Botan 3.5.0
Crypto and TLS for C&
Botan::OneAndZeros_Padding Class Referencefinal

#include <mode_pad.h>

Inheritance diagram for Botan::OneAndZeros_Padding:
Botan::BlockCipherModePaddingMethod

Public Member Functions

void add_padding (secure_vector< uint8_t > &buffer, size_t final_block_bytes, size_t block_size) const override
 
std::string name () const override
 
size_t unpad (const uint8_t[], size_t) const override
 
bool valid_blocksize (size_t bs) const override
 

Static Public Member Functions

static std::unique_ptr< BlockCipherModePaddingMethodcreate (std::string_view algo_spec)
 

Detailed Description

One And Zeros Padding (ISO/IEC 9797-1, padding method 2)

Definition at line 98 of file mode_pad.h.

Member Function Documentation

◆ add_padding()

void Botan::OneAndZeros_Padding::add_padding ( secure_vector< uint8_t > & buffer,
size_t final_block_bytes,
size_t block_size ) const
overridevirtual

Add padding bytes to buffer.

Parameters
bufferdata to pad
final_block_bytessize of the final block in bytes
block_sizesize of each block in bytes

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 181 of file mode_pad.cpp.

181 {
182 /*
183 Padding format is
184 80
185 8000
186 800000
187 ...
188 */
189
190 BOTAN_DEBUG_ASSERT(last_byte_pos < BS);
191
192 const uint8_t padding_len = static_cast<uint8_t>(BS - last_byte_pos);
193
194 buffer.resize(buffer.size() + padding_len);
195
196 CT::poison(&last_byte_pos, 1);
197 CT::poison(buffer.data(), buffer.size());
198
199 BOTAN_DEBUG_ASSERT(buffer.size() % BS == 0);
200 BOTAN_DEBUG_ASSERT(buffer.size() >= BS);
201
202 const size_t start_of_last_block = buffer.size() - BS;
203 const size_t end_of_last_block = buffer.size();
204 const size_t start_of_padding = buffer.size() - padding_len;
205
206 for(size_t i = start_of_last_block; i != end_of_last_block; ++i) {
207 auto needs_80 = CT::Mask<uint8_t>(CT::Mask<size_t>::is_equal(i, start_of_padding));
208 auto needs_00 = CT::Mask<uint8_t>(CT::Mask<size_t>::is_gt(i, start_of_padding));
209 buffer[i] = needs_00.select(0x00, needs_80.select(0x80, buffer[i]));
210 }
211
212 CT::unpoison(buffer.data(), buffer.size());
213 CT::unpoison(last_byte_pos);
214}
#define BOTAN_DEBUG_ASSERT(expr)
Definition assert.h:98
static constexpr Mask< T > is_equal(T x, T y)
Definition ct_utils.h:250
static constexpr Mask< T > is_gt(T x, T y)
Definition ct_utils.h:266
constexpr void unpoison(const T *p, size_t n)
Definition ct_utils.h:57
constexpr void poison(const T *p, size_t n)
Definition ct_utils.h:46

References BOTAN_DEBUG_ASSERT, Botan::CT::poison(), and Botan::CT::unpoison().

◆ create()

std::unique_ptr< BlockCipherModePaddingMethod > Botan::BlockCipherModePaddingMethod::create ( std::string_view algo_spec)
staticinherited

Get a block cipher padding mode by name (eg "NoPadding" or "PKCS7")

Parameters
algo_specblock cipher padding mode name

Get a block cipher padding method by name

Definition at line 19 of file mode_pad.cpp.

19 {
20 if(algo_spec == "NoPadding") {
21 return std::make_unique<Null_Padding>();
22 }
23
24 if(algo_spec == "PKCS7") {
25 return std::make_unique<PKCS7_Padding>();
26 }
27
28 if(algo_spec == "OneAndZeros") {
29 return std::make_unique<OneAndZeros_Padding>();
30 }
31
32 if(algo_spec == "X9.23") {
33 return std::make_unique<ANSI_X923_Padding>();
34 }
35
36 if(algo_spec == "ESP") {
37 return std::make_unique<ESP_Padding>();
38 }
39
40 return nullptr;
41}

Referenced by Botan::Cipher_Mode::create().

◆ name()

std::string Botan::OneAndZeros_Padding::name ( ) const
inlineoverridevirtual
Returns
name of the mode

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 106 of file mode_pad.h.

106{ return "OneAndZeros"; }

◆ unpad()

size_t Botan::OneAndZeros_Padding::unpad ( const uint8_t block[],
size_t len ) const
overridevirtual

Remove padding bytes from block

Parameters
blockthe last block
lenthe size of the block in bytes
Returns
number of data bytes, or if the padding is invalid returns len

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 219 of file mode_pad.cpp.

219 {
220 if(!valid_blocksize(input_length)) {
221 return input_length;
222 }
223
224 CT::poison(input, input_length);
225
226 auto bad_input = CT::Mask<uint8_t>::cleared();
227 auto seen_0x80 = CT::Mask<uint8_t>::cleared();
228
229 size_t pad_pos = input_length - 1;
230 size_t i = input_length;
231
232 while(i) {
233 const auto is_0x80 = CT::Mask<uint8_t>::is_equal(input[i - 1], 0x80);
234 const auto is_zero = CT::Mask<uint8_t>::is_zero(input[i - 1]);
235
236 seen_0x80 |= is_0x80;
237 pad_pos -= seen_0x80.if_not_set_return(1);
238 bad_input |= ~seen_0x80 & ~is_zero;
239 i--;
240 }
241 bad_input |= ~seen_0x80;
242
243 CT::unpoison(input, input_length);
244
245 return CT::Mask<size_t>::expand(bad_input).select_and_unpoison(input_length, pad_pos);
246}
static constexpr Mask< T > expand(T v)
Definition ct_utils.h:213
static constexpr Mask< T > is_zero(T x)
Definition ct_utils.h:245
static constexpr Mask< T > cleared()
Definition ct_utils.h:208
bool valid_blocksize(size_t bs) const override
Definition mode_pad.h:104

References Botan::CT::Mask< T >::cleared(), Botan::CT::Mask< T >::expand(), Botan::CT::Mask< T >::is_equal(), Botan::CT::Mask< T >::is_zero(), Botan::CT::poison(), Botan::CT::unpoison(), and valid_blocksize().

◆ valid_blocksize()

bool Botan::OneAndZeros_Padding::valid_blocksize ( size_t block_size) const
inlineoverridevirtual
Parameters
block_sizeof the cipher
Returns
valid block size for this padding mode

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 104 of file mode_pad.h.

104{ return (bs > 2); }

Referenced by unpad().


The documentation for this class was generated from the following files: