PKCS5Padding可以处于AES/GCM模式吗? [英] Can PKCS5Padding be in AES/GCM mode?
问题描述
AES/GCM的填充模式是什么?我知道它可以是NoPadding,就像在ECB模式下可以是PKCS5Padding一样,在GCM模式下又如何呢?在JCE界面中,我们需要提供算法/模式/填充"(
What's the padding mode for AES/GCM? I understood it can be NoPadding, as in ECB mode it can be PKCS5Padding, how about in GCM mode? in JCE interface, we need provide "algorithm/mode/padding" (Reference).
因此,我使用以下代码获取了实例,该实例在JDK中可以运行,但在IBM SDK中却失败了,提示
So I used the following code to get the instance and it works in JDK but failed in IBM SDK which says
找不到支持AES/GCM/PKCS5Padding的提供程序
cannot find provider for supporting AES/GCM/PKCS5Padding
Cipher.getInstance("AES/GCM/PKCS5Padding");
真正的填充用例是什么?
What's real use case for padding?
推荐答案
GCM是一种流传输模式,这意味着密文仅与明文一样长(不包括身份验证标签). GCM不需要填充.这意味着PKCS5Padding版本实际上只是NoPadding的同义词,以方便编程.有些提供程序没有这种奇怪的模式.
GCM is a streaming mode which means that the ciphertext is only as long as the plaintext (not including authentication tag). GCM doesn't require a padding. This means that the PKCS5Padding version is actually only a synonym for NoPadding for convenience during programming. Some providers don't have this strange mode.
在某些情况下,填充明文是有意义的.例如,您可以通过添加随机长度PKCS5Padding来隐藏实际纯文本的长度.
The are cases where padding the plaintext makes sense. For example, you can hide the length of the actual plaintext by appending a random length PKCS5Padding.
这篇关于PKCS5Padding可以处于AES/GCM模式吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!