes · Accepted Answer · 2015-06-16T00:26:51+0000

The code really uses PKCS # 7. The reason it is indicated "PKCS5Padding"is very likely due to compatibility with older DES and 3DES ciphers. Please note that PKCS # 5 padding is 8 bytes, at least. Bouncy Castle usually follows Sun / Oracle providers for compatibility, although you can also use the more appropriate one "PKCS7Padding"for the Bouncy Castle provider.

Additional information on the cryptographic site (disclaimer: reference to my own popular Q / A).

AES with PKCS # 5 add-on

More articles: