Botan 3.8.1
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | List of all members
Botan::PKCS7_Padding Class Referencefinal

#include <mode_pad.h>

Inheritance diagram for Botan::PKCS7_Padding:
Botan::BlockCipherModePaddingMethod

Public Member Functions

void add_padding (secure_vector< uint8_t > &buffer, size_t final_block_bytes, size_t block_size) const override
 
std::string name () const override
 
size_t unpad (const uint8_t[], size_t) const override
 
bool valid_blocksize (size_t bs) const override
 

Static Public Member Functions

static std::unique_ptr< BlockCipherModePaddingMethodcreate (std::string_view algo_spec)
 

Detailed Description

PKCS#7 Padding

Definition at line 71 of file mode_pad.h.

Member Function Documentation

◆ add_padding()

void Botan::PKCS7_Padding::add_padding ( secure_vector< uint8_t > & buffer,
size_t final_block_bytes,
size_t block_size ) const
overridevirtual

Add padding bytes to buffer.

Parameters
bufferdata to pad
final_block_bytessize of the final block in bytes
block_sizesize of each block in bytes

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 46 of file mode_pad.cpp.

46 {
47 /*
48 Padding format is
49 01
50 0202
51 030303
52 ...
53 */
54 BOTAN_DEBUG_ASSERT(last_byte_pos < BS);
55
56 const uint8_t padding_len = static_cast<uint8_t>(BS - last_byte_pos);
57
58 buffer.resize(buffer.size() + padding_len);
59
60 CT::poison(&last_byte_pos, 1);
61 CT::poison(buffer.data(), buffer.size());
62
63 BOTAN_DEBUG_ASSERT(buffer.size() % BS == 0);
64 BOTAN_DEBUG_ASSERT(buffer.size() >= BS);
65
66 const size_t start_of_last_block = buffer.size() - BS;
67 const size_t end_of_last_block = buffer.size();
68 const size_t start_of_padding = buffer.size() - padding_len;
69
70 for(size_t i = start_of_last_block; i != end_of_last_block; ++i) {
71 auto needs_padding = CT::Mask<uint8_t>(CT::Mask<size_t>::is_gte(i, start_of_padding));
72 buffer[i] = needs_padding.select(padding_len, buffer[i]);
73 }
74
75 CT::unpoison(buffer.data(), buffer.size());
76 CT::unpoison(last_byte_pos);
77}
BOTAN_DEBUG_ASSERT
#define BOTAN_DEBUG_ASSERT(expr)
Definition assert.h:100
Botan::CT::Mask::is_gte
static constexpr Mask< T > is_gte(T x, T y)
Definition ct_utils.h:480
Botan::CT::unpoison
constexpr void unpoison(const T *p, size_t n)
Definition ct_utils.h:65
Botan::CT::poison
constexpr void poison(const T *p, size_t n)
Definition ct_utils.h:54

References BOTAN_DEBUG_ASSERT, Botan::CT::Mask< T >::is_gte(), Botan::CT::poison(), and Botan::CT::unpoison().

◆ create()

std::unique_ptr< BlockCipherModePaddingMethod > Botan::BlockCipherModePaddingMethod::create ( std::string_view algo_spec)
staticinherited

Get a block cipher padding mode by name (eg "NoPadding" or "PKCS7")

Parameters
algo_specblock cipher padding mode name

Get a block cipher padding method by name

Definition at line 19 of file mode_pad.cpp.

19 {
20 if(algo_spec == "NoPadding") {
21 return std::make_unique<Null_Padding>();
22 }
23
24 if(algo_spec == "PKCS7") {
25 return std::make_unique<PKCS7_Padding>();
26 }
27
28 if(algo_spec == "OneAndZeros") {
29 return std::make_unique<OneAndZeros_Padding>();
30 }
31
32 if(algo_spec == "X9.23") {
33 return std::make_unique<ANSI_X923_Padding>();
34 }
35
36 if(algo_spec == "ESP") {
37 return std::make_unique<ESP_Padding>();
38 }
39
40 return nullptr;
41}

Referenced by Botan::Cipher_Mode::create().

◆ name()

std::string Botan::PKCS7_Padding::name ( ) const
inlineoverridevirtual
Returns
name of the mode

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 79 of file mode_pad.h.

79{ return "PKCS7"; }

◆ unpad()

size_t Botan::PKCS7_Padding::unpad ( const uint8_t block[],
size_t len ) const
overridevirtual

Remove padding bytes from block

Parameters
blockthe last block
lenthe size of the block in bytes
Returns
number of data bytes, or if the padding is invalid returns len

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 82 of file mode_pad.cpp.

82 {
83 if(!valid_blocksize(input_length)) {
84 return input_length;
85 }
86
87 CT::poison(input, input_length);
88
89 const uint8_t last_byte = input[input_length - 1];
90
91 /*
92 The input should == the block size so if the last byte exceeds
93 that then the padding is certainly invalid
94 */
95 auto bad_input = CT::Mask<size_t>::is_gt(last_byte, input_length);
96
97 const size_t pad_pos = input_length - last_byte;
98
99 for(size_t i = 0; i != input_length - 1; ++i) {
100 // Does this byte equal the expected pad byte?
101 const auto pad_eq = CT::Mask<size_t>::is_equal(input[i], last_byte);
102
103 // Ignore values that are not part of the padding
104 const auto in_range = CT::Mask<size_t>::is_gte(i, pad_pos);
105 bad_input |= in_range & (~pad_eq);
106 }
107
108 CT::unpoison(input, input_length);
109
110 return bad_input.select_and_unpoison(input_length, pad_pos);
111}
Botan::CT::Mask::is_equal
static constexpr Mask< T > is_equal(T x, T y)
Definition ct_utils.h:454
Botan::CT::Mask::is_gt
static constexpr Mask< T > is_gt(T x, T y)
Definition ct_utils.h:470
Botan::PKCS7_Padding::valid_blocksize
bool valid_blocksize(size_t bs) const override
Definition mode_pad.h:77

References Botan::CT::Mask< T >::is_equal(), Botan::CT::Mask< T >::is_gt(), Botan::CT::Mask< T >::is_gte(), Botan::CT::poison(), Botan::CT::unpoison(), and valid_blocksize().

◆ valid_blocksize()

bool Botan::PKCS7_Padding::valid_blocksize ( size_t block_size) const
inlineoverridevirtual
Parameters
block_sizeof the cipher
Returns
valid block size for this padding mode

Implements Botan::BlockCipherModePaddingMethod.

Definition at line 77 of file mode_pad.h.

77{ return (bs > 2 && bs < 256); }

Referenced by unpad().

The documentation for this class was generated from the following files:
Generated by doxygen 1.13.2