2022-02-25 10:26:30 +08:00
|
|
|
package padding
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"errors"
|
|
|
|
|
|
|
|
|
|
"github.com/emmansun/gmsm/internal/subtle"
|
|
|
|
|
)
|
|
|
|
|
|
2022-04-20 08:36:44 +08:00
|
|
|
// https://www.ibm.com/docs/en/linux-on-systems?topic=processes-ansi-x923-cipher-block-chaining
|
2022-02-25 10:26:30 +08:00
|
|
|
type ansiX923Padding uint
|
|
|
|
|
|
|
|
|
|
func (pad ansiX923Padding) BlockSize() int {
|
|
|
|
|
return int(pad)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (pad ansiX923Padding) Pad(src []byte) []byte {
|
|
|
|
|
overhead := pad.BlockSize() - len(src)%pad.BlockSize()
|
|
|
|
|
ret, out := subtle.SliceForAppend(src, overhead)
|
|
|
|
|
out[overhead-1] = byte(overhead)
|
|
|
|
|
for i := 0; i < overhead-1; i++ {
|
|
|
|
|
out[i] = 0
|
|
|
|
|
}
|
|
|
|
|
return ret
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-09 08:49:41 +08:00
|
|
|
// Unpad decrypted plaintext, non-constant-time
|
2022-02-25 10:26:30 +08:00
|
|
|
func (pad ansiX923Padding) Unpad(src []byte) ([]byte, error) {
|
|
|
|
|
srcLen := len(src)
|
|
|
|
|
if srcLen == 0 || srcLen%pad.BlockSize() != 0 {
|
2022-02-25 11:45:34 +08:00
|
|
|
return nil, errors.New("ansi x9.23: src length is not multiple of block size")
|
2022-02-25 10:26:30 +08:00
|
|
|
}
|
|
|
|
|
paddedLen := src[srcLen-1]
|
|
|
|
|
if paddedLen == 0 || int(paddedLen) > pad.BlockSize() {
|
|
|
|
|
return nil, errors.New("ansi x9.23: invalid padding length")
|
|
|
|
|
}
|
|
|
|
|
for _, b := range src[srcLen-int(paddedLen) : srcLen-1] {
|
|
|
|
|
if b != 0 {
|
|
|
|
|
return nil, errors.New("ansi x9.23: invalid padding bytes")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return src[:srcLen-int(paddedLen)], nil
|
|
|
|
|
}
|
