From ac56a1aec430ab48ae4f7c5cc1d2735cbc93f2e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 25 Jul 2013 12:31:10 +0200 Subject: [PATCH] Make cipher_set_padding() actually work (Only one padding mode recognized yet.) --- include/polarssl/cipher.h | 4 ++++ library/cipher.c | 44 +++++++++++++++++++++++++-------------- 2 files changed, 32 insertions(+), 16 deletions(-) diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h index 48fe97dab..aa0c42a65 100644 --- a/include/polarssl/cipher.h +++ b/include/polarssl/cipher.h @@ -202,6 +202,10 @@ typedef struct { /** Operation that the context's key has been initialised for */ operation_t operation; + /** Padding functions to use, if relevant for cipher mode */ + void (*add_padding)( unsigned char *output, size_t olen, size_t data_len ); + int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len ); + /** Buffer for data that hasn't been encrypted yet */ unsigned char unprocessed_data[POLARSSL_MAX_IV_LENGTH]; diff --git a/library/cipher.c b/library/cipher.c index d2c8ab373..d0000b271 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -323,6 +323,11 @@ int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ) ctx->cipher_info = cipher_info; + /* + * Ignore possible errors caused by a cipher mode that doesn't use padding + */ + (void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_PKCS7 ); + return 0; } @@ -368,18 +373,6 @@ int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; } -int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode ) -{ - if( NULL == ctx || - POLARSSL_MODE_CBC != ctx->cipher_info->mode || - POLARSSL_PADDING_PKCS7 != mode ) - { - return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; - } - - return 0; -} - int cipher_reset( cipher_context_t *ctx, const unsigned char *iv ) { if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv ) @@ -543,8 +536,8 @@ static void add_pkcs_padding( unsigned char *output, size_t output_len, output[data_len + i] = (unsigned char) padding_len; } -static int get_pkcs_padding( unsigned char *input, unsigned int input_len, - size_t *data_len) +static int get_pkcs_padding( unsigned char *input, size_t input_len, + size_t *data_len ) { unsigned int i, padding_len = 0; @@ -585,7 +578,7 @@ int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen) { if( POLARSSL_ENCRYPT == ctx->operation ) { - add_pkcs_padding( ctx->unprocessed_data, cipher_get_iv_size( ctx ), + ctx->add_padding( ctx->unprocessed_data, cipher_get_iv_size( ctx ), ctx->unprocessed_len ); } else if ( cipher_get_block_size( ctx ) != ctx->unprocessed_len ) @@ -604,7 +597,8 @@ int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen) /* Set output size for decryption */ if( POLARSSL_DECRYPT == ctx->operation ) - return get_pkcs_padding( output, cipher_get_block_size( ctx ), olen ); + return ctx->get_padding( output, cipher_get_block_size( ctx ), + olen ); /* Set output size for encryption */ *olen = cipher_get_block_size( ctx ); @@ -614,6 +608,24 @@ int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen) return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE; } +int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode ) +{ + if( NULL == ctx || + POLARSSL_MODE_CBC != ctx->cipher_info->mode ) + { + return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; + } + + if( POLARSSL_PADDING_PKCS7 == mode ) + { + ctx->add_padding = add_pkcs_padding; + ctx->get_padding = get_pkcs_padding; + return 0; + } + + return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; +} + #if defined(POLARSSL_SELF_TEST) #include