In quite a few places, I see Java code that uses AES with PKCS#5 padding. I do not understand how this could possible work.
PKCS#5 padding is meant to be used with ciphers that have a block size of <= 8 bytes. The block size for AES is 16 bytes. Is all the code that is out there that uses AES with PKCS#5 wrong? Or does the framework internally use PKCS#7 instead? The frameworks in question would be Sun provide in Java, JCE and BouncyCastle.
The code is indeed using PKCS#7 instead. The reason that
"PKCS5Padding"
is specified is very likely due to compatibility with the older DES and 3DES ciphers. Note that PKCS#5 padding is exactly 8 bytes, not less. Bouncy Castle usually follows the Sun/Oracle providers for the sake of compatibilty, although you can also use the more correct"PKCS7Padding"
for the Bouncy Castle provider.More information on the crypto site (disclaimer: pointing to my own popular Q/A).