It looks like the plaintext is being padded so that its length is a multiple of ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ksbrooksjr on Dec 21, 2022 \| parent \| context \| favorite \| on: Show HN: Portable Secret – How I store my secrets ... It looks like the plaintext is being padded so that its length is a multiple of the block size [1]. I can't find any resources that say you need to pad a message before encrypting it with AES-GCM though. The official examples from MDN [2][3] don't pad the message before encrypting. The source code links to a wikipedia article that states that padding isn't necessary for counter mode, which the code is using (GCM is Galois Counter Mode)[4]. [1] https://github.com/mprimi/portable-secret/blob/6efdb4618216f... [2] https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypt... [3] https://github.com/mdn/dom-examples/blob/main/web-crypto/enc... [4] https://en.wikipedia.org/wiki/Padding_(cryptography)#PKCS#5_....

layer8 on Dec 21, 2022 [–]

GCM doesn’t require padding (the calculation implicitly pads internally), unless you want to hide the length of the plaintext, as the resulting ciphertext will have the same length.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact