From 0e7d2c0f9537d66007a1a914f4c7e5b064f4c6ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 26 Jul 2013 16:05:14 +0200 Subject: [PATCH] Add zero padding --- include/polarssl/cipher.h | 7 ++- library/cipher.c | 34 +++++++++++ tests/suites/test_suite_cipher.aes.data | 60 ++++++++++++++++++++ tests/suites/test_suite_cipher.blowfish.data | 60 ++++++++++++++++++++ tests/suites/test_suite_cipher.camellia.data | 60 ++++++++++++++++++++ tests/suites/test_suite_cipher.des.data | 60 ++++++++++++++++++++ tests/suites/test_suite_cipher.padding.data | 21 +++++++ 7 files changed, 299 insertions(+), 3 deletions(-) diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h index b520d92e01..cf149f6a76 100644 --- a/include/polarssl/cipher.h +++ b/include/polarssl/cipher.h @@ -105,9 +105,10 @@ typedef enum { } cipher_mode_t; typedef enum { - POLARSSL_PADDING_PKCS7 = 0, /**< PKCS7 padding (default) */ - POLARSSL_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding */ - POLARSSL_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding */ + POLARSSL_PADDING_PKCS7 = 0, /**< PKCS7 padding (default) */ + POLARSSL_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding */ + POLARSSL_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding */ + POLARSSL_PADDING_ZEROS, /**< zero padding (not reversible!) */ } cipher_padding_t; typedef enum { diff --git a/library/cipher.c b/library/cipher.c index 1abc47d316..bbde94400d 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -630,6 +630,33 @@ static int get_zeros_and_len_padding( unsigned char *input, size_t input_len, return 0; } +/* + * Zero padding: fill with 00 ... 00 + */ +static void add_zeros_padding( unsigned char *output, + size_t output_len, size_t data_len ) +{ + unsigned char i; + + for( i = data_len; i < output_len; i++ ) + output[i] = 0x00; +} + +static int get_zeros_padding( unsigned char *input, size_t input_len, + size_t *data_len ) +{ + unsigned char *p = input + input_len - 1; + if( NULL == input || NULL == data_len ) + return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; + + while( *p == 0x00 && p > input ) + --p; + + *data_len = *p == 0x00 ? 0 : p - input + 1; + + return 0; +} + int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen) { int ret = 0; @@ -709,6 +736,13 @@ int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode ) return 0; } + if( POLARSSL_PADDING_ZEROS == mode ) + { + ctx->add_padding = add_zeros_padding; + ctx->get_padding = get_zeros_padding; + return 0; + } + return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; } diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data index 0ec541a489..92e45670d6 100644 --- a/tests/suites/test_suite_cipher.aes.data +++ b/tests/suites/test_suite_cipher.aes.data @@ -185,6 +185,66 @@ AES Encrypt and decrypt 49 bytes with zeros and len padding depends_on:POLARSSL_AES_C enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:49:POLARSSL_PADDING_ZEROS_AND_LEN +AES Encrypt and decrypt 0 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:0:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 1 byte with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:1:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 2 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:2:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 7 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:7:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 8 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:8:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 9 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:9:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 15 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:15:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 16 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:16:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 17 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:17:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 31 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:31:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 32 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:32:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 33 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:33:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 47 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:47:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 48 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:48:POLARSSL_PADDING_ZEROS + +AES Encrypt and decrypt 49 bytes with zeros padding +depends_on:POLARSSL_AES_C +enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:49:POLARSSL_PADDING_ZEROS + AES Encrypt and decrypt 0 bytes in multiple parts depends_on:POLARSSL_AES_C enc_dec_buf_multipart:POLARSSL_CIPHER_AES_128_CBC:128:0:0: diff --git a/tests/suites/test_suite_cipher.blowfish.data b/tests/suites/test_suite_cipher.blowfish.data index 9d09611b83..86a5af88b0 100644 --- a/tests/suites/test_suite_cipher.blowfish.data +++ b/tests/suites/test_suite_cipher.blowfish.data @@ -185,6 +185,66 @@ BLOWFISH Encrypt and decrypt 49 bytes with zeros and len padding depends_on:POLARSSL_BLOWFISH_C enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:49:POLARSSL_PADDING_ZEROS_AND_LEN +BLOWFISH Encrypt and decrypt 0 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:0:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 1 byte with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:1:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 2 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:2:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 7 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:7:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 8 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:8:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 9 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:9:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 15 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:15:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 16 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:16:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 17 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:17:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 31 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:31:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 32 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:32:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 32 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:33:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 47 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:47:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 48 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:48:POLARSSL_PADDING_ZEROS + +BLOWFISH Encrypt and decrypt 49 bytes with zeros padding +depends_on:POLARSSL_BLOWFISH_C +enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:49:POLARSSL_PADDING_ZEROS + BLOWFISH Encrypt and decrypt 0 bytes in multiple parts depends_on:POLARSSL_BLOWFISH_C enc_dec_buf_multipart:POLARSSL_CIPHER_BLOWFISH_CBC:128:0:0: diff --git a/tests/suites/test_suite_cipher.camellia.data b/tests/suites/test_suite_cipher.camellia.data index eadd9eb205..cff56797a5 100644 --- a/tests/suites/test_suite_cipher.camellia.data +++ b/tests/suites/test_suite_cipher.camellia.data @@ -185,6 +185,66 @@ CAMELLIA Encrypt and decrypt 49 bytes with zeros and len padding depends_on:POLARSSL_CAMELLIA_C enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:49:POLARSSL_PADDING_ZEROS_AND_LEN +CAMELLIA Encrypt and decrypt 0 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:0:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 1 byte with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:1:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 2 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:2:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 7 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:7:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 8 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:8:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 9 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:9:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 15 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:15:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 16 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:16:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 17 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:17:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 31 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:31:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 32 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:32:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 32 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:33:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 47 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:47:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 48 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:48:POLARSSL_PADDING_ZEROS + +CAMELLIA Encrypt and decrypt 49 bytes with zeros padding +depends_on:POLARSSL_CAMELLIA_C +enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:49:POLARSSL_PADDING_ZEROS + CAMELLIA Encrypt and decrypt 0 bytes in multiple parts depends_on:POLARSSL_CAMELLIA_C enc_dec_buf_multipart:POLARSSL_CIPHER_CAMELLIA_128_CBC:128:0:0: diff --git a/tests/suites/test_suite_cipher.des.data b/tests/suites/test_suite_cipher.des.data index 5bcf6036fa..623fbc7417 100644 --- a/tests/suites/test_suite_cipher.des.data +++ b/tests/suites/test_suite_cipher.des.data @@ -185,6 +185,66 @@ DES Encrypt and decrypt 49 bytes with zeros and len padding depends_on:POLARSSL_DES_C enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:49:POLARSSL_PADDING_ZEROS_AND_LEN +DES Encrypt and decrypt 0 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:0:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 1 byte with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:1:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 2 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:2:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 7 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:7:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 8 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:8:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 9 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:9:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 15 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:15:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 16 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:16:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 17 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:17:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 31 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:31:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 32 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:32:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 32 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:33:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 47 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:47:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 48 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:48:POLARSSL_PADDING_ZEROS + +DES Encrypt and decrypt 49 bytes with zeros padding +depends_on:POLARSSL_DES_C +enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:49:POLARSSL_PADDING_ZEROS + DES Encrypt and decrypt 0 bytes in multiple parts depends_on:POLARSSL_DES_C enc_dec_buf_multipart:POLARSSL_CIPHER_DES_CBC:56:0:0: diff --git a/tests/suites/test_suite_cipher.padding.data b/tests/suites/test_suite_cipher.padding.data index 51bc222b64..b37fa3c329 100644 --- a/tests/suites/test_suite_cipher.padding.data +++ b/tests/suites/test_suite_cipher.padding.data @@ -120,3 +120,24 @@ check_padding:POLARSSL_PADDING_ZEROS_AND_LEN:"000004":POLARSSL_ERR_CIPHER_INVALI Check zeros and len padding #6 (not enough zeros) check_padding:POLARSSL_PADDING_ZEROS_AND_LEN:"DABBAD000004":POLARSSL_ERR_CIPHER_INVALID_PADDING:0 + +Check zeros padding #1 (correct) +check_padding:POLARSSL_PADDING_ZEROS:"DABBAD00":0:3 + +Check zeros padding #2 (correct) +check_padding:POLARSSL_PADDING_ZEROS:"DABBAD0000":0:3 + +Check zeros padding #3 (correct) +check_padding:POLARSSL_PADDING_ZEROS:"DABBAD":0:3 + +Check zeros padding #4 (correct) +check_padding:POLARSSL_PADDING_ZEROS:"000000":0:0 + +Check no padding #1 (correct by definition) +check_padding:POLARSSL_PADDING_NONE:"DABBAD00":0:4 + +Check no padding #2 (correct by definition) +check_padding:POLARSSL_PADDING_NONE:"DABBAD0001":0:5 + +Check no padding #3 (correct by definition) +check_padding:POLARSSL_PADDING_NONE:"":0:0