Bug 24760 - Update reference for AES-CBC padding to RFC2315
authorMark Watson <watsonm@netflix.com>
Fri, 28 Feb 2014 09:00:20 -0800
changeset 141 7f7c2917970d
parent 140 2c367832ef72
child 142 11dcc989d87b
Bug 24760 - Update reference for AES-CBC padding to RFC2315
spec/Overview-WebCryptoAPI.xml
spec/Overview.html
--- a/spec/Overview-WebCryptoAPI.xml	Thu Feb 27 18:05:12 2014 -0800
+++ b/spec/Overview-WebCryptoAPI.xml	Fri Feb 28 09:00:20 2014 -0800
@@ -5884,9 +5884,8 @@
               When operating in CBC mode, messages that are not exact multiples
               of the AES block size (16 bytes) can be padded under a variety of
               padding schemes. In the Web Crypto API, the only padding mode that
-              is supported is that of PKCS#5 and PKCS#7, as described by
-              Section 6.1.1, p4 of RFC 2898 [<a href="#RFC2898">RFC2898</a>] and
-              Section 10.3, p2 of RFC 2315 [<a href="#RFC2315">RFC2315</a>].
+              is supported is that of PKCS#7, as described by
+              Section 10.3, step 2, of RFC 2315 [<a href="#RFC2315">RFC2315</a>].
             </p>
           </div>
           <div id="aes-cbc-registration" class="section">
@@ -5969,8 +5968,9 @@
                   <li>
                     <p>
                       Let <var>padded-plaintext</var> be the result of adding padding octets to
-                      <var>ciphertext</var> according to the procedure defined in Section 6.1.1 of
-                      RFC 2898 [<a href="#RFC2898">RFC2898</a>], step 4.
+                      <var>ciphertext</var> according to the procedure defined in Section 10.3
+                      of RFC 2315 [<a href="#RFC2315">RFC2315</a>], step 2, with a value of
+                      <var>k</var> of 16.
                     </p>
                   </li>
                   <li>
@@ -6024,7 +6024,7 @@
                   </li>
                   <li>
                     <p>
-                      If <var>p</var> is zero or greater than 8, or if any of the last <var>p</var>
+                      If <var>p</var> is zero or greater than 16, or if any of the last <var>p</var>
                       octets of <var>padded-plaintext</var> have a value which is not <var>p</var>,
                       terminate this algorithm with an error.
                     </p>
--- a/spec/Overview.html	Thu Feb 27 18:05:12 2014 -0800
+++ b/spec/Overview.html	Fri Feb 28 09:00:20 2014 -0800
@@ -28,7 +28,7 @@
   <link rel="stylesheet" href="//www.w3.org/StyleSheets/TR/W3C-ED" type="text/css" /></head>
 
   <body>
-    <div class="head"><div><a href="http://www.w3.org/"><img src="//www.w3.org/Icons/w3c_home" width="72" height="48" alt="W3C" /></a></div><h1>Web Cryptography API</h1><h2>W3C Editor’s Draft <em>27 February 2014</em></h2><dl><dt>Latest Editor’s Draft:</dt><dd><a href="http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html">http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html</a></dd><dt>Latest Published Version:</dt><dd><a href="http://www.w3.org/TR/WebCryptoAPI/">http://www.w3.org/TR/WebCryptoAPI/</a></dd><dt>Previous Version(s):</dt><dd><a href="https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html">https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html</a></dd><dt>Editors:</dt><dd><a href="http://www.google.com/">Ryan Sleevi</a>, Google, Inc. &lt;[email protected]&gt;</dd><dd><a href="http://www.netflix.com/">Mark Watson</a>, Netflix &lt;[email protected]&gt;</dd><dt>Participate:</dt><dd><p>Send feedback to <a href="mailto:[email protected]?subject=%5BWebCryptoAPI%5D">[email protected]</a> (<a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>), or <a href="https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document">file a bug</a> 
+    <div class="head"><div><a href="http://www.w3.org/"><img src="//www.w3.org/Icons/w3c_home" width="72" height="48" alt="W3C" /></a></div><h1>Web Cryptography API</h1><h2>W3C Editor’s Draft <em>28 February 2014</em></h2><dl><dt>Latest Editor’s Draft:</dt><dd><a href="http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html">http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html</a></dd><dt>Latest Published Version:</dt><dd><a href="http://www.w3.org/TR/WebCryptoAPI/">http://www.w3.org/TR/WebCryptoAPI/</a></dd><dt>Previous Version(s):</dt><dd><a href="https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html">https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html</a></dd><dt>Editors:</dt><dd><a href="http://www.google.com/">Ryan Sleevi</a>, Google, Inc. &lt;[email protected]&gt;</dd><dd><a href="http://www.netflix.com/">Mark Watson</a>, Netflix &lt;[email protected]&gt;</dd><dt>Participate:</dt><dd><p>Send feedback to <a href="mailto:[email protected]?subject=%5BWebCryptoAPI%5D">[email protected]</a> (<a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>), or <a href="https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document">file a bug</a> 
     (see <a href="https://www.w3.org/Bugs/Public/buglist.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document&amp;resolution=---">existing bugs</a>).</p></dd></dl><p class="copyright"><a href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a> &copy; view <a href="http://www.w3.org/"><abbr title="World Wide Web Consortium">W3C</abbr></a><sup>&reg;</sup> (<a href="http://www.csail.mit.edu/"><abbr title="Massachusetts Institute of Technology">MIT</abbr></a>, <a href="http://www.ercim.org/"><abbr title="European Research Consortium for Informatics and Mathematics">ERCIM</abbr></a>, <a href="http://www.keio.ac.jp/">Keio</a>), All Rights Reserved. W3C <a href="http://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>, <a href="http://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a> and <a href="http://www.w3.org/Consortium/Legal/copyright-documents">document use</a> rules apply.</p></div><hr />
 
     <div class="section">
@@ -56,7 +56,7 @@
         report can be found in the <a href="http://www.w3.org/TR/">W3C technical
           reports index</a> at http://www.w3.org/TR/.
       </em></p><p>
-        This document is the 27 February 2014 <b>Editor’s Draft</b> of the
+        This document is the 28 February 2014 <b>Editor’s Draft</b> of the
         <cite>Web Cryptography API</cite> specification.
       
       Please send comments about this document to
@@ -5877,9 +5877,8 @@
               When operating in CBC mode, messages that are not exact multiples
               of the AES block size (16 bytes) can be padded under a variety of
               padding schemes. In the Web Crypto API, the only padding mode that
-              is supported is that of PKCS#5 and PKCS#7, as described by
-              Section 6.1.1, p4 of RFC 2898 [<a href="#RFC2898">RFC2898</a>] and
-              Section 10.3, p2 of RFC 2315 [<a href="#RFC2315">RFC2315</a>].
+              is supported is that of PKCS#7, as described by
+              Section 10.3, step 2, of RFC 2315 [<a href="#RFC2315">RFC2315</a>].
             </p>
           </div>
           <div id="aes-cbc-registration" class="section">
@@ -5962,8 +5961,9 @@
                   <li>
                     <p>
                       Let <var>padded-plaintext</var> be the result of adding padding octets to
-                      <var>ciphertext</var> according to the procedure defined in Section 6.1.1 of
-                      RFC 2898 [<a href="#RFC2898">RFC2898</a>], step 4.
+                      <var>ciphertext</var> according to the procedure defined in Section 10.3
+                      of RFC 2315 [<a href="#RFC2315">RFC2315</a>], step 2, with a value of
+                      <var>k</var> of 16.
                     </p>
                   </li>
                   <li>
@@ -6017,7 +6017,7 @@
                   </li>
                   <li>
                     <p>
-                      If <var>p</var> is zero or greater than 8, or if any of the last <var>p</var>
+                      If <var>p</var> is zero or greater than 16, or if any of the last <var>p</var>
                       octets of <var>padded-plaintext</var> have a value which is not <var>p</var>,
                       terminate this algorithm with an error.
                     </p>