Botan 3.0.0
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | List of all members
Botan::ANSI_X923_Padding Class Referencefinal

#include <mode_pad.h>

Inheritance diagram for Botan::ANSI_X923_Padding:
Botan::BlockCipherModePaddingMethod

Public Member Functions

void add_padding (secure_vector< uint8_t > &buffer, size_t final_block_bytes, size_t block_size) const override
 
std::string name () const override
 
size_t unpad (const uint8_t[], size_t) const override
 
bool valid_blocksize (size_t bs) const override
 

Static Public Member Functions

static std::unique_ptr< BlockCipherModePaddingMethodcreate (std::string_view algo_spec)
 

Detailed Description

ANSI X9.23 Padding

Definition at line 90 of file mode_pad.h.

Member Function Documentation

◆ add_padding()

void Botan::ANSI_X923_Padding::add_padding ( secure_vector< uint8_t > &  buffer,
size_t  final_block_bytes,
size_t  block_size 
) const
overridevirtual

Add padding bytes to buffer.

Parameters
bufferdata to pad
final_block_bytessize of the final block in bytes
block_sizesize of each block in bytes

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 117 of file mode_pad.cpp.

120 {
121 /*
122 Padding format is
123 01
124 0002
125 000003
126 ...
127 */
128 BOTAN_DEBUG_ASSERT(last_byte_pos < BS);
129
130 const uint8_t padding_len = static_cast<uint8_t>(BS - last_byte_pos);
131
132 buffer.resize(buffer.size() + padding_len);
133
134 CT::poison(&last_byte_pos, 1);
135 CT::poison(buffer.data(), buffer.size());
136
137 BOTAN_DEBUG_ASSERT(buffer.size() % BS == 0);
138 BOTAN_DEBUG_ASSERT(buffer.size() >= BS);
139
140 const size_t start_of_last_block = buffer.size() - BS;
141 const size_t end_of_zero_padding = buffer.size() - 1;
142 const size_t start_of_padding = buffer.size() - padding_len;
143
144 for(size_t i = start_of_last_block; i != end_of_zero_padding; ++i)
145 {
146 auto needs_padding = CT::Mask<uint8_t>(CT::Mask<size_t>::is_gte(i, start_of_padding));
147 buffer[i] = needs_padding.select(0, buffer[i]);
148 }
149
150 buffer[buffer.size()-1] = padding_len;
151 CT::unpoison(buffer.data(), buffer.size());
152 CT::unpoison(last_byte_pos);
153 }
#define BOTAN_DEBUG_ASSERT(expr)
Definition: assert.h:122
static Mask< T > is_gte(T x, T y)
Definition: ct_utils.h:179
void poison(const T *p, size_t n)
Definition: ct_utils.h:48
void unpoison(const T *p, size_t n)
Definition: ct_utils.h:58

References BOTAN_DEBUG_ASSERT, Botan::CT::poison(), and Botan::CT::unpoison().

◆ create()

std::unique_ptr< BlockCipherModePaddingMethod > Botan::BlockCipherModePaddingMethod::create ( std::string_view  algo_spec)
staticinherited

Get a block cipher padding mode by name (eg "NoPadding" or "PKCS7")

Parameters
algo_specblock cipher padding mode name

Get a block cipher padding method by name

Definition at line 19 of file mode_pad.cpp.

20 {
21 if(algo_spec == "NoPadding")
22 return std::make_unique<Null_Padding>();
23
24 if(algo_spec == "PKCS7")
25 return std::make_unique<PKCS7_Padding>();
26
27 if(algo_spec == "OneAndZeros")
28 return std::make_unique<OneAndZeros_Padding>();
29
30 if(algo_spec == "X9.23")
31 return std::make_unique<ANSI_X923_Padding>();
32
33 if(algo_spec == "ESP")
34 return std::make_unique<ESP_Padding>();
35
36 return nullptr;
37 }

Referenced by Botan::Cipher_Mode::create().

◆ name()

std::string Botan::ANSI_X923_Padding::name ( ) const
inlineoverridevirtual
Returns
name of the mode

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 101 of file mode_pad.h.

101{ return "X9.23"; }

◆ unpad()

size_t Botan::ANSI_X923_Padding::unpad ( const uint8_t  block[],
size_t  len 
) const
overridevirtual

Remove padding bytes from block

Parameters
blockthe last block
lenthe size of the block in bytes
Returns
number of data bytes, or if the padding is invalid returns len

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 158 of file mode_pad.cpp.

159 {
160 if(!valid_blocksize(input_length))
161 return input_length;
162
163 CT::poison(input, input_length);
164
165 const size_t last_byte = input[input_length-1];
166
167 auto bad_input = CT::Mask<size_t>::is_gt(last_byte, input_length);
168
169 const size_t pad_pos = input_length - last_byte;
170
171 for(size_t i = 0; i != input_length - 1; ++i)
172 {
173 // Ignore values that are not part of the padding
174 const auto in_range = CT::Mask<size_t>::is_gte(i, pad_pos);
175 const auto pad_is_nonzero = CT::Mask<size_t>::expand(input[i]);
176 bad_input |= pad_is_nonzero & in_range;
177 }
178
179 CT::unpoison(input, input_length);
180
181 return bad_input.select_and_unpoison(input_length, pad_pos);
182 }
bool valid_blocksize(size_t bs) const override
Definition: mode_pad.h:99
static Mask< T > is_gt(T x, T y)
Definition: ct_utils.h:163
static Mask< T > expand(T v)
Definition: ct_utils.h:121

References Botan::CT::Mask< T >::expand(), Botan::CT::Mask< T >::is_gt(), Botan::CT::Mask< T >::is_gte(), Botan::CT::poison(), Botan::CT::unpoison(), and valid_blocksize().

◆ valid_blocksize()

bool Botan::ANSI_X923_Padding::valid_blocksize ( size_t  block_size) const
inlineoverridevirtual
Parameters
block_sizeof the cipher
Returns
valid block size for this padding mode

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 99 of file mode_pad.h.

99{ return (bs > 2 && bs < 256); }

Referenced by unpad().


The documentation for this class was generated from the following files: