Size Cipher.doFinal

Question

Size Cipher.doFinal

I am using AES CBC decryption in java using javax.crypto. I use the following methods of the Cipher class:

public final void init (int opmode, Key key, AlgorithmParameters params) initialization method
final int update(byte[] input, int inputOffset, int inputLen, byte[] output) data decryption method,
and finally, I call the method final int doFinal(byte[] output, int outputOffset)to complete the decryption.

My query is this: can I assume that the size of the data returned to me by the call doFinalwill always be less than or equal to the size of the AES block? The documentation describes the doFinal method as:

"Finishes the multipart conversion (encryption or decryption). Processes any bytes that may have been buffered in previous update calls. Final converted bytes are stored in the output buffer."

But nowhere is it said that the output buffer will contain no more than one block of data. Although I understand that this is the general behavior of the AES API, and this is the behavior that my code has shown so far, but will this assumption always be fulfilled?

+3

java encryption aes finalize

vikas Aug 13 '10 at 9:56

source share

2 answers

Andrzej Doyle · Answer 1 · 2010-08-13T10:26:37+0000

In general (as in the context of a class Cipher), I do not think it would be safe to assume this. According to javadocs for this method doFinal:

, , ShortBufferException. . getOutputSize, , .

, "" , doFinal, getOutputSize . .

, "", , , . ( , Java) Cipher , , getOutputSize .

, CBC, update? doFinal, ?

Thomas Pornin · Answer 2 · 2010-08-13T12:19:11+0000

, , ; , , . "PKCS # 5" n ( n), n . , . CTS 2n . Java, , CTS, .

Cipher.getOutputSize(len) , len . , , , , , .

, , ( ). , : ( ) ; , doFinal(). , getOutputSize() .

Size Cipher.doFinal

More articles: