Botan  2.18.1
Crypto and TLS for C++11
Public Member Functions | List of all members
Botan::ANSI_X923_Padding Class Referencefinal

#include <mode_pad.h>

Inheritance diagram for Botan::ANSI_X923_Padding:
Botan::BlockCipherModePaddingMethod

Public Member Functions

void add_padding (secure_vector< uint8_t > &buffer, size_t final_block_bytes, size_t block_size) const override
 
std::string name () const override
 
size_t unpad (const uint8_t[], size_t) const override
 
bool valid_blocksize (size_t bs) const override
 

Detailed Description

ANSI X9.23 Padding

Definition at line 86 of file mode_pad.h.

Member Function Documentation

◆ add_padding()

void Botan::ANSI_X923_Padding::add_padding ( secure_vector< uint8_t > &  buffer,
size_t  final_block_bytes,
size_t  block_size 
) const
overridevirtual

Add padding bytes to buffer.

Parameters
bufferdata to pad
final_block_bytessize of the final block in bytes
block_sizesize of each block in bytes

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 116 of file mode_pad.cpp.

References BOTAN_DEBUG_ASSERT, Botan::CT::Mask< T >::is_gte(), Botan::CT::poison(), Botan::CT::Mask< T >::select(), and Botan::CT::unpoison().

119  {
120  /*
121  Padding format is
122  01
123  0002
124  000003
125  ...
126  */
127  BOTAN_DEBUG_ASSERT(last_byte_pos < BS);
128 
129  const uint8_t padding_len = static_cast<uint8_t>(BS - last_byte_pos);
130 
131  buffer.resize(buffer.size() + padding_len);
132 
133  CT::poison(&last_byte_pos, 1);
134  CT::poison(buffer.data(), buffer.size());
135 
136  BOTAN_DEBUG_ASSERT(buffer.size() % BS == 0);
137  BOTAN_DEBUG_ASSERT(buffer.size() >= BS);
138 
139  const size_t start_of_last_block = buffer.size() - BS;
140  const size_t end_of_zero_padding = buffer.size() - 1;
141  const size_t start_of_padding = buffer.size() - padding_len;
142 
143  for(size_t i = start_of_last_block; i != end_of_zero_padding; ++i)
144  {
145  auto needs_padding = CT::Mask<uint8_t>(CT::Mask<size_t>::is_gte(i, start_of_padding));
146  buffer[i] = needs_padding.select(0, buffer[i]);
147  }
148 
149  buffer[buffer.size()-1] = padding_len;
150  CT::unpoison(buffer.data(), buffer.size());
151  CT::unpoison(last_byte_pos);
152  }
static Mask< T > is_gte(T x, T y)
Definition: ct_utils.h:181
void poison(const T *p, size_t n)
Definition: ct_utils.h:48
#define BOTAN_DEBUG_ASSERT(expr)
Definition: assert.h:123
void unpoison(const T *p, size_t n)
Definition: ct_utils.h:59

◆ name()

std::string Botan::ANSI_X923_Padding::name ( ) const
inlineoverridevirtual
Returns
name of the mode

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 97 of file mode_pad.h.

97 { return "X9.23"; }

◆ unpad()

size_t Botan::ANSI_X923_Padding::unpad ( const uint8_t  block[],
size_t  len 
) const
overridevirtual

Remove padding bytes from block

Parameters
blockthe last block
lenthe size of the block in bytes
Returns
number of data bytes, or if the padding is invalid returns len

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 157 of file mode_pad.cpp.

References Botan::CT::Mask< T >::expand(), Botan::CT::Mask< T >::is_gt(), Botan::CT::Mask< T >::is_gte(), Botan::CT::poison(), Botan::CT::unpoison(), and valid_blocksize().

158  {
159  if(!valid_blocksize(input_length))
160  return input_length;
161 
162  CT::poison(input, input_length);
163 
164  const size_t last_byte = input[input_length-1];
165 
166  auto bad_input = CT::Mask<size_t>::is_gt(last_byte, input_length);
167 
168  const size_t pad_pos = input_length - last_byte;
169 
170  for(size_t i = 0; i != input_length - 1; ++i)
171  {
172  // Ignore values that are not part of the padding
173  const auto in_range = CT::Mask<size_t>::is_gte(i, pad_pos);
174  const auto pad_is_nonzero = CT::Mask<size_t>::expand(input[i]);
175  bad_input |= pad_is_nonzero & in_range;
176  }
177 
178  CT::unpoison(input, input_length);
179 
180  return bad_input.select_and_unpoison(input_length, pad_pos);
181  }
bool valid_blocksize(size_t bs) const override
Definition: mode_pad.h:95
static Mask< T > is_gte(T x, T y)
Definition: ct_utils.h:181
void poison(const T *p, size_t n)
Definition: ct_utils.h:48
static Mask< T > expand(T v)
Definition: ct_utils.h:123
void unpoison(const T *p, size_t n)
Definition: ct_utils.h:59
static Mask< T > is_gt(T x, T y)
Definition: ct_utils.h:165

◆ valid_blocksize()

bool Botan::ANSI_X923_Padding::valid_blocksize ( size_t  block_size) const
inlineoverridevirtual
Parameters
block_sizeof the cipher
Returns
valid block size for this padding mode

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 95 of file mode_pad.h.

Referenced by unpad().

95 { return (bs > 2 && bs < 256); }

The documentation for this class was generated from the following files: