> I am having some problems with the JCE 1.2
> Cipher.getOutputSize()-method... I believe it returns a wrong padding
> size!
> ...
> This can hardly be correct: An empty byte array is padded to 8 bytes,
> and 8 bytes is padded to 16 bytes! Why? I mean, why pad 8 bytes when
> they already fit nicely into a single 8-byte block?
Please check "PKCS #5: Password-Based Encryption Standard"
(ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-5.asc), section 6.2:
--------------------------------
6.2 Encryption-block formatting
The message M and a padding string PS shall be formatted
into an octet string EB, the encryption block.
EB = M || PS . (1)
The padding string PS shall consist of 8 - (||M|| mod 8)
octets all having value 8 - (||M|| mod 8). (This makes the
length of the encryption block EB a multiple of eight
octets.) In other words, the encryption block EB satisfies
one of the following statements:
EB = M || 01 -- if ||M|| mod 8 = 7 ;
EB = M || 02 02 -- if ||M|| mod 8 = 6 ;
.
.
.
EB = M || 08 08 08 08 08 08 08 08 -- if ||M|| mod 8 = 0 .
Note. The encryption block can be parsed unambiguously since
every encryption block ends with a padding string and no
padding string is a suffix of another.
--------------------------------
This should answer your question.
Jan