[Cryptography Team] Re: isProperlyPadded
Chris Muller
chris at funkyobjects.org
Fri Jul 7 15:16:05 UTC 2006
> Since isProperlyPadded assumes that that was some padding the error
> seems
> unnecessary.
> ...
> To make it more clear if a byte array is not padded then the
> unpaddedSize is
> self size.
Hi Ron, I believe the check in #unpaddedSize is proper, let me explain.
Any application must know if it is dealing with a block or stream
cipher, therefore it knows if padding is necessary. I think you agree
with this because you said:
> Since isProperlyPadded assumes that that was some padding..
In other words, isProperlyPadded knows nothing about whether a
ByteArray *is* padded, you only call it if you KNOW it's supposed to be
padded and then it will tell you if it is padded properly.
If padding is not necessary (stream cipher), the program should not be
asking for the #unpaddedSize at all.
If padding is necessary then Nils and Bruce say any improper padding
should be treated as an authentication error. If the program asks for
the #unpaddedSize for a message that was not properly padded, simply
returning "self size" would be erroneous and the program would then be
making improper assumptions about the message.
Regards,
Chris
More information about the Cryptography
mailing list