diff options
| author | Cédric Krier <ced@b2ck.com> | 2016-02-27 00:28:39 +0100 | 
|---|---|---|
| committer | Cédric Krier <ced@b2ck.com> | 2016-02-27 19:24:42 +0100 | 
| commit | 94f9ea25b50a3dd2592abfc63385989955e60e68 (patch) | |
| tree | f9301d7a74915ab2991e732d3034367e82ae65ee /src/_cffi_src/hazmat_src | |
| parent | f8c230d1ab16905c64baa88322aa0bb4e8f094bd (diff) | |
| download | cryptography-94f9ea25b50a3dd2592abfc63385989955e60e68.tar.gz cryptography-94f9ea25b50a3dd2592abfc63385989955e60e68.tar.bz2 cryptography-94f9ea25b50a3dd2592abfc63385989955e60e68.zip | |
Add padding check for ANSI X.923
All padding bytes must be 0.
Diffstat (limited to 'src/_cffi_src/hazmat_src')
| -rw-r--r-- | src/_cffi_src/hazmat_src/padding.c | 24 | ||||
| -rw-r--r-- | src/_cffi_src/hazmat_src/padding.h | 1 | 
2 files changed, 25 insertions, 0 deletions
| diff --git a/src/_cffi_src/hazmat_src/padding.c b/src/_cffi_src/hazmat_src/padding.c index 570bad9f..1a0c869d 100644 --- a/src/_cffi_src/hazmat_src/padding.c +++ b/src/_cffi_src/hazmat_src/padding.c @@ -37,3 +37,27 @@ uint8_t Cryptography_check_pkcs7_padding(const uint8_t *data,      /* Now check the low bit to see if it's set */      return (mismatch & 1) == 0;  } + +uint8_t Cryptography_check_ansix923_padding(const uint8_t *data, +                                            uint8_t block_len) { +    uint8_t i; +    uint8_t pad_size = data[block_len - 1]; +    uint8_t mismatch = 0; +    /* Skip the first one with the pad size */ +    for (i = 1; i < block_len; i++) { +        unsigned int mask = Cryptography_constant_time_lt(i, pad_size); +        uint8_t b = data[block_len - 1 - i]; +        mismatch |= (mask & b); +    } + +    /* Check to make sure the pad_size was within the valid range. */ +    mismatch |= ~Cryptography_constant_time_lt(0, pad_size); +    mismatch |= Cryptography_constant_time_lt(block_len, pad_size); + +    /* Make sure any bits set are copied to the lowest bit */ +    mismatch |= mismatch >> 4; +    mismatch |= mismatch >> 2; +    mismatch |= mismatch >> 1; +    /* Now check the low bit to see if it's set */ +    return (mismatch & 1) == 0; +} diff --git a/src/_cffi_src/hazmat_src/padding.h b/src/_cffi_src/hazmat_src/padding.h index 4d218b1a..fb023c17 100644 --- a/src/_cffi_src/hazmat_src/padding.h +++ b/src/_cffi_src/hazmat_src/padding.h @@ -3,3 +3,4 @@  // repository for complete details.  uint8_t Cryptography_check_pkcs7_padding(const uint8_t *, uint8_t); +uint8_t Cryptography_check_ansix923_padding(const uint8_t *, uint8_t); | 
