Differences between pkcs5padding and pkcs7padding

Source: Internet
Author: User
Tags pkcs7

In our work, we often encounter interactive use of encryption and decryption algorithms on cross-language platforms. In particular, some standard encryption and decryption algorithms are designed to block data blocks and fill algorithms.
For example, the common filling algorithms in C # and Java are as follows:

Filling Algorithm in. Net:

Member name Description
Ansix923 The string filled with ansix923 consists of a byte sequence. The last byte of this sequence is the length of the byte sequence, and the remaining bytes are all filled with digits.

The following example shows how this mode works. Assume that the block length is

8. If the data length is 9, the number of 8 bytes is equal to 7, and the data is equal to FF:

Data: FF

X923 fill: FF 00 00 00 00 07

Iso10126 The iso10126 filling string is composed of a byte sequence. The last byte of this byte sequence is the length of the byte sequence, and the remaining byte is filled with random data.

The following example shows how this mode works. Assuming that the block length is 8 and the data length is 9, the number of 8 bytes is equal to 7, and the data is equal to FF:

Data: FF

Iso10126 filling: FF 7d 2a 75 EF F8 EF 07

None Do not fill.
Pkcs7 The PKCS #7 Filling string consists of a byte sequence. Each byte is filled with the length of the byte sequence.

The following example demonstrates how these modes work. Assuming that the block length is 8 and the data length is 9, the number of 8 bytes is equal to 7, and the data is equal to FF:

Data: FF

Pkcs7 filling: FF 07 07 07 07 07 07

Zeros The filling string consists of bytes set to zero.

The padding algorithm supported in Java (Cipher) includes

ALG. Name Description
Nopadding No padding.
Iso10126padding This padding for block ciphers is described in 5.2 block encryption algorithms in the W3C's "XML encryption syntax and processing" document.
Oaeppadding, oaepwith <digest> and <MGF> padding Optimal asypolicric encryption padding scheme defined in PKCS1, where <digest> shocould be replaced by the message digest and <MGF> by the mask generation function. Examples:Oaepwithmd5andmgf1paddingAndOAEPWithSHA-512AndMGF1Padding.

IfOAEPPaddingIs used,CipherObjects are initialized withjavax.crypto.spec.OAEPParameterSpecObject To suppply values needed for epeppadding.

Pkcs1padding The padding scheme described in PKCS1, used with the RSA algorithm.
Pkcs5padding The padding scheme described in RSA Laboratories, "pkcs5: Password-based encryption standard," version 1.5, November 1993.
Ssl3padding The padding scheme defined in the SSL protocol version 3.0, November 18,199 6, section 5.2.3.2 (CBC block cipher ):

    block-ciphered struct {opaque content[SSLCompressed.length];opaque MAC[CipherSpec.hash_size];uint8 padding[    GenericBlockCipher.padding_length];uint8 padding_length;    } GenericBlockCipher;

The size of an instance of a genericblockcipher must be a multiple of the block cipher's block length.

The padding length, which is always present, contributes to the padding, which implies that if:

    sizeof(content) + sizeof(MAC) % block_length = 0, 

Padding has to be (block_length-1) bytes long, because of the existencepadding_length.

This make the padding scheme similar (but not quite) to pkcs5padding, where the padding length is encoded in the padding (and ranges from 1 to block_length ). with the SSL scheme, the sizeof (padding) is encoded in the always presentpadding_lengthAnd therefore ranges from 0 to block_length-1.

In simple comparison, it is found thatNone,Iso10126In fact, pkcs5padding and pkcs7padding can also be used in common.

By studying the references, we can find the differences between the two definitions:

    • [Def]PKCS #7: cryptographic message syntax Standard,
      An RSA Laboratories technical note, version 1.5. revised November 1, 1993. http://www.cnblogs.com/midea0978/admin/ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-7.asc
    • [INF]PKCS #5: Password-Based Encryption Standard,
      An RSA Laboratories technical note, version 1.5. revised November 1, 1993. http://www.cnblogs.com/midea0978/admin/ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-5.asc

      In pkcs5padding, the block size is clearly defined as 8 bits, while in pkcs7padding definition, the block size is uncertain, it can be between 1-255 (the block length exceeds is yet to be studied), and the filling value algorithms are the same:

      Value = k-(L mod k), k = block size, L = Data Length, if l = 8, you need to fill in 8 of the additional 8 bytes

      In. net, for example, tripledescryptoserviceprovider, the default blocksize is 64 bits = 8 bytes, so in this case, pkcs5padding = pkcs7padding.

      If you define a block size that is not 64 bits in C # And use pkcs7padding at the same time, you cannot decrypt it by using the JDK standard pkcs5padding in Java.

      Java code example


      Try {
      Byte [] key_data = {121,-49,-14,109,107, 77 };
      Cipher cipher = cipher. getinstance ("desede/ECB/pkcs5padding ");
      Secretkeyspec key = new secretkeyspec (key_data, "desede"); // generate the key required for encryption and decryption
      Cipher. INIT (Cipher. encrypt_mode, key );
      Byte [] res = cipher. dofinal (data. getbytes ());
      } Catch (exception e ){
      E. printstacktrace ();
      }

      C # code example


      Tripledescryptoserviceprovider des = new tripledescryptoserviceprovider ();
      Des. mode = ciphermode. ECB;
      Des. Padding = paddingmode. pkcs7;
      Byte [] buffer = encoding. Default. getbytes ("plaintext ");
      Memorystream stream = new memorystream ();
      Byte [] Key = convert. frombase64string ("aqjp4u1acnnybwsmhuq7bvixhyrnq2ap ");
      Cryptostream encstream = new cryptostream (stream, Des. createencryptor (Key, null), cryptostreammode. Write );
      Encstream. Write (buffer, 0, buffer. Length );
      Encstream. flushfinalblock ();
      Byte [] res = stream. toarray ();
      Console. writeline ("Result:" + convert. tobase64string (RES ));

       

    • Reference http://www.users.zetnet.co.uk/hopwood/crypto/scan/cs.html#pad_PKCSPadding

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.