Botan 3.0.0
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | List of all members
Botan::OneAndZeros_Padding Class Referencefinal

#include <mode_pad.h>

Inheritance diagram for Botan::OneAndZeros_Padding:
Botan::BlockCipherModePaddingMethod

Public Member Functions

void add_padding (secure_vector< uint8_t > &buffer, size_t final_block_bytes, size_t block_size) const override
 
std::string name () const override
 
size_t unpad (const uint8_t[], size_t) const override
 
bool valid_blocksize (size_t bs) const override
 

Static Public Member Functions

static std::unique_ptr< BlockCipherModePaddingMethodcreate (std::string_view algo_spec)
 

Detailed Description

One And Zeros Padding (ISO/IEC 9797-1, padding method 2)

Definition at line 107 of file mode_pad.h.

Member Function Documentation

◆ add_padding()

void Botan::OneAndZeros_Padding::add_padding ( secure_vector< uint8_t > &  buffer,
size_t  final_block_bytes,
size_t  block_size 
) const
overridevirtual

Add padding bytes to buffer.

Parameters
bufferdata to pad
final_block_bytessize of the final block in bytes
block_sizesize of each block in bytes

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 187 of file mode_pad.cpp.

190 {
191 /*
192 Padding format is
193 80
194 8000
195 800000
196 ...
197 */
198
199 BOTAN_DEBUG_ASSERT(last_byte_pos < BS);
200
201 const uint8_t padding_len = static_cast<uint8_t>(BS - last_byte_pos);
202
203 buffer.resize(buffer.size() + padding_len);
204
205 CT::poison(&last_byte_pos, 1);
206 CT::poison(buffer.data(), buffer.size());
207
208 BOTAN_DEBUG_ASSERT(buffer.size() % BS == 0);
209 BOTAN_DEBUG_ASSERT(buffer.size() >= BS);
210
211 const size_t start_of_last_block = buffer.size() - BS;
212 const size_t end_of_last_block = buffer.size();
213 const size_t start_of_padding = buffer.size() - padding_len;
214
215 for(size_t i = start_of_last_block; i != end_of_last_block; ++i)
216 {
217 auto needs_80 = CT::Mask<uint8_t>(CT::Mask<size_t>::is_equal(i, start_of_padding));
218 auto needs_00 = CT::Mask<uint8_t>(CT::Mask<size_t>::is_gt(i, start_of_padding));
219 buffer[i] = needs_00.select(0x00, needs_80.select(0x80, buffer[i]));
220 }
221
222 CT::unpoison(buffer.data(), buffer.size());
223 CT::unpoison(last_byte_pos);
224 }
BOTAN_DEBUG_ASSERT
#define BOTAN_DEBUG_ASSERT(expr)
Definition: assert.h:122
Botan::CT::Mask::is_gt
static Mask< T > is_gt(T x, T y)
Definition: ct_utils.h:163
Botan::CT::Mask::is_equal
static Mask< T > is_equal(T x, T y)
Definition: ct_utils.h:147
Botan::CT::poison
void poison(const T *p, size_t n)
Definition: ct_utils.h:48
Botan::CT::unpoison
void unpoison(const T *p, size_t n)
Definition: ct_utils.h:58

References BOTAN_DEBUG_ASSERT, Botan::CT::poison(), and Botan::CT::unpoison().

◆ create()

std::unique_ptr< BlockCipherModePaddingMethod > Botan::BlockCipherModePaddingMethod::create ( std::string_view  algo_spec)
staticinherited

Get a block cipher padding mode by name (eg "NoPadding" or "PKCS7")

Parameters
algo_specblock cipher padding mode name

Get a block cipher padding method by name

Definition at line 19 of file mode_pad.cpp.

20 {
21 if(algo_spec == "NoPadding")
22 return std::make_unique<Null_Padding>();
23
24 if(algo_spec == "PKCS7")
25 return std::make_unique<PKCS7_Padding>();
26
27 if(algo_spec == "OneAndZeros")
28 return std::make_unique<OneAndZeros_Padding>();
29
30 if(algo_spec == "X9.23")
31 return std::make_unique<ANSI_X923_Padding>();
32
33 if(algo_spec == "ESP")
34 return std::make_unique<ESP_Padding>();
35
36 return nullptr;
37 }

Referenced by Botan::Cipher_Mode::create().

◆ name()

std::string Botan::OneAndZeros_Padding::name ( ) const
inlineoverridevirtual
Returns
name of the mode

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 118 of file mode_pad.h.

118{ return "OneAndZeros"; }

◆ unpad()

size_t Botan::OneAndZeros_Padding::unpad ( const uint8_t  block[],
size_t  len 
) const
overridevirtual

Remove padding bytes from block

Parameters
blockthe last block
lenthe size of the block in bytes
Returns
number of data bytes, or if the padding is invalid returns len

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 229 of file mode_pad.cpp.

230 {
231 if(!valid_blocksize(input_length))
232 return input_length;
233
234 CT::poison(input, input_length);
235
236 auto bad_input = CT::Mask<uint8_t>::cleared();
237 auto seen_0x80 = CT::Mask<uint8_t>::cleared();
238
239 size_t pad_pos = input_length - 1;
240 size_t i = input_length;
241
242 while(i)
243 {
244 const auto is_0x80 = CT::Mask<uint8_t>::is_equal(input[i-1], 0x80);
245 const auto is_zero = CT::Mask<uint8_t>::is_zero(input[i-1]);
246
247 seen_0x80 |= is_0x80;
248 pad_pos -= seen_0x80.if_not_set_return(1);
249 bad_input |= ~seen_0x80 & ~is_zero;
250 i--;
251 }
252 bad_input |= ~seen_0x80;
253
254 CT::unpoison(input, input_length);
255
256 return CT::Mask<size_t>::expand(bad_input).select_and_unpoison(input_length, pad_pos);
257 }
Botan::CT::Mask::is_zero
static Mask< T > is_zero(T x)
Definition: ct_utils.h:139
Botan::CT::Mask::expand
static Mask< T > expand(T v)
Definition: ct_utils.h:121
Botan::CT::Mask::cleared
static Mask< T > cleared()
Definition: ct_utils.h:113
Botan::OneAndZeros_Padding::valid_blocksize
bool valid_blocksize(size_t bs) const override
Definition: mode_pad.h:116

References Botan::CT::Mask< T >::cleared(), Botan::CT::Mask< T >::expand(), Botan::CT::Mask< T >::is_equal(), Botan::CT::Mask< T >::is_zero(), Botan::CT::poison(), Botan::CT::unpoison(), and valid_blocksize().

◆ valid_blocksize()

bool Botan::OneAndZeros_Padding::valid_blocksize ( size_t  block_size) const
inlineoverridevirtual
Parameters
block_sizeof the cipher
Returns
valid block size for this padding mode

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 116 of file mode_pad.h.

116{ return (bs > 2); }

Referenced by unpad().

The documentation for this class was generated from the following files:
Generated by doxygen 1.9.6