Hello, while looking at ISO10126Padding I noticed a few minor optimizations are possible:
http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/8u40-b25/com/sun/crypto/provider/ISO10126Padding.java?av=f unpad() - there is already a int cast done to this value: 104 int start = off + len - ((int)lastByte & 0x0ff); can be changed into "int start = off + len - padValue;" padWithLen() - we can request one byte less from PRNG and copy one less: 71 byte[] padding = new byte[len]; 72 SunJCE.getRandom().nextBytes(padding); 73 padding[len-1] = paddingOctet; 74 System.arraycopy(padding, 0, in, off, len); byte[] padding = new byte[len-1]; SunJCE.getRandom().nextBytes(padding); System.arraycopy(padding, 0, in, off, len-1); in[off+len-1] = paddingOctet; BTW: the JCA Standards Names documentation refer to W3C XML Encryption Standard 5.2 which does not mandate or suggest to use random padding. It allows any value. So a possible optimization would be to not use random bytes. If you think random bytes (and therefore non deterministic padding) is a desireable property I would suggest to actually document it in the SunJCE documentation. "This implements padding as defined by the JCA Standard Names using random padding bytes. Greetings Bernd
