RNCryptor-Spec icon indicating copy to clipboard operation
RNCryptor-Spec copied to clipboard

Published 20 hours ago verified publisher icon RNCryptor

Spec does not define or discuss padding

Open ecki opened this issue 6 years ago • 1 comments

If the padding is application specific the spec should at least warn implementiere about it. Defining a padding as part of the format might be better.

ecki avatar Aug 09 '18 22:08 ecki

It's not application specific. It requires PKCS#7 padding. I'll update the spec to say so.

rnapier avatar Aug 09 '18 22:08 rnapier

It's not application specific. It requires PKCS#7 padding. I'll update the spec to say so.

@rnapier I see v4 spec mentions this, https://github.com/RNCryptor/RNCryptor-Spec/blob/7aa27298df4d66476e06efeeeeecc6228df6cfbd/draft-RNCryptor-Spec-v4.0.md?plain=1#L55 Does this apply to the previous (current) specs? I've not dug into the code to determine this.

clach04 avatar Dec 25 '23 17:12 clach04

It’s not in the draft yet, btw when you touch the draft I would also specify the encoding of the password bytes, namely utf-8 (utf-16 is typically regarded as having too much structure with the 0 bytes).

and also I am afraid the primitives all get outdated by now (cbc, sha1, etm, no chunking, …)

ecki avatar Dec 25 '23 17:12 ecki