doxygen/mode__pad_8h_source.html

/*

* CBC Padding Methods

* (C) 1999-2008,2013 Jack Lloyd

* (C) 2016 René Korthaus, Rohde & Schwarz Cybersecurity

* (C) 2025 René Meusel, Rohde & Schwarz Cybersecurity

*

* Botan is released under the Simplified BSD License (see license.txt)

*/


#ifndef BOTAN_MODE_PADDING_H_

#define BOTAN_MODE_PADDING_H_


#include <botan/assert.h>

#include <botan/secmem.h>

#include <memory>

#include <span>

#include <string>


namespace Botan {


/**

* Block Cipher Mode Padding Method

* This class is pretty limited, it cannot deal well with

* randomized padding methods, or any padding method that

* wants to add more than one block. For instance, it should

* be possible to define cipher text stealing mode as simply

* a padding mode for CBC, which happens to consume the last

* two block (and requires use of the block cipher).

*/


class BOTAN_TEST_API BlockCipherModePaddingMethod /* NOLINT(*-special-member-functions) */ {

   public:

      /**

      * Get a block cipher padding mode by name (eg "NoPadding" or "PKCS7")

      * @param algo_spec block cipher padding mode name

      */

      static std::unique_ptr<BlockCipherModePaddingMethod> create(std::string_view algo_spec);


      /**

      * Add padding bytes to buffer.

      * @param buffer data to pad, span must be large enough to hold the padding

      *               behind the final (partial) block

      * @param final_block_bytes size of the final block in bytes

      * @param block_size size of each block in bytes

      */

      virtual void add_padding(std::span<uint8_t> buffer, size_t final_block_bytes, size_t block_size) const;


      /**

      * Remove padding bytes from block

      * @param last_block the last block containing the padding

      * @return number of data bytes, or if the padding is invalid returns the

      *         byte length of @p last_block (i.e. the block size)

      */

      size_t unpad(std::span<const uint8_t> last_block) const;


      /**

      * @param block_size of the cipher

      * @return valid block size for this padding mode

      */

      virtual bool valid_blocksize(size_t block_size) const = 0;


      /**

      * @param input_length number of bytes to be padded

      * @param block_size   size of each block in bytes

      * @return the total number of output bytes (including the padding)

      */


      virtual size_t output_length(size_t input_length, size_t block_size) const {

         return ((input_length + block_size) / block_size) * block_size;

      }


      /**

      * @return name of the mode

      */

      virtual std::string name() const = 0;


      /**

      * virtual destructor

      */

      virtual ~BlockCipherModePaddingMethod() = default;


   protected:

      /**

      * Applies the concrete padding to the @p last_block assuming the padding

      * bytes should start at @p padding_start_pos within the last block.

      *

      * Concrete implementations of this function must ensure not to leak

      * @p padding_start_pos via side channels. Both the bytes of @p last_block

      * and @p padding_start_pos are passed in with CT::poison applied.

      */

      virtual void apply_padding(std::span<uint8_t> last_block, size_t padding_start_pos) const = 0;


      /**

      * Removes the padding from @p last_block and returns the number of data

      * bytes. If the padding is invalid, this returns the byte length of

      * @p last_block.

      *

      * Concrete implementations of this function must ensure not to leak

      * the size or validity of the padding via side channels. The bytes of

      * @p last_block are passed in with CT::poison applied to them.

      */

      virtual size_t remove_padding(std::span<const uint8_t> last_block) const = 0;

};


/**

* PKCS#7 Padding

*/


class BOTAN_FUZZER_API PKCS7_Padding final : public BlockCipherModePaddingMethod {

   public:

      void apply_padding(std::span<uint8_t> last_block, size_t final_block_bytes) const override;


      size_t remove_padding(std::span<const uint8_t> last_block) const override;


      bool valid_blocksize(size_t bs) const override { return (bs > 2 && bs < 256); }


      std::string name() const override { return "PKCS7"; }

};


/**

* ANSI X9.23 Padding

*/


class BOTAN_FUZZER_API ANSI_X923_Padding final : public BlockCipherModePaddingMethod {

   public:

      void apply_padding(std::span<uint8_t> last_block, size_t final_block_bytes) const override;


      size_t remove_padding(std::span<const uint8_t> last_block) const override;


      bool valid_blocksize(size_t bs) const override { return (bs > 2 && bs < 256); }


      std::string name() const override { return "X9.23"; }

};


/**

* One And Zeros Padding (ISO/IEC 9797-1, padding method 2)

*/


class BOTAN_FUZZER_API OneAndZeros_Padding final : public BlockCipherModePaddingMethod {

   public:

      void apply_padding(std::span<uint8_t> last_block, size_t final_block_bytes) const override;


      size_t remove_padding(std::span<const uint8_t> last_block) const override;


      bool valid_blocksize(size_t bs) const override { return (bs > 2); }


      std::string name() const override { return "OneAndZeros"; }

};


/**

* ESP Padding (RFC 4303)

*/


class BOTAN_FUZZER_API ESP_Padding final : public BlockCipherModePaddingMethod {

   public:

      void apply_padding(std::span<uint8_t> last_block, size_t final_block_bytes) const override;


      size_t remove_padding(std::span<const uint8_t> last_block) const override;


      bool valid_blocksize(size_t bs) const override { return (bs > 2 && bs < 256); }


      std::string name() const override { return "ESP"; }

};


/**

* Null Padding

*/


class Null_Padding final : public BlockCipherModePaddingMethod {

   public:


      void add_padding(std::span<uint8_t> /*buffer*/,

                       size_t /*final_block_bytes*/,

                       size_t /*block_size*/) const override {

         // no padding

      }


      size_t remove_padding(std::span<const uint8_t> last_block) const override { return last_block.size(); }


      bool valid_blocksize(size_t /*block_size*/) const override { return true; }


      size_t output_length(size_t input_length, size_t /*block_size*/) const override { return input_length; }


      std::string name() const override { return "NoPadding"; }


   private:

      void apply_padding(std::span<uint8_t> /*last_block*/, size_t /*padding_start_pos*/) const override {

         // This class overrides add_padding() as a NOOP, so this customization

         // point can never be called by anyone.

         BOTAN_ASSERT_UNREACHABLE();

      }

};


}  // namespace Botan


#endif

BOTAN_FUZZER_API
#define BOTAN_FUZZER_API
Definition api.h:65

BOTAN_TEST_API
#define BOTAN_TEST_API
Definition api.h:41

BOTAN_ASSERT_UNREACHABLE
#define BOTAN_ASSERT_UNREACHABLE()
Definition assert.h:163

Botan::ANSI_X923_Padding
Definition mode_pad.h:120

Botan::ANSI_X923_Padding::remove_padding
size_t remove_padding(std::span< const uint8_t > last_block) const override
Definition mode_pad.cpp:135

Botan::ANSI_X923_Padding::apply_padding
void apply_padding(std::span< uint8_t > last_block, size_t final_block_bytes) const override
Definition mode_pad.cpp:113

Botan::ANSI_X923_Padding::name
std::string name() const override
Definition mode_pad.h:128

Botan::ANSI_X923_Padding::valid_blocksize
bool valid_blocksize(size_t bs) const override
Definition mode_pad.h:126

Botan::BlockCipherModePaddingMethod
Definition mode_pad.h:30

Botan::BlockCipherModePaddingMethod::name
virtual std::string name() const =0

Botan::BlockCipherModePaddingMethod::create
static std::unique_ptr< BlockCipherModePaddingMethod > create(std::string_view algo_spec)
Definition mode_pad.cpp:20

Botan::BlockCipherModePaddingMethod::remove_padding
virtual size_t remove_padding(std::span< const uint8_t > last_block) const =0

Botan::BlockCipherModePaddingMethod::valid_blocksize
virtual bool valid_blocksize(size_t block_size) const =0

Botan::BlockCipherModePaddingMethod::unpad
size_t unpad(std::span< const uint8_t > last_block) const
Definition mode_pad.cpp:54

Botan::BlockCipherModePaddingMethod::output_length
virtual size_t output_length(size_t input_length, size_t block_size) const
Definition mode_pad.h:66

Botan::BlockCipherModePaddingMethod::~BlockCipherModePaddingMethod
virtual ~BlockCipherModePaddingMethod()=default

Botan::BlockCipherModePaddingMethod::apply_padding
virtual void apply_padding(std::span< uint8_t > last_block, size_t padding_start_pos) const =0

Botan::BlockCipherModePaddingMethod::add_padding
virtual void add_padding(std::span< uint8_t > buffer, size_t final_block_bytes, size_t block_size) const
Definition mode_pad.cpp:44

Botan::ESP_Padding
Definition mode_pad.h:148

Botan::ESP_Padding::name
std::string name() const override
Definition mode_pad.h:156

Botan::ESP_Padding::valid_blocksize
bool valid_blocksize(size_t bs) const override
Definition mode_pad.h:154

Botan::ESP_Padding::remove_padding
size_t remove_padding(std::span< const uint8_t > last_block) const override
Definition mode_pad.cpp:219

Botan::ESP_Padding::apply_padding
void apply_padding(std::span< uint8_t > last_block, size_t final_block_bytes) const override
Definition mode_pad.cpp:197

Botan::Null_Padding
Definition mode_pad.h:162

Botan::Null_Padding::name
std::string name() const override
Definition mode_pad.h:176

Botan::Null_Padding::valid_blocksize
bool valid_blocksize(size_t) const override
Definition mode_pad.h:172

Botan::Null_Padding::output_length
size_t output_length(size_t input_length, size_t) const override
Definition mode_pad.h:174

Botan::Null_Padding::add_padding
void add_padding(std::span< uint8_t >, size_t, size_t) const override
Definition mode_pad.h:164

Botan::Null_Padding::remove_padding
size_t remove_padding(std::span< const uint8_t > last_block) const override
Definition mode_pad.h:170

Botan::OneAndZeros_Padding
Definition mode_pad.h:134

Botan::OneAndZeros_Padding::name
std::string name() const override
Definition mode_pad.h:142

Botan::OneAndZeros_Padding::valid_blocksize
bool valid_blocksize(size_t bs) const override
Definition mode_pad.h:140

Botan::OneAndZeros_Padding::remove_padding
size_t remove_padding(std::span< const uint8_t > last_block) const override
Definition mode_pad.cpp:174

Botan::OneAndZeros_Padding::apply_padding
void apply_padding(std::span< uint8_t > last_block, size_t final_block_bytes) const override
Definition mode_pad.cpp:156

Botan::PKCS7_Padding
Definition mode_pad.h:106

Botan::PKCS7_Padding::remove_padding
size_t remove_padding(std::span< const uint8_t > last_block) const override
Definition mode_pad.cpp:86

Botan::PKCS7_Padding::apply_padding
void apply_padding(std::span< uint8_t > last_block, size_t final_block_bytes) const override
Definition mode_pad.cpp:66

Botan::PKCS7_Padding::valid_blocksize
bool valid_blocksize(size_t bs) const override
Definition mode_pad.h:112

Botan::PKCS7_Padding::name
std::string name() const override
Definition mode_pad.h:114

Botan
Definition alg_id.cpp:13